[TLS] Comments on cached info at TLS meeting

Stefan Santesson <stefan@aaa-sec.com> Fri, 31 July 2009 11:46 UTC

Return-Path: <stefan@aaa-sec.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3380B3A69DA for <tls@core3.amsl.com>; Fri, 31 Jul 2009 04:46:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.852
X-Spam-Level:
X-Spam-Status: No, score=-0.852 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VQDD1aHm+M9l for <tls@core3.amsl.com>; Fri, 31 Jul 2009 04:46:30 -0700 (PDT)
Received: from s87.loopia.se (s87.loopia.se [194.9.95.113]) by core3.amsl.com (Postfix) with ESMTP id 0D6533A6D64 for <TLS@ietf.org>; Fri, 31 Jul 2009 04:46:25 -0700 (PDT)
Received: (qmail 15921 invoked from network); 31 Jul 2009 11:46:24 -0000
Received: from s34.loopia.se (HELO s57.loopia.se) ([194.9.94.70]) (envelope-sender <stefan@aaa-sec.com>) by s87.loopia.se (qmail-ldap-1.03) with AES256-SHA encrypted SMTP for <TLS@ietf.org>; 31 Jul 2009 11:46:24 -0000
Received: (qmail 92766 invoked from network); 31 Jul 2009 11:46:19 -0000
Received: from dhcp-15f1.meeting.ietf.org (HELO [130.129.21.241]) (stefan@fiddler.nu@[130.129.21.241]) (envelope-sender <stefan@aaa-sec.com>) by s57.loopia.se (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for <TLS@ietf.org>; 31 Jul 2009 11:46:19 -0000
User-Agent: Microsoft-Entourage/12.20.0.090605
Date: Fri, 31 Jul 2009 13:46:19 +0200
From: Stefan Santesson <stefan@aaa-sec.com>
To: TLS wg <TLS@ietf.org>
Message-ID: <C698A62B.3AC7%stefan@aaa-sec.com>
Thread-Topic: Comments on cached info at TLS meeting
Thread-Index: AcoR1ISq1JdPWHfMEE23Lw3azRBGIQ==
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3331892779_16320993"
Subject: [TLS] Comments on cached info at TLS meeting
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2009 11:46:34 -0000

Recap of comments on cached info during the IETF meeting in Stockholm.

Simon thought that it would be OK to send just the hash as replacement for
the cached data if the client treats the hash as an index that identifies
the replaced data. Doing so avoids guessing by the client. A clarification
should be made in the draft.

Eric made a comment on Jabber that ³now that I see this problem suggested,
this seems pretty gross from an implementation perspective. I think I'd
prefer that the cache hits be returned explicitly in the extension²

I interpret this to mean that Eric wants the server to acknowledge exactly
what data it will replace when it sends its server hello.
This means that we have different opinions on the list whether the server
have to know what data it will replace at server hello exchange.
I¹m personally pretty agnostic about this, but we need to agree on one
approach.

Other than that it was suggested that other objects could be of interest to
define in the draft. We may see proposals on the list.

/Stefan