IETF Logo Mail Archive

[TLS] PRF Negotiation - Finished "gotcha"

Michael StJohns <msj@nthpermutation.com> Fri, 18 April 2014 15:05 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8260E1A0236 for <tls@ietfa.amsl.com>; Fri, 18 Apr 2014 08:05:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bNg8WsW0-YUM for <tls@ietfa.amsl.com>; Fri, 18 Apr 2014 08:05:27 -0700 (PDT)
Received: from mail-qc0-f169.google.com (mail-qc0-f169.google.com [209.85.216.169]) by ietfa.amsl.com (Postfix) with ESMTP id 4645D1A0158 for <tls@ietf.org>; Fri, 18 Apr 2014 08:05:27 -0700 (PDT)
Received: by mail-qc0-f169.google.com with SMTP id i17so1796613qcy.14 for <tls@ietf.org>; Fri, 18 Apr 2014 08:05:23 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:content-type:content-transfer-encoding; bh=dlkyEZCy+lMygvdtgf/rVfV97iOw1ubkZmoYnm2Q4Ss=; b=hZh8SUu5fNfH8VUh69i0gxg0W6mhQiSVKJ32IGB1u6BEQpA/kkHNe3EV1l+PrcFYk9 L7gvID50En+JG40slNjR3EAgj7YoWcNcV5J/D/ZfY/GVxGZi2S33HiYxUBk7Wj0LpNYD wOJJeakxpaIcNKS7WV8tvB5A30/69zchI7A+di9G2WbD+7lIOZBFl3Lt7TBE6wGog4vL FChq+Wrm+n3tqCRH2Snpvc1+QT/lHcy5CIEHWqejlRno/p9z4vPBEkSkW6zp8XzAgnDI nT8cigSDBxObjiNFG6mCsaaceyZibKiuX8wuLoOob0XPn2exswJa2rkaM5i7ySH9So32 /WFg==
X-Gm-Message-State: ALoCoQmmMXeQbMQKLsK+kEcLioJnl5hefBFp2kRQylX4MONNBD7XmF2LSjJ9CcQUAMGRD1GBrlc8
X-Received: by 10.224.166.210 with SMTP id n18mr21456996qay.6.1397833523032; Fri, 18 Apr 2014 08:05:23 -0700 (PDT)
Received: from [192.168.1.105] (c-68-34-113-195.hsd1.md.comcast.net. [68.34.113.195]) by mx.google.com with ESMTPSA id s13sm56101943qag.19.2014.04.18.08.05.22 for <tls@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 18 Apr 2014 08:05:22 -0700 (PDT)
Message-ID: <53513F36.7050106@nthpermutation.com>
Date: Fri, 18 Apr 2014 11:05:26 -0400
From: Michael StJohns <msj@nthpermutation.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/nCtcvnxPOJxHPpSdHGEqWi5GU3A
Subject: [TLS] PRF Negotiation - Finished "gotcha"
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Apr 2014 15:05:32 -0000

As I was working through the "finished" message email I just sent, I 
realized something about PRF negotiation.   The client, when it sends a 
ClientHello, doesn't necessarily know which PRF it will be using 
(assuming there are multiple PRFs defined in the offered cipher suites) 
until it gets the ServerHello back.  I think that means that the client 
either needs to keep a copy of the ClientHello around (or the data to 
rebuild it), or needs to keep multiple HASH states - one for each PRF 
algorithm.

It may be useful to add a paragraph on PRF negotiation implications that 
provides this guidance.


Mike

v2.23.0 | Report a Bug | By Email