Re: [TLS] RFC5746: Renegotiation Indication for minimal servers
"Bauer Johannes (HOME/EFS)" <Johannes.Bauer@bosch.com> Wed, 03 August 2016 14:07 UTC
Return-Path: <Johannes.Bauer@bosch.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E69E12DCBD for <tls@ietfa.amsl.com>; Wed, 3 Aug 2016 07:07:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.02
X-Spam-Level:
X-Spam-Status: No, score=-7.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bosch.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EGCJr-QgRAvM for <tls@ietfa.amsl.com>; Wed, 3 Aug 2016 07:07:20 -0700 (PDT)
Received: from smtp6-v.fe.bosch.de (smtp6-v.fe.bosch.de [139.15.237.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89CB812DC4F for <tls@ietf.org>; Wed, 3 Aug 2016 06:59:32 -0700 (PDT)
Received: from vsmta14.fe.internet.bosch.com (unknown [10.4.98.54]) by imta24.fe.bosch.de (Postfix) with ESMTP id 6761BD8022E; Wed, 3 Aug 2016 15:59:15 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bosch.com; s=2015-01-21; t=1470232755; bh=F+T+Gjt514oySXduPX5cWBKh2s+Y6w3R8Na8gipRQUc=; l=10; h=From:From:Reply-To:Sender; b=VKeNlgJuLhwUH0l7eqL5P4WnWAyPDtLy80V+uPkNLXdJiQ5J2hEOa5x+Yp+oX8/hh aP00Rf/74jPgesPm9HcY8731/i19bYJAZDfVK9Zvm90LyI4LcFv7XGw9l0p8ijqASg Y2eTZqXwXkHRu6OpGKiT1x1ju127JhoLlJQvPqns=
Received: from SI-MBX1015.de.bosch.com (vsgw22.fe.internet.bosch.com [10.4.98.11]) by vsmta14.fe.internet.bosch.com (Postfix) with ESMTP id 2C89EA40310; Wed, 3 Aug 2016 15:59:15 +0200 (CEST)
Received: from FE-MBX1015.de.bosch.com (10.3.230.73) by SI-MBX1015.de.bosch.com (10.3.230.37) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 3 Aug 2016 15:59:14 +0200
Received: from FE-MBX1015.de.bosch.com ([fe80::256d:ef59:31f1:323f]) by FE-MBX1015.de.bosch.com ([fe80::256d:ef59:31f1:323f%16]) with mapi id 15.00.1178.000; Wed, 3 Aug 2016 15:59:14 +0200
From: "Bauer Johannes (HOME/EFS)" <Johannes.Bauer@bosch.com>
To: Benjamin Kaduk <bkaduk@akamai.com>
Thread-Topic: [TLS] RFC5746: Renegotiation Indication for minimal servers
Thread-Index: AQHR7MJvU2wvbTQxuUivvvKs9ZJJXKA1khQAgAAp0U7//+VmgIABowJM
Date: Wed, 03 Aug 2016 13:59:14 +0000
Message-ID: <1470232754152.68803@bosch.com>
References: <9edc2222b4e141538875ff62ca3be22e@FE-MBX1015.de.bosch.com> <CACsn0c=GN_f1UhoyzbRATgn_+C-0nK_aqx_MSaY2PnSuKeXcog@mail.gmail.com> <1470148363699.24362@bosch.com>, <4ff68fa1-0d8e-ed1e-064c-8bb5bbf5935a@akamai.com>
In-Reply-To: <4ff68fa1-0d8e-ed1e-064c-8bb5bbf5935a@akamai.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.35.28.73]
X-TM-AS-Product-Ver: IMSS-7.1.0.1679-8.0.0.1202-22490.006
x-tm-as-result: No--36.812700-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: multipart/alternative; boundary="_000_147023275415268803boschcom_"
MIME-Version: 1.0
X-TM-AS-MML: disable
X-TMASE-MatchedRID: ufrcWL8w4aRJJDuM6qazTt35+5/2RxqmzJmqByfAaS2rzPs85fwUk8+c wCLpvDnEyLM3fIW7EpPqls0VZLxwO8U9PLpBsUYW6Zzj+kMRBrYlBKvI9NWIX2yZJ8/t392lkqO 2AbVSuPwjS7ssOLM5LyWyEfCJu9vRKmzIo+yV5o9tD1qg9KZYkVAI6wCVrE3vI/wYF6KKoMPaj9 /xSaV+b6mbwieu8yiCVrG6IYC9CcIHtbzbuedXjVPjo7D4SFg4EQn/YzVoovedYFRaUAqcE9Srq PZHzcuEy4iz7RMbp/FDZSkBhDFqipqyd2+pD08T547kEFZFT02+CP3vLx6KVqIiUozBB8xrDWI1 DnlsVGsPjcygpUCE8B3Ju+pmIrzGmNrlAIQG7r+WPQ9PzUcaKnzIY7d2+Tz9StFk/81wIJKY2sp SGP3t2CqO1+vEcPReZs76viGG3wGpvxu3mLBTOyI9MxSOQ6CSXgqwd9ijktAUtdRZTmEaIQLVL/ qx/ph44ACDWfJ2QnAjSorByreWzDe/ugX/fMWnOU88jCSC5MYtlZY1WAfRjQLO3+bb7Ofo4J/B1 ev1TO0nlz+21M/WjIAy6p60ZV62HRcIXG0b6Kij/IVP6PIDIpx+7GyJjhAUANfm9zN31SVUs5dT ObL2s6fUqLdl9YnWCc8vBJN6mFs82cpqSFYk4LJQof7Tc9NZFNApWWqrSUWiNvVt9DoQS3HC8sm oAuSHwL6SxPpr1/I=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lT2nXL95mN3O2gkTsQhcDz2-BV0>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RFC5746: Renegotiation Indication for minimal servers
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2016 14:07:24 -0000
Hi Ben, On Tue, Aug 2, 2016 at 17:05, Benjamin Kaduk wrote: > The next step is for someone to write proposed text that would be more clear. > Maybe you have thoughts about how things could change? Sure, I can give it a shot. Below is my proposal. Curious to hear your thoughts on it. I propose slight wording changes in three parts and a new Sect. 4.6 which sums up what is to do for minimal implementations. Cheers, Johannes Sect. 3.4 (Client Behavior: Initial Handshake) o When the handshake has completed, the client needs to save the client_verify_data and server_verify_data values for future use. could be clarified as follows: o When the handshake has completed, a client that supports renegotiation needs to save the client_verify_data and server_verify_data values for future use. Sect. 3.6 (Server Behavior: Initial Handshake) o When the handshake has completed, the server needs to save the client_verify_data and server_verify_data values for future use. could be clarified as follows: o When the handshake has completed, a server that supports renegotiation needs to save the client_verify_data and server_verify_data values for future use. Sect 4.3 (Server Considerations) In order to enable clients to probe, even servers that do not support renegotiation MUST implement the minimal version of the extension described in this document for initial handshakes, thus signaling that they have been upgraded. could be clarified as follows: In order to enable clients to probe, even servers that do not support renegotiation MUST implement the minimal version of the extension described in this document for initial handshakes, thus signaling that they do not suffer from an insecure renegotiation vulnerability. New Sect 4.6 (Minimal Implementation) Signaling that insecure renegotiation is not supported is a useful effect of the adaptation of this RFC regardless of whether or not a specific implementation supports renegotation or not. Since minimal implementations typically do not support renegotation, they also are implicitly not vulnerable to the attacks described in the beginning of this document. Therefore it is sufficient for clients that do not support any kind of renegotation to simply include the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the ClientHello, as described in Sect. 3.4. For TLS servers which do not support renegotiation, it is sufficient to parse ClientHello messages for either the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value or an empty renegotiation_info TLS extension. In either cases, the server MUST respond with an empty renegotation_info TLS extension, as described in Sect. 3.6. Neither servers nor clients which do not support renegotiation will therefore have the need to store additional variable data in memory during runtime. -- Johannes Bauer Engineering Field Services (HOME/EFS) Robert Bosch Smart Home GmbH | Schockenriedstr. 17 | 70565 Stuttgart-Vaihingen | GERMANY | www.bosch-smarthome.com<http://www.bosch-smarthome.com> Tel. +49(711)81112906 | johannes.bauer@bosch.com Registergericht: Amtsgericht Stuttgart, HRB 754585; Geschäftsführung: Dr. Peter Schnaebele, Veronika Danner
- Re: [TLS] RFC5746: Renegotiation Indication for m… Bauer Johannes (HOME/EFS)
- Re: [TLS] RFC5746: Renegotiation Indication for m… Benjamin Kaduk
- Re: [TLS] RFC5746: Renegotiation Indication for m… Bauer Johannes (HOME/EFS)
- Re: [TLS] RFC5746: Renegotiation Indication for m… Watson Ladd
- [TLS] RFC5746: Renegotiation Indication for minim… Bauer Johannes (HOME/EFS)
- Re: [TLS] RFC5746: Renegotiation Indication for m… Sean Turner
- Re: [TLS] RFC5746: Renegotiation Indication for m… Martin Thomson
- Re: [TLS] RFC5746: Renegotiation Indication for m… Karthikeyan Bhargavan