Re: [TLS] TLSFlags ambiguity
David Benjamin <davidben@chromium.org> Wed, 27 September 2023 21:50 UTC
Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64B12C151063 for <tls@ietfa.amsl.com>; Wed, 27 Sep 2023 14:50:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.256
X-Spam-Level:
X-Spam-Status: No, score=-9.256 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NxwEcljDJzEM for <tls@ietfa.amsl.com>; Wed, 27 Sep 2023 14:50:37 -0700 (PDT)
Received: from mail-yb1-xb2e.google.com (mail-yb1-xb2e.google.com [IPv6:2607:f8b0:4864:20::b2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47964C151062 for <tls@ietf.org>; Wed, 27 Sep 2023 14:50:37 -0700 (PDT)
Received: by mail-yb1-xb2e.google.com with SMTP id 3f1490d57ef6-d776e1f181bso13900746276.3 for <tls@ietf.org>; Wed, 27 Sep 2023 14:50:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1695851436; x=1696456236; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=89n7bJTuUc6evp+DyTJ/YQA34BRjx8tfsiKBgfqoV3U=; b=nwAl+rDqFpzawyV82rZH0XdKZn2LUNXFT9cF+IHJAUlWBe+kWAecgWXn6MAKgBEyGT zFo4cbkcJlNx1CSOgmHoBwShTSZHTZcC5g3buwK1uUy+LaTOEz/0vxlrZ5ijHK5ELbMV PeMPrCFHstKTdjzKILXPv9fgZHUcDXIdZLvWU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695851436; x=1696456236; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=89n7bJTuUc6evp+DyTJ/YQA34BRjx8tfsiKBgfqoV3U=; b=DoHWMCydooDor8AnD73yS5HlTF+UVL5mDWRbGyCwbf1YN0KJKB/LyC6T8CaZ09ZI/x xoblhHzV/4r+cIfHwCfGJn/RR4znF0+o6wwMI0itF6mn18u+8pVfdlN4tSfDgoGOyaJP Ato15Ll1RGsIlViZBrU5lHMtvIM4soI6XYa1Y2HbTjbQJAfccrs7EJCJnX6cEpyV8/cb nyI8O66AvQjbTIddL1qtGUQLtx0lJOTx6h7BOVAE/RqFMSwnNn1jy7nLjHylfbHTRph8 vaouaiCJepm4vmL6g4YfDu5eRcPM1RDPl+LFJiMBdRDT/9cveB6zSG509tF2WHL6kDeR nAJQ==
X-Gm-Message-State: AOJu0YzBssysRCAaqkzr2S6HcNXG7jhEmUj6pxnoXQEmB17+AXjTbF1F 4iJMTBfWMVkLa14kCd1HBtFECPeVkX7VN7FMmmnF
X-Google-Smtp-Source: AGHT+IFHFpNezxsNKrooSuTiECE7ukGKEqLdO8O7XIwDBGhvrpLEWcUvrp6o/DfUOEQbvNYiMyzI5X6IOs5IGsi1nGA=
X-Received: by 2002:a25:d10f:0:b0:d16:f35b:a35f with SMTP id i15-20020a25d10f000000b00d16f35ba35fmr3043714ybg.40.1695851435965; Wed, 27 Sep 2023 14:50:35 -0700 (PDT)
MIME-Version: 1.0
References: <CACykbs2EtsmB-V0BjgYeo4GNeUSnZ1jKo6eKQMOVMwsShPaw8w@mail.gmail.com>
In-Reply-To: <CACykbs2EtsmB-V0BjgYeo4GNeUSnZ1jKo6eKQMOVMwsShPaw8w@mail.gmail.com>
From: David Benjamin <davidben@chromium.org>
Date: Wed, 27 Sep 2023 17:50:20 -0400
Message-ID: <CAF8qwaCWVf=D+A1XkcJ5vaYjZ9PduzrakN5jEe3toHNfgQ-Txw@mail.gmail.com>
To: Jonathan Hoyland <jonathan.hoyland@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006f58bb06065e2ec7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jYQSqGpL_jHrfTK5oMkDHljWeVY>
Subject: Re: [TLS] TLSFlags ambiguity
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Sep 2023 21:50:41 -0000
Nice catch! I agree those don't match. I think bit zero should be the least-significant bit. That is, we should leave the examples as-is and then fix the specification text. Ordering bits MSB first doesn't make much sense. Unlike bytes, there is no inherent order to bits in memory, so the most natural order is the power of two represented by the bit. Put another way, everyone accesses bit N by ANDing with 1 << N and that's least-significant bits first. I can think of a couple systems (DER, GCM) that chose to order bits most-significant first and both have caused endless confusion and problems. (It's particularly bad for GCM which is actually representing a polynomial, but then messed up the order. Let's not repeat this blunder.) On Fri, Sep 15, 2023 at 1:37 PM Jonathan Hoyland <jonathan.hoyland@gmail.com> wrote: > Hi TLSWG, > > I'm working on implementing the TLS Flags extension > <https://datatracker.ietf.org/doc/html/draft-ietf-tls-tlsflags-12>, and I > just wanted to clarify a potential ambiguity in the spec. > > In Section 2 the spec says: > Such documents will have to define which bit to set to show support, and > the order of the bits within the bit string shall be enumerated in network > order: bit zero is the high-order bit of the first octet as the flags field > is transmitted. > > And also gives the example for encoding bit zero: > For example, if we want to encode only flag number zero, the FlagExtension > field will be 1 octet long, that is encoded as follows: > > 00000001 > > In which it seems that the low-order bit of the first octet represents zero. > > I have no preference either way, but when transmitted on the wire, should flag 0 be transmitted as > > 0x01 or 0x80? > > Regards, > > Jonathan > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] TLSFlags ambiguity Jonathan Hoyland
- Re: [TLS] TLSFlags ambiguity David Benjamin
- Re: [TLS] TLSFlags ambiguity David Benjamin
- Re: [TLS] TLSFlags ambiguity StJohns, Michael
- Re: [TLS] TLSFlags ambiguity Sean Turner
- Re: [TLS] TLSFlags ambiguity David Benjamin