IETF Logo Mail Archive

Re: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00

Fahima Ahmed Khan Etha <etha4u@gmail.com> Thu, 16 October 2014 04:08 UTC

Return-Path: <etha4u@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC7D81A0151 for <tls@ietfa.amsl.com>; Wed, 15 Oct 2014 21:08:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hPg5flIsXoe5 for <tls@ietfa.amsl.com>; Wed, 15 Oct 2014 21:08:40 -0700 (PDT)
Received: from mail-la0-x22f.google.com (mail-la0-x22f.google.com [IPv6:2a00:1450:4010:c03::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0D771A0054 for <TLS@ietf.org>; Wed, 15 Oct 2014 21:08:39 -0700 (PDT)
Received: by mail-la0-f47.google.com with SMTP id pv20so2168322lab.6 for <TLS@ietf.org>; Wed, 15 Oct 2014 21:08:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=55a24kDaDAstkEZfu5RFxPvDf0cIyqZW+97mkijn5zw=; b=ZNvLfABUWxX4C0Ty2KIHJysAAhZe539rmv/9akzXCIYWZJOzN2ilBhyDxZ03fwjtAC qhJ6cnAN9w3BJp6LkmRynhBBJQj2kfxTPxLH18dZnwLK3qEU0XCq742dAfhMSsf29SuW ng3uIibBVryGeX11OHRpAxpenjQFrZEp9/cFOF+kK1Vap6Z5JxA+RFVaxzgbMzc5ox1X t+sQSTzVBHN3+aYxKSq/1B1Rhx7xF/mciUWS1mnyttS4/3ZNOkcFLgonUEzZaO660HnK Dwgal/ujHkPDLMIuM+tL+V5yy6hffhgx+A0sicwvVTKREy5VSBUH9o4hbIz57GaLWrip /pGA==
MIME-Version: 1.0
X-Received: by 10.113.5.7 with SMTP id ci7mr16982854lbd.9.1413432518054; Wed, 15 Oct 2014 21:08:38 -0700 (PDT)
Received: by 10.25.143.203 with HTTP; Wed, 15 Oct 2014 21:08:37 -0700 (PDT)
In-Reply-To: <CAFewVt40ewzwujJZ8KQYYALnPjBSZnF-bDiVaz54URA6MaqPEg@mail.gmail.com>
References: <2112FCAD-4820-49D9-9871-6501C83A554D@cisco.com> <CABkgnnUxeouqDNhYFGDC2xqUaT8r7zFvAT5U1OUGJwHwCOuOwA@mail.gmail.com> <CADMpkcJKJiTCQXdDbepyiAf22J9VC03DDgiE521n3NsNnFmALA@mail.gmail.com> <CABkgnnWo9KGMkRrmA0wkJ5Dfnzh2Vo-cveCe_UeH71F8K_4oWw@mail.gmail.com> <CADMpkcJpHeKGV-xc4Uon8KWj=+p=6nQO1_rxb6sRN04nFX--gQ@mail.gmail.com> <CABkgnnU8DyzRvvq1e24bUsZdwx48mFOC6KstZaUCbvyQ-WwesQ@mail.gmail.com> <CADMpkc+wXf=SG3=C==SV77YXZdbXnbXspJLRZ1UORPF-WbVMEw@mail.gmail.com> <CAFewVt5mEodyqB6TWCmvOUBek9Bnb43bmw5mAqph-hQU=F=EpA@mail.gmail.com> <CAFewVt40ewzwujJZ8KQYYALnPjBSZnF-bDiVaz54URA6MaqPEg@mail.gmail.com>
Date: Thu, 16 Oct 2014 10:08:37 +0600
Message-ID: <CAF1OrQeA4LEL2dP0Ty+XvggvLaLyf8Kb9aZRuSw361+k80dG8w@mail.gmail.com>
From: Fahima Ahmed Khan Etha <etha4u@gmail.com>
To: TLS@ietf.org
Content-Type: multipart/alternative; boundary="001a1133a890271ad005058267e3"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/pl5KCKxrKihTSYn0FIhc-fdH33M
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Oct 2014 04:08:45 -0000

Dear All,

It might be an off topic. But I am seeking guidance from all of you.

If any hacker group claimed that you are hacked... How to proof or find out
its authenticity?

Please share your view.

Best regards,

Fahima

On 3 October 2014 23:09, Brian Smith <brian@briansmith.org> wrote:

> On Fri, Sep 26, 2014 at 11:58 AM, Brian Smith <brian@briansmith.org>
> wrote:
> > On Fri, Sep 26, 2014 at 12:34 AM, Bodo Moeller <bmoeller@acm.org> wrote:
> >>> I'm OK with that, but if this is the real reason for the MUST, then
> >>> it's not particularly clear.
> >>
> >> Hm, maybe so. I can add a brief note showing how the handshake would
> fail if
> >> the server acts on the SCSV in this case, but I don't think the document
> >> should have to explain why we require the client to omit the SCSV rather
> >> than having the server ignore it. (Why would you want to send it if
> nothing
> >> follows from that?)
> >
> > Here is what the draft actually says:
> >
> >       However, as an exception to the above, when the client intends to
> >       perform an abbreviated handshake to resume a previously negotiated
> >       session and sets ClientHello.client_version to the protocol
> >       version negotiated for that session, the client MUST NOT include
> >       TLS_FALLBACK_SCSV in ClientHello.cipher_suites.
> >
> > So, if the client does NOT set ClientHello.client_version to the
> > version negotiated for that session, then the client MAY send the SCSV
> > in the resumption handshake.
>
> Bodo, could you please reword the above to make it clearer? e.g.:
>
> "However, as an exception to the above, when the client sets
> ClientHello.client_version to the protocol version negotiated for for
> a session that it is trying to resume, and that version is less than
> the ClientHello.client_version it would otherwise send if it were not
> attempting to resume a session, then the client MUST NOT include
> TLS_FALLBACK_SCSV in ClientHello.cipher_suites.
>
> For example, if the client is doing a non-secure fallback, and it is
> resuming a session that previously negotiated TLS 1.0, and it sets
> ClientHello.client_version to TLS 1.1, then TLS_FALLBACK_SCSV must be
> included in ClientHello.cipher_suites. However, as another example, if
> the client is resuming a session that previously negotiated TLS 1.0,
> and it sets ClientHello.client_version to TLS 1.0 to match the version
> number of the session, then it must not include TLS_FALLBACK_SCSV in
> ClientHello.cipher_suites."
>
> > Now, if the server could indicate that it supports the SCSV somehow in
> > its ServerHello, then the client could save that acknowledgement in
>
> Please ignore this suggestion I had about an explicit indicator. It
> isn't important and there are better ways of accomplishing the same
> effect.
>
> Cheers,
> Brian
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.45.0 | Report a Bug | By Email | System Status