Re: [TLS] Cached Info extension - Draft 01
Simon Josefsson <simon@josefsson.org> Wed, 24 June 2009 12:25 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 067E13A6C30 for <tls@core3.amsl.com>; Wed, 24 Jun 2009 05:25:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[AWL=-0.003, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3T0U7uhJoWT5 for <tls@core3.amsl.com>; Wed, 24 Jun 2009 05:25:21 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id 8AE983A6BFE for <tls@ietf.org>; Wed, 24 Jun 2009 05:25:19 -0700 (PDT)
Received: from mocca.josefsson.org (c80-216-24-60.bredband.comhem.se [80.216.24.60]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5) with ESMTP id n5OCODGa014226 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 24 Jun 2009 14:24:15 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Stefan Santesson <stefan@aaa-sec.com>
References: <C65D9F60.2A8B%stefan@aaa-sec.com> <C667D009.2C9D%stefan@aaa-sec.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090624:stefan@aaa-sec.com::mumTGVNY2nYMt6id:Ifb
X-Hashcash: 1:22:090624:tls@ietf.org::C1d3cu1Ibq0BrFcG:6rBz
X-Hashcash: 1:22:090624:martin.rex@sap.com::kDu8FbK0bbj6N5iq:fvLe
Date: Wed, 24 Jun 2009 14:24:13 +0200
In-Reply-To: <C667D009.2C9D%stefan@aaa-sec.com> (Stefan Santesson's message of "Wed, 24 Jun 2009 12:43:53 +0200")
Message-ID: <87ljnhn7ki.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Cc: TLS wg <tls@ietf.org>, Martin Rex <Martin.Rex@sap.com>
Subject: Re: [TLS] Cached Info extension - Draft 01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jun 2009 12:25:22 -0000
Stefan Santesson <stefan@aaa-sec.com> writes: > It was not my intention to kill off this discussion with this new draft. > > I¹m wandering whether the silence is a sign of agreement, vacation or just a > giving up that the author will ever listen to reasonable arguments... I still prefer Martin's proposal to add framing, but could live with your approach. A mild problem that I don't think is fully covered yet is the complexity in transition to new hashes -- clients will forever need to send SHA-1 hashes to the server, it seems, to ensure interoperability? Or should the document contain some text that explains that servers should pick the "preferred" hash it supports, and that clients should cache that choice for future use? Additional text would then be needed to explain that if clients try the new hash later on, and it doesn't work, it should revert back to SHA-1 in case the server software was changed to not support the other hash. This aspects doesn't feel completely baked yet to me. > /Stefan > > > On 09-06-16 7:13 PM, "Stefan Santesson" <stefan@aaa-sec.com> wrote: > >> I decided it was easier to explain my suggestions by incorporating it into a >> new draft and submit it. >> >> Draft 01 is currently in staging at: >> http://www.ietf.org/proceedings/staging/draft-ietf-tls-cached-info-01.txt >> >> This indicates by no means that I think we have reached an agreement on this >> issue, but it at least we have a version that represents a better starting >> point for change discussions. >> >> I did however include Simon¹s suggested wording amendment in the beginning of >> section 4. >> >> /Stefan >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Cached Info extension - Draft 01 Stefan Santesson
- Re: [TLS] Cached Info extension - Draft 01 Stefan Santesson
- Re: [TLS] Cached Info extension - Draft 01 Simon Josefsson
- Re: [TLS] Cached Info extension - Draft 01 Martin Rex
- Re: [TLS] Cached Info extension - Draft 01 Stefan Santesson
- Re: [TLS] Cached Info extension - Draft 01 Florian Weimer
- Re: [TLS] Cached Info extension - Draft 01 Martin Rex
- Re: [TLS] Cached Info extension - Draft 01 Stefan Santesson
- Re: [TLS] Cached Info extension - Draft 01 Martin Rex
- Re: [TLS] Cached Info extension - Draft 01 Stefan Santesson
- Re: [TLS] Cached Info extension - Draft 01 Martin Rex