IETF Logo Mail Archive

Re: [TLS] Call for acceptance of draft-moeller-tls-downgrade-scsv

Kurt Roeckx <kurt@roeckx.be> Fri, 24 January 2014 18:58 UTC

Return-Path: <kurt@roeckx.be>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 307C41A00C4 for <tls@ietfa.amsl.com>; Fri, 24 Jan 2014 10:58:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YcUW4j-M6gTq for <tls@ietfa.amsl.com>; Fri, 24 Jan 2014 10:58:31 -0800 (PST)
Received: from defiant.e-webshops.eu (defiant.e-webshops.eu [82.146.122.140]) by ietfa.amsl.com (Postfix) with ESMTP id 49C111A00A9 for <tls@ietf.org>; Fri, 24 Jan 2014 10:58:31 -0800 (PST)
Received: from intrepid.roeckx.be (localhost [127.0.0.1]) by defiant.e-webshops.eu (Postfix) with ESMTP id 3D9181C215C; Fri, 24 Jan 2014 19:58:29 +0100 (CET)
Received: by intrepid.roeckx.be (Postfix, from userid 1000) id 020161FE019C; Fri, 24 Jan 2014 19:58:28 +0100 (CET)
Date: Fri, 24 Jan 2014 19:58:28 +0100
From: Kurt Roeckx <kurt@roeckx.be>
To: Martin Rex <mrex@sap.com>
Message-ID: <20140124185828.GA617@roeckx.be>
References: <CABcZeBP_-MUonYYsxgz2ZdokiEDVhx4mYq1a4BMayuGbbxb2Gg@mail.gmail.com> <20140124185222.1FD4B1ABCA@ld9781.wdf.sap.corp>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20140124185222.1FD4B1ABCA@ld9781.wdf.sap.corp>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Call for acceptance of draft-moeller-tls-downgrade-scsv
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jan 2014 18:58:33 -0000

On Fri, Jan 24, 2014 at 07:52:22PM +0100, Martin Rex wrote:
> Eric Rescorla wrote:
> > WG Members,
> > 
> > This message is a call for acceptance of
> > http://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01
> > 
> > As a TLS WG item.
> > 
> > Please provide any comments on this action by Feb 7.
> 
> -1
> 
> I'm strongly opposed to a scheme whose only purpose in life is
> to make TLS handshakes _fail_ based on bogus heuristics by the
> wrong communication peer.

I'm not sure I understand you.  Which heuristics do you mean?

The client is telling the server to drop the connection (under
some conditions).  The client is in control of sending this or
not.


Kurt

v2.23.0 | Report a Bug | By Email