IETF Logo Mail Archive

Re: [TLS] simplistic renego protection

David-Sarah Hopwood <david-sarah@jacaranda.org> Thu, 19 November 2009 02:00 UTC

Return-Path: <djhopwood@googlemail.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 832D23A6809 for <tls@core3.amsl.com>; Wed, 18 Nov 2009 18:00:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7p1+3AqUAGKb for <tls@core3.amsl.com>; Wed, 18 Nov 2009 17:59:59 -0800 (PST)
Received: from ey-out-2122.google.com (ey-out-2122.google.com [74.125.78.24]) by core3.amsl.com (Postfix) with ESMTP id 13B7A3A687D for <tls@ietf.org>; Wed, 18 Nov 2009 17:59:58 -0800 (PST)
Received: by ey-out-2122.google.com with SMTP id 25so358121eya.51 for <tls@ietf.org>; Wed, 18 Nov 2009 17:59:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=FnLgwbwWtaK8mwGapEAKQSC52BiafIxohhA8F684w+I=; b=mqbj3XSJovAAayoqDy8s8Dq+6rfTeYezaTmV48AHTyRnI6mqcxiekp4g/FLQiFpFkd bZ3izs2pSmpCaIC+cCtSm9qwYH+4AgqH1ASKTnryrxtqH96JfRd6zg/+9fLdFiX0myxn 8W9SCKq3PtMvTuQdxKXzJ7DstKB7b8xyYTHBw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type; b=V+j+Ayh4Yb61faU1d+iyZ6wy0LU4hfyIjbSx7VMql+4DSLJhhmii/pH4BCm+dDPk0w ro5mYkksJM2y3nA+fHUk6YytC2Xjas2RUs7mCx/BFhosKok+rd47hqhYbX9OVGTc/gJB SWmJNJQTZWX7cxnjuu7PbA1Tqv+zd9gA3wUIo=
Received: by 10.213.100.161 with SMTP id y33mr2228597ebn.2.1258595993370; Wed, 18 Nov 2009 17:59:53 -0800 (PST)
Received: from ?192.168.0.2? (5e0212a1.bb.sky.com [94.2.18.161]) by mx.google.com with ESMTPS id 15sm29282ewy.12.2009.11.18.17.59.51 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 18 Nov 2009 17:59:52 -0800 (PST)
Sender: David-Sarah Hopwood <djhopwood@googlemail.com>
Message-ID: <4B04A694.30505@jacaranda.org>
Date: Thu, 19 Nov 2009 01:59:48 +0000
From: David-Sarah Hopwood <david-sarah@jacaranda.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666
MIME-Version: 1.0
To: tls@ietf.org
References: <200911181436.nAIEagLv024549@fs4113.wdf.sap.corp>
In-Reply-To: <200911181436.nAIEagLv024549@fs4113.wdf.sap.corp>
X-Enigmail-Version: 0.96.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------enig4334A3077741C20E6F722642"
Subject: Re: [TLS] simplistic renego protection
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2009 02:00:00 -0000

Martin Rex wrote:
> Michael D'Errico wrote:
>> You forgot to mention:
>>
>> 4.3.  SSLv3
>>
>>     SSLv3 does not support extensions and thus it is not possible to
>>     securely renegotiate with SSLv3.  Deployments wishing to renegotiate
>>     securely will need to upgrade to at least TLS 1.0.
>>
>> Is there some secret agenda to kill off SSLv3?  What is the point
>> of that?  SSLv3 accounts for more than one-in-five connections as
>> reported to this list.  There is an alternate proposal that does not
>> have this limitation, and is better in many other respects.  Why do
>> you keep pushing this one?
> 
> This statement about SSLv3 actually reverts history.
> 
> The fact is, that SSLv3 has THE EXACT SAME provisions for
> TLS extensions as TLSv1.0.
> 
> But TLS extensions seems to exclude _itself_ from being used with SSLv3
> -- which looks like a pretty bad idea, given that the extensibility
> of TLSv1.0 and SSLv3 is verbatim the same.

Neither RFC 3546 nor RFC 4366 mention SSL at all. They do not exclude
the extension mechanism from being used with SSL. That usage is not
standardized by IETF because SSL is not described in any non-draft IETF
document (a decision that I disagree with; I think that SSLv3 should have
been documented in an informational RFC).

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com

v2.23.0 | Report a Bug | By Email