Re: [TLS] RFC 6066 - Max fragment length negotiation
Hannes Tschofenig <hannes.tschofenig@gmx.net> Sun, 19 March 2017 09:58 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CE6C1201FA for <tls@ietfa.amsl.com>; Sun, 19 Mar 2017 02:58:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.396
X-Spam-Level:
X-Spam-Status: No, score=-5.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.796, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uLIwqR4vRdT3 for <tls@ietfa.amsl.com>; Sun, 19 Mar 2017 02:58:39 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50F21120046 for <tls@ietf.org>; Sun, 19 Mar 2017 02:58:38 -0700 (PDT)
Received: from [192.168.91.180] ([80.92.121.218]) by mail.gmx.com (mrgmx101 [212.227.17.168]) with ESMTPSA (Nemesis) id 0MIzGn-1cncrV0gI5-002Tpz; Sun, 19 Mar 2017 10:58:36 +0100
To: Joseph Birr-Pixton <jpixton@gmail.com>, tls@ietf.org
References: <CACaGApnuePX7x4_4nj=z6=+xXbEyHRL9yr7TW96_yxVDo2eKkw@mail.gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <4ce566ef-f81b-0392-0461-2823105e9016@gmx.net>
Date: Sun, 19 Mar 2017 10:58:34 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <CACaGApnuePX7x4_4nj=z6=+xXbEyHRL9yr7TW96_yxVDo2eKkw@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="09E4qxuv1VnuHxkbvCAkxkKxHERq9cARW"
X-Provags-ID: V03:K0:kK7WrTlW1tW7t0kWZrNFkek752yJjcnQdNWPu4TzVRrfuBZnX08 H2mpMbBHOR7UTajRmB5ugbzyopqjVgmvl/0c/tYcOn05j2zc2TLIqB/ezEvnZXu6KilJE7/ 1zvF0mIQcOO4GZkKkr9O5IyhlCoB23brO3EyrcbWdairyo1XmGtC/l2Ll7wdmlY94IuEBeK DeQb1lCM214kEXXIzIrmg==
X-UI-Out-Filterresults: notjunk:1;V01:K0:lXqb0TfZWhk=:H71VBGrwp71rqlQ2SpVtjz 1OCsP+aEmkXNB75r3Q1QoLlqN0TpWFGvjLlSO6n7wf3lfV3cRZFcgc6/EpYrh0gHERhVgQtTn 9WIEHHaU5y3SmJ/7Pw1xyfykdK3UtNkGnDtUvn6HqCVcDPRQP2HcSniSNxvqe91v4B2dShqLM WfLLgMUxco5yVeQw8kaBIuJYvrIoIMNuiVcRypAtXrBB0sbnoL9X5kk1ZdlxvYj16cA9DQuIf hU2IexEZpFvNGx9RcygErvDK2eMaoh2jyZUWGzKMAAeYzi2GScsLBW3FWeYkePofpYUdWJm+c BYa8LiOqJBdT7wMFrKzWJPNbwP0T6AhmFI9X3liZvnHEjwETPeqa/soZDaK954hQ7mvHJ3Zgn 4/SpDMHt45/zYU7ukdKdY6SX6eSal29pQTOqYktpCke6zvbg5AGAjuvp8LKOnb3oq5WFh3X66 81iLqm+W+wt3YSmcNS4NVUZcQomj36ERIAFFD/kIeyX0eHPlPBnglg7PPotbMAzqW0HeIxhy+ C+kwWY3fl2q5zcKR12NXIvwEjHWSi3BE6WrvgB8X0NdPKyb9amT+n/iXxchG0fcx677Crbse2 SGgAQAvVZtw4Tffn559WrsRXoPd5bcaE8zkXi29FWwhqluMjh+qRUxgKysX9uZ43FQ0MviN7G GGmLytmhEYdxcw2w61qNzM7VIv36OtxsKh7wf10V6LSgJoOEufEDvFs+JJEaHCjcDO2/2QA4f r8skQWVy/i+hKnANFA1VTSP0/fRtB7PocUWRda4DnprXS9IBBloxO5B3Kdc=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/dtWWeWS1IPS_5qAH5UAwu7kv-V8>
Subject: Re: [TLS] RFC 6066 - Max fragment length negotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Mar 2017 09:58:44 -0000
Hi Joe, thanks for pointing this out. I will talk to our mbed TLS team to find out what the status of this issue is. Ciao Hannes On 03/18/2017 10:17 AM, Joseph Birr-Pixton wrote: > On 17 March 2017 at 16:01, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote: >> Here are my 5 cents: we implement this extension in our mbed TLS stack > > With the greatest of respect, mbedtls *doesn't* implement > max_fragment_length[1], because it doesn't fragment handshake messages > as required by the spec. Attempts to use it with a conforming peer > will fail to handshake. > > When I came across this a year or so ago, I concluded that nobody > could have actually deployed max_fragment_length using mbedtls. > > Cheers, > Joe > > [1] https://github.com/ARMmbed/mbedtls/issues/387 > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] RFC 6066 - Max fragment length negotiation Nitin Shrivastav
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Yoav Nir
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Yoav Nir
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Nitin Shrivastav
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Nitin Shrivastav
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Eric Rescorla
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Thomas Pornin
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Ilari Liusvaara
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Ilari Liusvaara
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Hannes Tschofenig
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Hannes Tschofenig
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Hannes Tschofenig
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Thomas Pornin
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Ilari Liusvaara
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Joseph Birr-Pixton
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Joseph Birr-Pixton
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Hannes Tschofenig
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Nitin Shrivastav
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Sheehe, Charles J. (GRC-LCA0)
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Thomas Pornin
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Nikos Mavrogiannopoulos
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Hannes Tschofenig
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Eric Rescorla
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Eric Rescorla
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Thomson
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Eric Rescorla
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Martin Rex
- Re: [TLS] RFC 6066 - Max fragment length negotiat… Peter Gutmann