Re: [TLS] Opera 10.50 alpha snapshot with TLS Renego extension support

Wan-Teh Chang <wtc@google.com> Sat, 23 January 2010 17:09 UTC

Return-Path: <wtc@google.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 696A73A6949 for <tls@core3.amsl.com>; Sat, 23 Jan 2010 09:09:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.977
X-Spam-Level:
X-Spam-Status: No, score=-105.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1t8JUzZXS6vZ for <tls@core3.amsl.com>; Sat, 23 Jan 2010 09:09:33 -0800 (PST)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.33.17]) by core3.amsl.com (Postfix) with ESMTP id 6A1883A67E9 for <tls@ietf.org>; Sat, 23 Jan 2010 09:09:33 -0800 (PST)
Received: from wpaz17.hot.corp.google.com (wpaz17.hot.corp.google.com [172.24.198.81]) by smtp-out.google.com with ESMTP id o0NH9QWx019503 for <tls@ietf.org>; Sat, 23 Jan 2010 17:09:27 GMT
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1264266567; bh=B2duBnMpGMjYvMdVt68fbw4TnFo=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type:Content-Transfer-Encoding; b=Yrz26LZpGOl9vOVIseHSE5LLZKUgaRzusHlYulr9AutTjVwUJwMA090WjAZCw9VPy v/y8t2b66OzQ+1bJj+y9w==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:date:message-id:subject:from:to: cc:content-type:content-transfer-encoding:x-system-of-record; b=Isk50L8H+7CJnR3SSiSy22pnOEMhaC1Cmk3HtikF7B94/O9gu0cLseY7P1F+KFs8L fEQMsTKQBI4zVMC+YLTpg==
Received: from ey-out-2122.google.com (eye22.prod.google.com [10.208.5.22]) by wpaz17.hot.corp.google.com with ESMTP id o0NH9Pe2016311 for <tls@ietf.org>; Sat, 23 Jan 2010 09:09:25 -0800
Received: by ey-out-2122.google.com with SMTP id 22so451168eye.45 for <tls@ietf.org>; Sat, 23 Jan 2010 09:09:25 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.93.77 with SMTP id k55mr1584607wef.196.1264266564978; Sat, 23 Jan 2010 09:09:24 -0800 (PST)
In-Reply-To: <op.u6zq0sb5qrq7tp@acorna.oslo.opera.com>
References: <op.u6zq0sb5qrq7tp@acorna.oslo.opera.com>
Date: Sat, 23 Jan 2010 09:09:24 -0800
Message-ID: <e8c553a61001230909v3cf8ea42t9e900f00cb5554c1@mail.gmail.com>
From: Wan-Teh Chang <wtc@google.com>
To: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-System-Of-Record: true
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Opera 10.50 alpha snapshot with TLS Renego extension support
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jan 2010 17:09:34 -0000

On Sat, Jan 23, 2010 at 7:08 AM, Yngve N. Pettersen (Developer Opera
Software ASA) <yngve@opera.com>; wrote:
> Hello all,
>
> Today Opera Software released a snapshot of Opera 10.50 alpha with support
> for the TLS RenegotiationInfo extension.
>
> Server vendors should note the following:
>
>    * The RI extension is sent in all handshakes using extensions
>    * The SCSV is only sent when we do not know if the server supports
> extensions (implied: Patched servers always support the RI extension)

Could you clarify one issue -- when you send SCSV, do you also
send an empty RI extension?  Your second bullet point implies
that when you send SCSV, you don't send any extension.  But
that contradicts your first bullet point, that you send the RI
extension in *all* handshakes.

>    * Against known patched servers Opera 10.50 will ONLY send Client Hellos
> identifying TLS 1.2 as the highest supported version, and will abort ongoing
> handshakes if it not already identifying with TLS 1.2. It will **NOT** fall
> back to an older version if negotiation fails. Patched servers are assumed
> to be version tolerant.

I don't understand what you meant by "will abort ongoing handshakes
if it not already identifying with TLS 1.2".

>    * It is a fatal error for a server (identified by hostname and port) to
> first indicate support for RI, then later (in the same session) fail to
> indicate support.

In the same browsing session or in the same SSL session?

Thanks for the statistics on various TLS server implementation
errors.

Wan-Teh