IETF Logo Mail Archive

Re: [TLS] Call for acceptance of draft-moeller-tls-downgrade-scsv

Bodo Moeller <bmoeller@acm.org> Mon, 27 January 2014 19:34 UTC

Return-Path: <SRS0=Ipyw=XB=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D9121A007C for <tls@ietfa.amsl.com>; Mon, 27 Jan 2014 11:34:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.464
X-Spam-Level:
X-Spam-Status: No, score=-1.464 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UKkJB_Vuz9AW for <tls@ietfa.amsl.com>; Mon, 27 Jan 2014 11:34:41 -0800 (PST)
Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.9]) by ietfa.amsl.com (Postfix) with ESMTP id 670641A028B for <tls@ietf.org>; Mon, 27 Jan 2014 11:34:41 -0800 (PST)
Received: from mail-ob0-f176.google.com (mail-ob0-f176.google.com [209.85.214.176]) by mrelayeu.kundenserver.de (node=mrbap3) with ESMTP (Nemesis) id 0Lc873-1VOs6D3wWL-00jZev; Mon, 27 Jan 2014 20:34:37 +0100
Received: by mail-ob0-f176.google.com with SMTP id gq1so6902050obb.21 for <tls@ietf.org>; Mon, 27 Jan 2014 11:34:35 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ao5HcL3jl3WozATAGNYoRkJFJCvQ0TkbkZMVFYt8HnU=; b=mtt0uWOWqC6Oz/w+eWuc250el0bC9pBCqRWpTlBNC8aeU7NYSrOUoCWM+xfD8Ucirr n8o14a8rAna3rCFSO35UZj+muElPXcHtPfo9RIux/3tvQGeM0rilRbbiuLHm0L1QctbS KDaYujvFvam+CqtVXA+OZiaKk7OPaIn/aSeXtMDS38fn7+cJpBcF/gvT5YMxFthbSjjh i+uFBy6PnrZks+fMvk7pm97FE0RFrKtcSPSuflKarXr0o6MXya2ATmg5SEC3EN+eKC6C vSX30svlj9S7whHp/py/Dq4TmL9PNhaVK/4WEyx7s1OUcr4O2uGhpWC30B7eRxsCmogN uiFw==
MIME-Version: 1.0
X-Received: by 10.182.22.18 with SMTP id z18mr6426629obe.42.1390851275736; Mon, 27 Jan 2014 11:34:35 -0800 (PST)
Received: by 10.60.170.239 with HTTP; Mon, 27 Jan 2014 11:34:35 -0800 (PST)
In-Reply-To: <52E695D1.5050504@pobox.com>
References: <CABcZeBP_-MUonYYsxgz2ZdokiEDVhx4mYq1a4BMayuGbbxb2Gg@mail.gmail.com> <52E695D1.5050504@pobox.com>
Date: Mon, 27 Jan 2014 20:34:35 +0100
Message-ID: <CADMpkcJ4viFwzU9u0uP41Niaopja8PZFowjOALVr3VA1vJ7Uow@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: Michael D'Errico <mike-list@pobox.com>
Content-Type: multipart/alternative; boundary="001a11332d1639d84004f0f8cca8"
X-Provags-ID: V02:K0:yPb+kSGNppdKgYinZ3Q56G8krZzbrBRyKfnW+bSPcEU H76952R86E6Xm35j2uHdwiAa63ccvMZ2e7iUsyc+FCNL/dZg5Q w4KpRWdyNNUsZSEl3Ku1xj/aL+jERfZR9fZ/imS8jYNIu663hd agdpuf7dB/635cWlFgCR0ApFZELoVO3CJz0ugQsduehsW33QFf s8D4SQfIQJLmlBzHPhvVj5CR+/mQJwOTX+SqIDUXGTAlVBlSEl 3YIaeIDEMnmBMDSQvb8M94eSK75ZhAflTUfJ045WY6mOylXqQj dHVnX8N/rwfcHd/sli76AscZXGmR5dplwQwfrQ6RxJvjIvxpVU l0136dUDWjKZWpxXQTTgcC8IDSGMDOzgqv2uFhv26JbW9aPJ3s ZoxbZX36GRyGjLKx5GTAJpoPjv0VU/DBCJzYROPCNx3rz56XVl QDz1o
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Call for acceptance of draft-moeller-tls-downgrade-scsv
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jan 2014 19:34:43 -0000

Michael D'Errico <mike-list@pobox.com>:


> We should consider whether we can define a single SCSV that a
> client issues when it thinks a server is extension intolerant.
>
> Such an SCSV could be used in conjunction with a normal extension
> used for downgrade protection, if the client gets pushed all the
> way back to TLSv1.0 without extensions, or to SSLv3.
>
> This approach could solve the problem of desiring more SCSVs in
> the future.


Hm, that would mean having the SCSV for special-case downgrade protection
(extension intolerance) and an extension for general-case downgrade
protection (when extension intolerance is not an issue).  That means
requiring more code to be added to servers (to *all* servers, since these
mechanisms only work as intended if all servers support them).  In
practice, what would be gained from that over just having the SCSV and
using it for both?

(If someone really wanted to add a new negotiation mechanism for anything
and allow it to be backported to SSL 3.0 implementations with no extension
support, they'd *still* want a new SCSV for that ...  however, I hope that
with the protocol downgrade issue getting addressed, the need to support
any other new protocol tweak to these obsolete protocol versions will go
away.  For example, draft-gutmann-tls-encrypt-then-mac-05 doesn't need an
SCSV when you can use TLS_FALLBACK_SCSV to avoid falling back to old
protocol versions.)

Bodo

v2.23.0 | Report a Bug | By Email