Re: [TLS] Warning alert before TLS 1.3 ServerHello
Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 10 May 2018 03:47 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95C0812E8D4 for <tls@ietfa.amsl.com>; Wed, 9 May 2018 20:47:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6U7nXdDIfDOL for <tls@ietfa.amsl.com>; Wed, 9 May 2018 20:47:56 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [108.5.242.66]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D027D12E8B1 for <tls@ietf.org>; Wed, 9 May 2018 20:47:56 -0700 (PDT)
Received: from [192.168.1.161] (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id 9292E7A3309 for <tls@ietf.org>; Thu, 10 May 2018 03:47:54 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <CABkgnnWMHmTtjdW0cyN9SHRhEGC+D6adKyPNH4K=JmpKeHiRiQ@mail.gmail.com>
Date: Wed, 09 May 2018 23:47:52 -0400
Content-Transfer-Encoding: quoted-printable
Reply-To: TLS WG <tls@ietf.org>
Message-Id: <D9C0941E-B5B4-42B0-B35E-D6E963D56EB4@dukhovni.org>
References: <EB30106F-F089-4A2B-845E-FF560399DD55@nerd.ninja> <CABcZeBO8_nHpxRZgeeH3wvP7hAYQGwDAu4vcYmjoZTmpOeoXqw@mail.gmail.com> <CABkgnnWMHmTtjdW0cyN9SHRhEGC+D6adKyPNH4K=JmpKeHiRiQ@mail.gmail.com>
To: TLS WG <tls@ietf.org>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fzbGJ7qtn55JaxA9d0FiEQH7KYs>
Subject: Re: [TLS] Warning alert before TLS 1.3 ServerHello
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 03:47:59 -0000
> On May 9, 2018, at 10:07 PM, Martin Thomson <martin.thomson@gmail.com> wrote: > > This alert is actually fairly common (though I'm surprised to see OpenSSL > still doing it) and clients need to handle it, unfortunately. I may be misreading the code, but it sure looks like the alert is only sent if the application callback for the server name extension asks OpenSSL to do that. The application can just decline the extension and let the handshake continue with a default certificate... Is the surprise that the alert is sent, or that it is a warning, or something else? -- -- Viktor.
- [TLS] Warning alert before TLS 1.3 ServerHello Roelof duToit
- Re: [TLS] Warning alert before TLS 1.3 ServerHello Eric Rescorla
- Re: [TLS] Warning alert before TLS 1.3 ServerHello Martin Thomson
- Re: [TLS] Warning alert before TLS 1.3 ServerHello Viktor Dukhovni
- Re: [TLS] Warning alert before TLS 1.3 ServerHello Martin Thomson
- Re: [TLS] Warning alert before TLS 1.3 ServerHello R duToit
- Re: [TLS] Warning alert before TLS 1.3 ServerHello Martin Thomson