RE: [TLS] TLS 1.2 draft (issue #25 about SSLv2 Hello)

<Pasi.Eronen@nokia.com> Wed, 07 March 2007 15:31 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HOy6b-000600-Mq; Wed, 07 Mar 2007 10:31:05 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HOy6a-0005yS-Nk for tls@ietf.org; Wed, 07 Mar 2007 10:31:04 -0500
Received: from smtp.nokia.com ([131.228.20.171] helo=mgw-ext12.nokia.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HOy6Y-0001lh-Tf for tls@ietf.org; Wed, 07 Mar 2007 10:31:04 -0500
Received: from esebh108.NOE.Nokia.com (esebh108.ntc.nokia.com [172.21.143.145]) by mgw-ext12.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l27FUfO9020070; Wed, 7 Mar 2007 17:31:00 +0200
Received: from esebh104.NOE.Nokia.com ([172.21.143.34]) by esebh108.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 7 Mar 2007 17:30:46 +0200
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by esebh104.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 7 Mar 2007 17:30:45 +0200
x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] TLS 1.2 draft (issue #25 about SSLv2 Hello)
Date: Wed, 7 Mar 2007 17:30:46 +0200
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F2403DB5DE5@esebe105.NOE.Nokia.com>
In-Reply-To: <86mz2q2yc9.fsf@delta.rtfm.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] TLS 1.2 draft (issue #25 about SSLv2 Hello)
Thread-Index: AcdgAxAk68XPiS/PSnCHuQp6o7giEAAyiJpQ
References: <20070305054158.3A09C1CC24@delta.rtfm.com><B356D8F434D20B40A8CEDAEC305A1F2403DB550F@esebe105.NOE.Nokia.com> <86mz2q2yc9.fsf@delta.rtfm.com>
From: <Pasi.Eronen@nokia.com>
To: <ekr@networkresonance.com>
X-OriginalArrivalTime: 07 Mar 2007 15:30:46.0090 (UTC) FILETIME=[9366D2A0:01C760CD]
X-Nokia-AV: Clean
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

ekr@networkresonance.com wrote:
> So, here's what I was trying to say:
> 
> 1. As a TLS 1.2 impl yuou MUST use a 32-byte challenge.
> 2. Downrev impls may use a 16-32 byte challenge at which point
>    you would pad with zeros but in < 1.2 mode.
> 
> That may not be the right thing to say. :)

Ok, now I understood what you meant. But perhaps this spec is 
not really the right place to say what e.g. TLS 1.0 implementations 
should do when TLS 1.0 is negotiated :)

I'd be OK with Mike's proposal ("length MUST be between 16 and 32
bytes, and add that it SHOULD be 32 bytes").

Best regards,
Pasi

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls