Re: [TLS] Call for Consensus on removal of renegotiation
Colm MacCárthaigh <colm@allcosts.net> Wed, 25 June 2014 21:45 UTC
Return-Path: <colm@allcosts.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D4CA1A0646 for <tls@ietfa.amsl.com>; Wed, 25 Jun 2014 14:45:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Level:
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Zye-MZFmBH5 for <tls@ietfa.amsl.com>; Wed, 25 Jun 2014 14:45:32 -0700 (PDT)
Received: from mail-oa0-f47.google.com (mail-oa0-f47.google.com [209.85.219.47]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BCB21A05CB for <tls@ietf.org>; Wed, 25 Jun 2014 14:45:32 -0700 (PDT)
Received: by mail-oa0-f47.google.com with SMTP id n16so2869373oag.34 for <tls@ietf.org>; Wed, 25 Jun 2014 14:45:31 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=8lH22TugM7Iwt+NuLd6XQOKLDI1s3XGVaLYCsHEn7pc=; b=WWDlKCMDNQbzjI914bWPdFQR+tapufgMy6qZEL9hjLRntt2P0r/sx33QKl/pesqYDB Cq2F/DlfARsmi6UZJ22/5ruccj0WYIbepk1kC0RNLwwLGEx9u/i+HslAPNFHDf6JZ82V yLHrOkM4vUnMMy7dlTGSEzzA0EKIYXG7/6i7GPJ//e/BWB+zdUWugyLGAQs1aXTFsLtA t24cSU3em8DkeONErgtGkhy6HpkHugPICoFu8aLb57KHF8oYViEfW8UPw1MNPAVvCg8Q CNUpRiMEfCzzCFLtyZ+hZm640Fed6kN+hvtLvnty2crFwgDgm4vqp/MCcHlHpSo9lWim 5DqA==
X-Gm-Message-State: ALoCoQkpijWRlwkX9c8WJPva1fqKzxs67Q1qoaA5vyZEvYA3AJ4y21xiJa8JkaC6MdwpUz2N/XYV
MIME-Version: 1.0
X-Received: by 10.60.103.76 with SMTP id fu12mr11013352oeb.34.1403732731717; Wed, 25 Jun 2014 14:45:31 -0700 (PDT)
Received: by 10.76.20.164 with HTTP; Wed, 25 Jun 2014 14:45:31 -0700 (PDT)
In-Reply-To: <A19581EC-A67A-4CEC-83D1-542F09429A93@gmail.com>
References: <44DA5A30-015D-40F3-90CA-F15076891BBC@cisco.com> <53AB192F.2040001@fifthhorseman.net> <CAAF6GDdkkuB=Eko55vqaPS9Krc0XmiQk0vo2c_q5n6kydpkYuQ@mail.gmail.com> <B18B3440-8CBF-4B04-B792-F81FBF0CE8AC@gmail.com> <CAAF6GDdsHo1178Hfs8RzERLPDni9SMHB6+nPg0aWBSkxFv_53w@mail.gmail.com> <A19581EC-A67A-4CEC-83D1-542F09429A93@gmail.com>
Date: Wed, 25 Jun 2014 14:45:31 -0700
Message-ID: <CAAF6GDdk26=CDLsjwhkOKWewWwGgTGZpX1mh6=pDN_DycU7w4Q@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
To: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/dEseon2PADWwDHSl7Pa6UOpmdfY
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Call for Consensus on removal of renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jun 2014 21:45:33 -0000
On Wed, Jun 25, 2014 at 2:39 PM, Yoav Nir <ynir.ietf@gmail.com> wrote: > I disagree. Suppose we did a telnet-over-tls protocol (yes, of course somebody’s already done it). > > When I’m logged in through telnet (or SSH, or telnet-over-tls), I enter some credentials, and I get an environment. It’s fine for the library to take over sockets and such, but the server has to (a) be convinced that the new connection is associated with the same user, and (b) associate the old environment with the new connection. > > I don’t see how you can do that without modifying telnet. Can you? This too seems like a strawman; SSH does not use TLS, and telnet-over-tls is not common. The requirements of securing interactive logins differ enough from TLSs features that those applications have found other solutions entirely. -- Colm
- [TLS] Call for Consensus on removal of renegotiat… Joseph Salowey (jsalowey)
- Re: [TLS] Call for Consensus on removal of renego… Daniel Kahn Gillmor
- Re: [TLS] Call for Consensus on removal of renego… Joseph Salowey (jsalowey)
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Colm MacCárthaigh
- Re: [TLS] Call for Consensus on removal of renego… Russ Housley
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Colm MacCárthaigh
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Colm MacCárthaigh
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Nikos Mavrogiannopoulos
- Re: [TLS] Call for Consensus on removal of renego… Hubert Kario
- Re: [TLS] Call for Consensus on removal of renego… Martin Rex
- Re: [TLS] Call for Consensus on removal of renego… Martin Rex
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Nikos Mavrogiannopoulos
- Re: [TLS] Call for Consensus on removal of renego… Eric Rescorla
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Tapio Sokura
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Peter Gutmann
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… James Cloos
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Eric Rescorla
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Brian Smith
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Andy Lutomirski
- Re: [TLS] Call for Consensus on removal of renego… Peter Gutmann
- Re: [TLS] Call for Consensus on removal of renego… Martin Rex
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Peter Gutmann
- Re: [TLS] Call for Consensus on removal of renego… Steve Checkoway
- Re: [TLS] Call for Consensus on removal of renego… Alyssa Rowan
- Re: [TLS] Call for Consensus on removal of renego… henry.story@bblfish.net