IETF Logo Mail Archive

Re: [TLS] Heartbleed / protocol complexity

Nico Williams <nico@cryptonector.com> Fri, 11 April 2014 16:17 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E23571A06EC for <tls@ietfa.amsl.com>; Fri, 11 Apr 2014 09:17:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.556
X-Spam-Level: *
X-Spam-Status: No, score=1.556 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334, MANGLED_BACK=2.3, MIME_8BIT_HEADER=0.3] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oFXTdjznHOcU for <tls@ietfa.amsl.com>; Fri, 11 Apr 2014 09:17:39 -0700 (PDT)
Received: from homiemail-a35.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id C332A1A02C5 for <tls@ietf.org>; Fri, 11 Apr 2014 09:17:33 -0700 (PDT)
Received: from homiemail-a35.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a35.g.dreamhost.com (Postfix) with ESMTP id 75B5554058 for <tls@ietf.org>; Fri, 11 Apr 2014 09:17:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type:content-transfer-encoding; s= cryptonector.com; bh=49Z4BMDBm8vV8jzAyA8JRZI5O+w=; b=J3tH/gQqJim r7q7BTroUmPYDKPH4cb4PqdRdib/n6ZvPveSuuTZ24UiP5OYtksXPMld4FEm3g/l uxNxt1OVLIWWlylVEVHfc1z0vTMSt+yvUSS0xjvhgxOORdYnXlqdFLcMQs0gdPml Omb51mZCRZiBWynLQd815n+BILzNfFe0=
Received: from mail-wi0-f181.google.com (mail-wi0-f181.google.com [209.85.212.181]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a35.g.dreamhost.com (Postfix) with ESMTPSA id 2A0C654075 for <tls@ietf.org>; Fri, 11 Apr 2014 09:17:32 -0700 (PDT)
Received: by mail-wi0-f181.google.com with SMTP id hm4so1292067wib.8 for <tls@ietf.org>; Fri, 11 Apr 2014 09:17:30 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.211.116 with SMTP id nb20mr3063483wic.5.1397233050805; Fri, 11 Apr 2014 09:17:30 -0700 (PDT)
Received: by 10.217.129.197 with HTTP; Fri, 11 Apr 2014 09:17:30 -0700 (PDT)
In-Reply-To: <20140411164746.5503c4f8@hboeck.de>
References: <20140409232505.0d6e02b8@hboeck.de> <CABkgnnX1hrEOmuorkx6st-0V4WAv4YQ9GjiWRtYQyeu6HTXLcA@mail.gmail.com> <20140411164746.5503c4f8@hboeck.de>
Date: Fri, 11 Apr 2014 11:17:30 -0500
Message-ID: <CAK3OfOhRqdkH1RXPy_Wqc+thPraJ1yS7SSLiwOF--U4XL3qA2w@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Hanno Böck <hanno@hboeck.de>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/kzuRVHaF_00BGo-egspScStutJU
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Heartbleed / protocol complexity
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Apr 2014 16:17:44 -0000

On Fri, Apr 11, 2014 at 9:47 AM, Hanno Böck <hanno@hboeck.de> wrote:
> While we're at it:
> Can anyone name me what real-world applications use TLS Heartbeat with
> TCP? Or any use at all?

I can't think of existing applications that need it in TLS-over-TCP today.

For DTLS (over UDP, natch) this extension is needed for PMTUD.

Nico
--

v2.23.0 | Report a Bug | By Email