[TLS] Test server available for Opaque PRF Input extension

Simon Josefsson <simon@josefsson.org> Sun, 23 September 2007 08:18 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IZMfD-0003k5-Rm; Sun, 23 Sep 2007 04:18:03 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IZMfC-0003Vz-N5 for tls@ietf.org; Sun, 23 Sep 2007 04:18:02 -0400
Received: from yxa.extundo.com ([83.241.177.38]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IZMey-0004vp-0a for tls@ietf.org; Sun, 23 Sep 2007 04:17:54 -0400
Received: from mocca.josefsson.org (yxa.extundo.com [83.241.177.38]) (authenticated bits=0) by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id l8N8HMZr009622 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <tls@ietf.org>; Sun, 23 Sep 2007 10:17:22 +0200
X-Hashcash: 1:22:070923:tls@ietf.org::i/O+uUDnCq+SQRq5:0ZQJq
From: Simon Josefsson <simon@josefsson.org>
To: tls@ietf.org
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
Date: Sun, 23 Sep 2007 10:17:25 +0200
Message-ID: <87vea1kd7u.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Status: No, score=-0.0 required=4.0 tests=SPF_PASS autolearn=disabled version=3.1.1
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
X-Virus-Status: Clean
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc:
Subject: [TLS] Test server available for Opaque PRF Input extension
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

All,

There is a test server running that supports the Opaque PRF Input
extension, see:

http://www.gnu.org/software/gnutls/server.html

The test server uses the extension value 42 until a value have been
properly allocated with IANA.  Btw, I think the current allocation
policy in TLS is harmful to deployment of TLS extensions.  It should be
possible to get an early allocation for interop.

For the announcement of GnuTLS v2.1.0 (an experimental branch) with this
support, see:

http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2328

If someone wants to do interop tests, please try it directly against the
server or contact me for assistance.

I have one final comment on the document, it says:

        struct {
            opaque opaque_prf_input_value<0..2^16-1>;
        } OpaquePRFInput;

However it is not clear what a length of zero means.  It would not
contribute to the PRF computation.  Thus negotiation of the extension
with empty strings may give a false sense of security.  I don't think
the extension should be negotiated at all if the length is zero, and
that is enforced by our implementation.  One modification to the
document could be:

        struct {
            opaque opaque_prf_input_value<1..2^16>;
        } OpaquePRFInput;

But the problem could also be handled by adding some text.

Generally, having some discussion on recommended lengths of the opaque
prf input data in the document would be useful.

Thanks,
Simon

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls