Re: [TLS] [FORGED] Re: no fallbacks please [was: Downgrade protection, fallbacks, and server time]
Yoav Nir <ynir.ietf@gmail.com> Tue, 07 June 2016 14:36 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89D2812D6A1 for <tls@ietfa.amsl.com>; Tue, 7 Jun 2016 07:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Level:
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObumoFPqbHBB for <tls@ietfa.amsl.com>; Tue, 7 Jun 2016 07:36:09 -0700 (PDT)
Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02E8F12D694 for <tls@ietf.org>; Tue, 7 Jun 2016 07:36:08 -0700 (PDT)
Received: by mail-wm0-x231.google.com with SMTP id m124so117366160wme.1 for <tls@ietf.org>; Tue, 07 Jun 2016 07:36:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=3cn1sVl4E44FKe1PSdOrWtwVGXx1j9l9rS3IIxo9rLw=; b=Sh5Vm30kefCC4kkQxnRmBBuZVkxieBJKa3WRHLvK8yI4QZbaljH5gnk8zz61iBodWL TQukTc1yWBCJXL/BkY2pqspEtSvGO+nRH3ogHg6Isbe3lMhCMejo1XBo+iaf8uer8kH5 VJc403/ILNfqZ7wKnOzlOw13oncoqTiNu3VhHf3BSVVhyIdnU4coks6K06bztkGICCRV 5pxD5NozfId1KxYHNJLvSAm0EWbsl4mbAjAtqUh7LM8ipz2Ct4OiZ/e8qH5AYBSRcLTu 93dMXqkmvMj6dy9mmeS/fUHnlIvrN9b5HAoaKDWnxre0noWsaASJ/d8i+r3EAK7YFOoq FR0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=3cn1sVl4E44FKe1PSdOrWtwVGXx1j9l9rS3IIxo9rLw=; b=JZq5TUQQVLTtH5HPU1NzQggY3ZqFOGgrSGPfWeRxMf2rkNFsN2L5GgV+C5prm1nsn1 7nO9OgS9uIKLt2oFEhF0vukjldPHWcZmuF8XSEMt6uVZO0EGdbCW9FiZ6vVsOFuWnX2B XARn+ST82aayqBdqw5nIProNnbUNWle2IqzBNzujO8io5ndjGSJBLfDpCNrg/u3ELZbj 7y2R3zGpuN6xMwOCuQJRHbeze829LhcxrDXBtrd0DUzU2IC63792JgJqNZQTx7GS5YK5 mhLsYeNCTTWyo45lVgSs5AAXByh2P7wcHKF0+F642ZOSC8Z4BZSvUXRFhwHbb6/D9mD9 TGdg==
X-Gm-Message-State: ALyK8tJXm70Rx/9Ee/6igN9qsoOJvaLQwT6Hn/ndVjBtxqH+KKghvo8kuKFUi5kTF3LtYQ==
X-Received: by 10.28.30.16 with SMTP id e16mr69083wme.20.1465310167554; Tue, 07 Jun 2016 07:36:07 -0700 (PDT)
Received: from [172.24.250.135] (dyn32-131.checkpoint.com. [194.29.32.131]) by smtp.gmail.com with ESMTPSA id db6sm25795343wjb.2.2016.06.07.07.36.02 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 07 Jun 2016 07:36:03 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_67589B2F-99F8-4C43-9E05-16423BB27102"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CAJU8_nU6dN7_GgjkC9c5VJawi91B4SpyvgyYU+_F4HeLtHWUaw@mail.gmail.com>
Date: Tue, 07 Jun 2016 17:36:01 +0300
Message-Id: <19D9A152-3801-44DA-ADF0-345011EDF54D@gmail.com>
References: <CAF8qwaDuGyHOu_4kpWN+c+vJKXyERPJu-2xR+nu=sPzG5vZ+ag@mail.gmail.com> <201606031616.14451.davemgarrett@gmail.com> <1612869.mrh4f7qht5@pintsize.usersys.redhat.com> <201606061453.53336.davemgarrett@gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4C9D3F0@uxcn10-5.UoA.auckland.ac.nz> <CAJU8_nU6dN7_GgjkC9c5VJawi91B4SpyvgyYU+_F4HeLtHWUaw@mail.gmail.com>
To: Kyle Rose <krose@krose.org>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/frpT1yGhdeMhNxmcCpylnqXbnOg>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] [FORGED] Re: no fallbacks please [was: Downgrade protection, fallbacks, and server time]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2016 14:36:10 -0000
I’m not sure this helps. I’ve never installed a server that is version intolerant. TLS stacks from OpenSSL, Microsoft, Java, and most any implementation we can name have been version tolerant forever. Certainly none of us can name any implementation that at any point had a version out that was tolerant (or implementing) TLS 1.2 but intolerant of TLS 1.3. And these are the same implementations we’re likely to participate in a bakeoff or run the suite we create in the hackathon. Yoav > On 7 Jun 2016, at 5:22 PM, Kyle Rose <krose@krose.org> wrote: > > I'm a big fan of the idea of a very strict qualification suite, as well, to try to head off some of these problems before (faulty) implementations proliferate. > > Hackathon? > > Kyle > > On Jun 7, 2016 2:00 AM, "Peter Gutmann" <pgut001@cs.auckland.ac.nz <mailto:pgut001@cs.auckland.ac.nz>> wrote: > Dave Garrett <davemgarrett@gmail.com <mailto:davemgarrett@gmail.com>> writes: > > >Also, as with any new system, we now have the ability to loudly stress to TLS > >1.3+ implementers to not screw it up and test for future-proofing this time > >around. > > I think that's the main contribution of a new mechanism, it doesn't really > matter whether it's communicated as a single value, a list, or interpretive > dance, the main thing is that there needs to be a single location where the > version is given (not multiple locations that can disagree with each other as > for TLS < 1.3), and the spec should include a pseudocode algorithm for dealing > with the version data rather than just "implementations should accept things > that look about right". > > Peter. > _______________________________________________ > TLS mailing list > TLS@ietf.org <mailto:TLS@ietf.org> > https://www.ietf.org/mailman/listinfo/tls <https://www.ietf.org/mailman/listinfo/tls> > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] Downgrade protection, fallbacks, and se… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… Martin Rex
- [TLS] Downgrade protection, fallbacks, and server… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… Eric Rescorla
- Re: [TLS] Downgrade protection, fallbacks, and se… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… Eric Rescorla
- Re: [TLS] Downgrade protection, fallbacks, and se… Martin Thomson
- [TLS] no fallbacks please [was: Downgrade protect… Nikos Mavrogiannopoulos
- Re: [TLS] no fallbacks please [was: Downgrade pro… Yoav Nir
- Re: [TLS] Downgrade protection, fallbacks, and se… Hubert Kario
- Re: [TLS] no fallbacks please [was: Downgrade pro… Hubert Kario
- Re: [TLS] Downgrade protection, fallbacks, and se… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… Viktor Dukhovni
- Re: [TLS] no fallbacks please [was: Downgrade pro… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… Hubert Kario
- Re: [TLS] no fallbacks please [was: Downgrade pro… David Benjamin
- Re: [TLS] Downgrade protection, fallbacks, and se… David Benjamin
- Re: [TLS] no fallbacks please [was: Downgrade pro… Hubert Kario
- Re: [TLS] no fallbacks please [was: Downgrade pro… Hubert Kario
- Re: [TLS] Downgrade protection, fallbacks, and se… Viktor Dukhovni
- Re: [TLS] no fallbacks please [was: Downgrade pro… Martin Thomson
- Re: [TLS] no fallbacks please [was: Downgrade pro… Dave Garrett
- Re: [TLS] no fallbacks please [was: Downgrade pro… Nikos Mavrogiannopoulos
- Re: [TLS] no fallbacks please [was: Downgrade pro… Ilari Liusvaara
- Re: [TLS] no fallbacks please [was: Downgrade pro… Hubert Kario
- Re: [TLS] no fallbacks please [was: Downgrade pro… Xiaoyin Liu
- Re: [TLS] no fallbacks please [was: Downgrade pro… Hubert Kario
- Re: [TLS] no fallbacks please [was: Downgrade pro… Eric Rescorla
- Re: [TLS] no fallbacks please [was: Downgrade pro… Andrei Popov
- Re: [TLS] no fallbacks please [was: Downgrade pro… Eric Rescorla
- Re: [TLS] no fallbacks please [was: Downgrade pro… Viktor Dukhovni
- Re: [TLS] no fallbacks please [was: Downgrade pro… David Benjamin
- Re: [TLS] no fallbacks please [was: Downgrade pro… Dave Garrett
- Re: [TLS] no fallbacks please [was: Downgrade pro… Bill Frantz
- Re: [TLS] Downgrade protection, fallbacks, and se… Yaron Sheffer
- Re: [TLS] Downgrade protection, fallbacks, and se… Stefan Winter
- Re: [TLS] no fallbacks please [was: Downgrade pro… Hubert Kario
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Peter Gutmann
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Peter Gutmann
- Re: [TLS] no fallbacks please [was: Downgrade pro… Dave Garrett
- Re: [TLS] no fallbacks please [was: Downgrade pro… Jeffrey Walton
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Peter Gutmann
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Kyle Rose
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Hubert Kario
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Yoav Nir
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Salz, Rich
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Yoav Nir
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Hubert Kario
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Yoav Nir
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … David Benjamin
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Andrei Popov
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Yuhong Bao
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Dave Garrett
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Hubert Kario
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Hubert Kario
- Re: [TLS] [FORGED] Re: no fallbacks please [was: … Nikos Mavrogiannopoulos
- Re: [TLS] no fallbacks please [was: Downgrade pro… Tony Arcieri