Re: [TLS] sending error alerts: MUST? SHOULD? MAY?

Eric Rescorla <ekr@networkresonance.com> Fri, 09 February 2007 22:33 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HFeJN-00029i-Di; Fri, 09 Feb 2007 17:33:45 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HFeJM-00029d-BM for tls@ietf.org; Fri, 09 Feb 2007 17:33:44 -0500
Received: from laser.networkresonance.com ([198.144.196.2]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HFeJL-00056e-1b for tls@ietf.org; Fri, 09 Feb 2007 17:33:44 -0500
Received: from networkresonance.com (raman.networkresonance.com [198.144.196.3]) by laser.networkresonance.com (Postfix) with ESMTP id C1D075C01E; Fri, 9 Feb 2007 14:41:43 -0800 (PST)
To: Nelson B Bolyard <nelson@bolyard.com>
Subject: Re: [TLS] sending error alerts: MUST? SHOULD? MAY?
In-reply-to: Your message of "Sun, 31 Dec 2006 15:13:24 PST." <45984414.2090209@bolyard.com>
X-Mailer: MH-E 7.4.3; nmh 1.2; XEmacs 21.4 (patch 19)
Date: Fri, 09 Feb 2007 14:33:42 -0800
From: Eric Rescorla <ekr@networkresonance.com>
Message-Id: <20070209224143.C1D075C01E@laser.networkresonance.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Nelson B Bolyard <nelson@bolyard.com>; wrote:
> Last August, I wrote to this list about the lack of "MUST" in the RFCs and
> drafts concerning the use of error and warning alerts.  That message is
> quoted below.  I only got one reply, from Peter Gutmann.
> 
> I really want to see this situation get fixed in TLS 1.2.  What can I do
> to make that happen?  Do I need to submit a draft with the suggested changes?
> Erik, if I send you a set of suggested changes as edits to the current 1.2
> draft, will you incorporate them?

My concern, as I think I mentioned to you privately, is that we not
mandate behaviors that potentially leak security relevant information.
We've had one such situation before with CBC padding. Ultimately,
we really need a review of the security implications of every kind
of error, but not having that I'm reluctant to require behaviors
that haven't been vetted.

The bottom line, then, is that I'd prefer not to change this language
without explicit security analysis for each change.

-Ekr


_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls