Re: [TLS] Fwd: I-D Action:draft-bmoeller-tls-falsestart-00.txt

Martin Rex <mrex@sap.com> Fri, 16 July 2010 19:11 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7198A3A6ACC for <tls@core3.amsl.com>; Fri, 16 Jul 2010 12:11:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.411
X-Spam-Level:
X-Spam-Status: No, score=-9.411 tagged_above=-999 required=5 tests=[AWL=0.838, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7TiPR68326Ua for <tls@core3.amsl.com>; Fri, 16 Jul 2010 12:11:07 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by core3.amsl.com (Postfix) with ESMTP id E56123A6ACE for <tls@ietf.org>; Fri, 16 Jul 2010 12:11:06 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id o6GJBGKj019927 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 16 Jul 2010 21:11:16 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201007161911.o6GJBFIF004373@fs4113.wdf.sap.corp>
To: Nicolas.Williams@oracle.com (Nicolas Williams)
Date: Fri, 16 Jul 2010 21:11:15 +0200 (MEST)
In-Reply-To: <20100716181805.GA23743@oracle.com> from "Nicolas Williams" at Jul 16, 10 01:18:05 pm
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Scanner: Virus Scanner virwal06
X-SAP: out
Cc: tls@ietf.org
Subject: Re: [TLS] Fwd: I-D Action:draft-bmoeller-tls-falsestart-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2010 19:11:10 -0000

Nicolas Williams wrote:
> 
> On Wed, Jul 14, 2010 at 06:11:05PM -0500, Nicolas Williams wrote:
> > Huh, I independently proposed a something similar, though I call it
> > early_start, in April 2009, in draft-williams-tls-app-sasl-opt-03.
> 
> It's likely that early start was Martin Rex's idea first.  At one more
> more IETF meetings we discussed TLS + GSS-API options extensively in
> various IETF jabber rooms (which, IIRC, are archived).


We also talked about it in Jabber during an IETF Meeting, but
IIRC we discussed it first on the TLS WG mailing list in july 2007,
where I suggested this optimization to cut down on the number of round
trips, since Larry considered the number of round trips very important:

http://www.ietf.org/mail-archive/web/tls/current/msg01911.html
http://www.ietf.org/mail-archive/web/tls/current/msg01917.html

I was applying to TLS the GSS-API v2 "PROT_READY" idea,
which was originally proposed by Bob Blakley in the CAT WG in 1995.


Also, I didn't like the idea of messing with the existing TLS handshake
internals, and favoured to perform the GSS-API handshake immediately
after the TLS handshake (potentially piggy-backing the Finished
messages).

http://www.ietf.org/mail-archive/web/tls/current/msg01906.html


-Martin