IETF Logo Mail Archive

Re: [TLS] Expanded alert codes

Eric Rescorla <ekr@rtfm.com> Tue, 22 May 2018 13:22 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 151BD12704A for <tls@ietfa.amsl.com>; Tue, 22 May 2018 06:22:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e-WT8ul_RA3u for <tls@ietfa.amsl.com>; Tue, 22 May 2018 06:22:51 -0700 (PDT)
Received: from mail-ot0-x233.google.com (mail-ot0-x233.google.com [IPv6:2607:f8b0:4003:c0f::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19346126E01 for <tls@ietf.org>; Tue, 22 May 2018 06:22:51 -0700 (PDT)
Received: by mail-ot0-x233.google.com with SMTP id t1-v6so20875380ott.13 for <tls@ietf.org>; Tue, 22 May 2018 06:22:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bYbfLlBaCJlPdHnUCQJZZ3yH0bA+Z89yuTRcdvpwTSM=; b=m7XCNDOpj44fopkh+AcGgT87FpuTKI4EjE1shmDeM/gBtmRQ5JWKJPfkpNn9bOTquB bAMS0t2mM4D11ZkJBYvy7k1B/jnKxkud7N+ddXz/R5piNDpE2mF5HuWJ1hXvImkg4rXK NU0P1vFY08fYAVFY0vie7LpibsHifI07YaDJqIvcyOPNfeDuIZ3hIUjomJA0vz/wjVD7 tSxnZD6vOvM9KPdqOsrl09AbfXnR3DBIEtaPA3sQYunpt1tYf7W48kJlD33RWYb+4DtT E5k5jd0C2uOdV8E8PzmUHzTm853HzZ/azOmzb3NvuPcsuZXVOa5kAkcVdoqXfEHM9IR7 5lPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bYbfLlBaCJlPdHnUCQJZZ3yH0bA+Z89yuTRcdvpwTSM=; b=EBsCktnhBskOauxGcZIWywZTWoi1V50hmvAULUgEip13BIVNjcqRVIIFLo5JAMNlZy L4aoJqsE6M1lX/DBOqu5/03eBOw+eQmQ5WcctbebVeTFyEweRlr1aseGpnbwXwXwBGKW F7wLg1MrYleaZZfTEu8X9goYQw5b4zfsG0WrvGFmuyDY+A7JPZ9SaY8Fx3LoMwBn4rg+ TqjllOGIXPV+ZVPoZ6wdXQBURiB3c3dY1e1C8UvRWV+LW/xF7p9kU9WVvENubZ88liH0 RPJ1/K3E565Gt0Pil8O9xU0ItMwXC0LrDr0ZJMur0dyHIWvbfEUdbNG5RWokZHXZ0bCt RUMg==
X-Gm-Message-State: ALKqPwer7hVxDhO/R6FJj/aO9bGRflcNC+6SF+uC74jmfB+S55Syo7vo OyTqQNmCJGtSnzoUFoCSm+IIwYz33r/G/bR2F7tWMA==
X-Google-Smtp-Source: AB8JxZr0fJqYU0TfGarfr8jLPo6PYZYtyaS3Vh+o86atz5++ZxpepHpVSzmPnHY6QM5KpxNLuHCPIQhdQc/ZvVw78R4=
X-Received: by 2002:a9d:1055:: with SMTP id o21-v6mr17144678oto.371.1526995370511; Tue, 22 May 2018 06:22:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.201.118.130 with HTTP; Tue, 22 May 2018 06:22:10 -0700 (PDT)
In-Reply-To: <5924196.sQIzhslrlE@pintsize.usersys.redhat.com>
References: <CABcZeBNB50jY1odzgVZVKqn8F7TCj1b+A_95yG6f=Nde0KVv+g@mail.gmail.com> <1526904555196.87951@cs.auckland.ac.nz> <5fd52b8b84f844b68b53a4e6e95513a6@LXDOMEXC01.ssidom.com> <5924196.sQIzhslrlE@pintsize.usersys.redhat.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 22 May 2018 06:22:10 -0700
Message-ID: <CABcZeBOGj21ijfPzuLrVNdxYu+rZAv7Rs66tbXi+5gGyn4zaNw@mail.gmail.com>
To: Hubert Kario <hkario@redhat.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>, Ion Larranaga Azcue <ilarra@s21sec.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "Dale R. Worley" <worley@ariadne.com>
Content-Type: multipart/alternative; boundary="000000000000a22d00056ccb50fd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/bqDNGx2CMeyc1EjD6qljPLCUQuI>
Subject: Re: [TLS] Expanded alert codes
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2018 13:22:53 -0000

On Tue, May 22, 2018 at 6:11 AM, Hubert Kario <hkario@redhat.com> wrote:

> On Monday, 21 May 2018 15:47:37 CEST Ion Larranaga Azcue wrote:
> > I would say it's unfair to expect other people to diagnose the problem by
> > claiming "that information was all that was available" because you had
> > access to:
> >
> > - traffic dumps of the failing handshakes
> > - traffic dumps of working handshakes
> > - the possibility to try any number of modifications of the client hello
> to
> > go from a working handshake to a failing handshake in order to identify
> the
> > offending option or parameter - as you are going to have to ask the
> server
> > side to activate extended alerts, you can ask them for server logs, as
> well
> > as traffic dumps of (at least) the failed connections on their side (if
> > they receive any, which is additional information)
> >
> > Besides, I also think it's not fair to claim that when someone disagrees,
> > you are being "shouted down". From what I remember, both sides expressed
> > their opinion, and if you manage to gather consensus your draft will get
> > published. So, I think accusing others of shouting you down is an
> > unfortunate phrase on your side...
>
> you need consensus for Informational RFCs? that's news to me...
>

You need consensus for WG documents in general, though not necessarily for
Informational RFCs through other channels.

With that said, once
https://datatracker.ietf.org/doc/draft-ietf-tls-iana-registry-updates/ is
published, it will not be necessary to have an RFC at all for a code point
registration.

-Ekr

v2.23.0 | Report a Bug | By Email