Re: [TLS] MS14-066 and the TLS premaster secret version check
Yuhong Bao <yuhongbao_386@hotmail.com> Wed, 26 November 2014 00:37 UTC
Return-Path: <yuhongbao_386@hotmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE63B1A8729 for <tls@ietfa.amsl.com>; Tue, 25 Nov 2014 16:37:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.66
X-Spam-Level:
X-Spam-Status: No, score=-1.66 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mBO29D52Ak01 for <tls@ietfa.amsl.com>; Tue, 25 Nov 2014 16:37:44 -0800 (PST)
Received: from BLU004-OMC4S13.hotmail.com (blu004-omc4s13.hotmail.com [65.55.111.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9341E1A6EE1 for <tls@ietf.org>; Tue, 25 Nov 2014 16:37:44 -0800 (PST)
Received: from BLU177-W2 ([65.55.111.136]) by BLU004-OMC4S13.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.22751); Tue, 25 Nov 2014 16:37:43 -0800
X-TMN: [q7BOBn7BifCAkXlvdSO9t77OZ7Bd251i]
X-Originating-Email: [yuhongbao_386@hotmail.com]
Message-ID: <BLU177-W29DCCEF437786974F9584C3700@phx.gbl>
From: Yuhong Bao <yuhongbao_386@hotmail.com>
To: Andrei Popov <andrei.popov@microsoft.com>, "tls@ietf.org" <tls@ietf.org>, "mrex@sap.com" <mrex@sap.com>
Date: Tue, 25 Nov 2014 16:37:43 -0800
Importance: Normal
In-Reply-To: <BN3PR0301MB12502D23F123924A138DB3F48C730@BN3PR0301MB1250.namprd03.prod.outlook.com>
References: <BLU177-W41509B9090B70F71C074CAC3730@phx.gbl>, <BN3PR0301MB12502D23F123924A138DB3F48C730@BN3PR0301MB1250.namprd03.prod.outlook.com>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 26 Nov 2014 00:37:43.0905 (UTC) FILETIME=[313EFD10:01D00911]
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/jQNkbWi73BYXEX5RgWnE-FhgA_s
Subject: Re: [TLS] MS14-066 and the TLS premaster secret version check
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Nov 2014 00:37:45 -0000
I asked because it backported a lot of Win8.1 SChannel in addition to the security fixes. To be honest, they screwed up the backport of the new GCM cipher suites anyway, and to fix this will require a new SChannel, right? ---------------------------------------- > From: Andrei.Popov@microsoft.com > To: yuhongbao_386@hotmail.com; tls@ietf.org; mrex@sap.com > Subject: RE: [TLS] MS14-066 and the TLS premaster secret version check > Date: Tue, 25 Nov 2014 23:43:03 +0000 > > Hi Yuhong, > > The interop problem related to premaster secret version check is resolved in Win8 and above. > > MS14-066 is not related: it fixes a few security issues we found internally. > > Cheers, > > Andrei > > -----Original Message----- > From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Yuhong Bao > Sent: Tuesday, November 25, 2014 3:07 AM > To: tls@ietf.org; mrex@sap.com > Subject: [TLS] MS14-066 and the TLS premaster secret version check > > Has the incorrect premaster secret version check described in this been fixed in MS14-066: > http://www.ietf.org/mail-archive/web/tls/current/msg08139.html > > Yuhong Bao > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] MS14-066 and the TLS premaster secret versi… Yuhong Bao
- Re: [TLS] MS14-066 and the TLS premaster secret v… Yuhong Bao
- Re: [TLS] MS14-066 and the TLS premaster secret v… Andrei Popov
- Re: [TLS] MS14-066 and the TLS premaster secret v… Yuhong Bao
- Re: [TLS] MS14-066 and the TLS premaster secret v… Andrei Popov
- Re: [TLS] MS14-066 and the TLS premaster secret v… Yuhong Bao
- Re: [TLS] MS14-066 and the TLS premaster secret v… Andrei Popov
- Re: [TLS] MS14-066 and the TLS premaster secret v… Yuhong Bao