IETF Logo Mail Archive

Re: [TLS] Next Protocol Negotiation 03

Michael D'Errico <mike-list@pobox.com> Wed, 25 April 2012 16:42 UTC

Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49C1F21F8697 for <tls@ietfa.amsl.com>; Wed, 25 Apr 2012 09:42:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.339
X-Spam-Level:
X-Spam-Status: No, score=-2.339 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 55N7v4KBJuri for <tls@ietfa.amsl.com>; Wed, 25 Apr 2012 09:42:40 -0700 (PDT)
Received: from sasl.smtp.pobox.com (a-pb-sasl-sd.pobox.com [74.115.168.62]) by ietfa.amsl.com (Postfix) with ESMTP id 74EBB21F8693 for <tls@ietf.org>; Wed, 25 Apr 2012 09:42:40 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id 7139B9505; Wed, 25 Apr 2012 12:42:38 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=RFVzQqrZKbaU k9ZBz6UffiLyuCU=; b=UpRRELT1bz5NzpIZSHOJkPu1a+FQX+rjnQzu2ajxtJdv F4gXqMbPj9bRE/ToELINOawQDl/IMUjF0nwDdJa5CNIhsjk2ak7JAcIpJUa/zNG4 2pekZwXMgCn4m+mVq/4k2WBBQOOXtYWtOKbOk4+HMGjRoA+tAxQYpZAfekodDDM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=kYZju0 OSgI3SSBPNbXj2r5fGVJpXKaUsaMbILPne2gw8Un0nxt4LivmXmIkhCfXk1sUlzj MloHFc52+kAtBvtY5UHxt3e51IJZEopEpNeGCTNLbqvKbgj6kSQWVp194L5Ll/hn UOvBjqDztcAsz+f4/CL1TR09ghTBS3iU8nbIY=
Received: from a-pb-sasl-sd.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id 5297994FB; Wed, 25 Apr 2012 12:42:38 -0400 (EDT)
Received: from iMac.local (unknown [68.224.233.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTPSA id 43C4794FA; Wed, 25 Apr 2012 12:42:37 -0400 (EDT)
Message-ID: <4F982973.1010804@pobox.com>
Date: Wed, 25 Apr 2012 09:42:27 -0700
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: Nikos Mavrogiannopoulos <nmav@gnutls.org>
References: <CAL9PXLy31VzxLidgOy64MnDAyRE=HU=hxyBXW1rgB+Xnd0vKjA@mail.gmail.com> <4F981528.9010903@gnutls.org>
In-Reply-To: <4F981528.9010903@gnutls.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Pobox-Relay-ID: AA649BB6-8EF5-11E1-B783-8BEB728A0A4D-38729857!a-pb-sasl-sd.pobox.com
Cc: tls@ietf.org
Subject: Re: [TLS] Next Protocol Negotiation 03
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Apr 2012 16:42:41 -0000

Nikos Mavrogiannopoulos wrote:
> 
> My understanding is, that instead of having a simple:
> ClientHello: I want protocols A, or B.
> ServerHello: Let's talk A.
> 
> We have
> ClientHello: I want to negotiate a protocol
> ServerHello: I have A or B.
> ...
> Client NPN message: Let's talk A.
> 
> That's really different from any other negotiation in TLS.
> I understand that you might want to hide the protocol that
> they are actually talking, but is this the way to do it?

Hiding the protocol is problematic if the server wants to use
the NextProtocol as part of its certificate selection process.
It would need to be in the ClientHello extension.

Also, if we're going to go down the road of sending Handshake
messages after ChangeCipherSpec (NPN, concealed client cert),
then I'd suggest that there should be no order imposed on these
messages; otherwise the state machine logic could get unwieldy
quickly, not to mention the difficulty in writing the specs.

Further, we should not create another registry of protocol
names (the Google Tech Note lists "http/1.1", "spdy/1", and
"spdy/2" as being in use).  Please leverage the existing IANA
list of well-known services for this (so we don't need to
duplicate definitions for "smtp", "imap4", etc.), along with
the standard "x-" prefix for anything experimental like SPDY
("x-google-spdy-2" as an example).

Mike

v2.23.0 | Report a Bug | By Email