[TLS] Fwd: New Version Notification for draft-pettersen-tls-version-rollback-removal-00.txt
"Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com> Tue, 03 July 2012 16:37 UTC
Return-Path: <yngve@opera.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1A5E21F8786 for <tls@ietfa.amsl.com>; Tue, 3 Jul 2012 09:37:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.074
X-Spam-Level:
X-Spam-Status: No, score=-6.074 tagged_above=-999 required=5 tests=[AWL=-0.525, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_TOWRITE=1.05]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BjDEZ-9rwfGw for <tls@ietfa.amsl.com>; Tue, 3 Jul 2012 09:37:28 -0700 (PDT)
Received: from smtp.opera.com (smtp.opera.com [213.236.208.81]) by ietfa.amsl.com (Postfix) with ESMTP id 9D16521F86D3 for <tls@ietf.org>; Tue, 3 Jul 2012 09:37:27 -0700 (PDT)
Received: from acorna.invalid.invalid (pat-tdc.opera.com [213.236.208.22]) (authenticated bits=0) by smtp.opera.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id q63GbWH8031306 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <tls@ietf.org>; Tue, 3 Jul 2012 16:37:33 GMT
Content-Type: text/plain; charset="iso-8859-15"; format="flowed"; delsp="yes"
References: <20120703074954.1553.31285.idtracker@ietfa.amsl.com>
Date: Tue, 03 Jul 2012 18:37:36 +0200
To: "tls@ietf.org" <tls@ietf.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
Organization: Opera Software AS
Message-ID: <op.wgvpsyt0qrq7tp@acorna.invalid.invalid>
In-Reply-To: <20120703074954.1553.31285.idtracker@ietfa.amsl.com>
User-Agent: Opera Mail/11.64 (Win32)
Subject: [TLS] Fwd: New Version Notification for draft-pettersen-tls-version-rollback-removal-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2012 16:37:28 -0000
Hello all, In light of the recent discussion about using SCSVs to protect against version rollbacks, I decided to write up my own proposal, which is already used in Opera. This method uses the Renego Information (RI) extension as an indication that the server is version and extension intolerant, and require the client to only connect to the server using its highest supported TLS version and extensions when the RI extension is encountered, if necessary restarting the connection to do so. This approach should, according to my testing, work with more than 99.86% of Renego patched servers, using just one connection to establish the connection. Currently, 70% of servers are Renego patched. With respect to the steps in the procedure, under normal conditions the client will be able to establish a connection on the first try with 95% of servers that are not patched for Renego, for the remaining servers (about 1.5% of all servers), one or more attempts using older protocol versions will be needed. If implemented, this method will naturally be obsoleted when clients change to only accept connections with Renego patched servers and remove/disable all code for performing version rollbacks. ------- Forwarded message ------- Subject: New Version Notification for draft-pettersen-tls-version-rollback-removal-00.txt Date: Tue, 03 Jul 2012 09:49:54 +0200 A new version of I-D, draft-pettersen-tls-version-rollback-removal-00.txt has been successfully submitted by Yngve N. Pettersen and posted to the IETF repository. Filename: draft-pettersen-tls-version-rollback-removal Revision: 00 Title: Managing and removing automatic version rollback in TLS Clients Creation date: 2012-07-03 WG ID: Individual Submission Number of pages: 6 URL: http://www.ietf.org/internet-drafts/draft-pettersen-tls-version-rollback-removal-00.txt Status: http://datatracker.ietf.org/doc/draft-pettersen-tls-version-rollback-removal Htmlized: http://tools.ietf.org/html/draft-pettersen-tls-version-rollback-removal-00 Abstract: Ever since vendors started deploying TLS 1.0 clients, these clients have had to handle server implementations that do not tolerate the TLS version supported by the client, usually by automatically signaling an older supported version instead. Such version rollbacks represent a potential security hazard, if the older version should become vulnerable to attacks. The same history repeated when TLS Extensions were introduced, as some servers would not negotiate with clients that sent these protocol extensions, forcing clients to reduce protocol functionality in order to maintain interoperability. This document outlines a procedure to help clients decide when they may use version rollback to maintain interoperability with legacy servers, under what conditions the clients should not allow version rollbacks, such as when the server has indicated support for the TLS Renegotiation Information extension. The intention of this procedure is to limit the use of automatic version rollback to legacy servers and eventually eliminate its use. -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@opera.com Opera Software ASA http://www.opera.com/ Phone: +47 23 69 32 60 Fax: +47 23 69 24 01 ********************************************************************
- [TLS] Fwd: New Version Notification for draft-pet… Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [TLS] Fwd: New Version Notification for draft… Martin Rex
- Re: [TLS] Fwd: New Version Notification for draft… Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [TLS] Fwd: New Version Notification for draft… Martin Rex