Re: [TLS] Summarizing identity change discussion so far

Michael Gray <mickgray@au1.ibm.com> Tue, 08 December 2009 23:14 UTC

Return-Path: <mickgray@au1.ibm.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 741993A6919 for <tls@core3.amsl.com>; Tue, 8 Dec 2009 15:14:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.591
X-Spam-Level:
X-Spam-Status: No, score=-6.591 tagged_above=-999 required=5 tests=[AWL=0.008, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eDLYMKIOq3PE for <tls@core3.amsl.com>; Tue, 8 Dec 2009 15:14:05 -0800 (PST)
Received: from e23smtp04.au.ibm.com (e23smtp04.au.ibm.com [202.81.31.146]) by core3.amsl.com (Postfix) with ESMTP id CB9863A68DB for <tls@ietf.org>; Tue, 8 Dec 2009 15:14:04 -0800 (PST)
Received: from d23relay03.au.ibm.com (d23relay03.au.ibm.com [202.81.31.245]) by e23smtp04.au.ibm.com (8.14.3/8.13.1) with ESMTP id nB8NAaCK004852 for <tls@ietf.org>; Wed, 9 Dec 2009 10:10:36 +1100
Received: from d23av04.au.ibm.com (d23av04.au.ibm.com [9.190.235.139]) by d23relay03.au.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id nB8NDpkM1528038 for <tls@ietf.org>; Wed, 9 Dec 2009 10:13:52 +1100
Received: from d23av04.au.ibm.com (loopback [127.0.0.1]) by d23av04.au.ibm.com (8.14.3/8.13.1/NCO v10.0 AVout) with ESMTP id nB8NDpYq022868 for <tls@ietf.org>; Wed, 9 Dec 2009 10:13:51 +1100
Received: from d23ml003.au.ibm.com (d23ml003.au.ibm.com [9.190.250.22]) by d23av04.au.ibm.com (8.14.3/8.13.1/NCO v10.0 AVin) with ESMTP id nB8NDplC022865 for <tls@ietf.org>; Wed, 9 Dec 2009 10:13:51 +1100
In-Reply-To: <808FD6E27AD4884E94820BC333B2DB774F31D235DE@NOK-EUMSG-01.mgdnok.nokia.com>
To: Pasi.Eronen@nokia.com
X-Mailer: Lotus Notes Release 7.0 HF277 June 21, 2006
Message-ID: <OFAC32CD94.EA3E5645-ON4A257686.007BB8AB-4A257686.007F9697@au1.ibm.com>
From: Michael Gray <mickgray@au1.ibm.com>
Date: Wed, 09 Dec 2009 09:13:36 +1000
X-MIMETrack: Serialize by Router on d23ml003/23/M/IBM(Release 7.0.2FP3HF80 | July 14, 2008) at 09/12/2009 10:20:50
MIME-Version: 1.0
Content-type: text/plain; charset="US-ASCII"
Cc: tls@ietf.org
Subject: Re: [TLS] Summarizing identity change discussion so far
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2009 23:14:06 -0000

<Pasi.Eronen@nokia.com> wrote:

> The security considerations section of this draft has to describe the
> fact that even with this fix, renegotiation does things that will
> surprise application developers, and can cause security
> vulnerabilities for some of them.
>
> That part we cannot avoid -- some text has to be included.
>
> It's not absolutely required that the text makes recommendations how
> to avoid those vulnerabilities, but IMHO it would be a bit strange to
> just describe the security problem without saying anything how to
> avoid it...
>

I support the current wording in section 7 related to identity checking.
However I think it would be preferable to replace MUST with SHOULD in that
section.

- Mick Gray
- IBM

> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls