Re: [TLS] More clarity on resumption and session hash

David Benjamin <> Fri, 29 May 2015 18:14 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 811801B2BAA for <>; Fri, 29 May 2015 11:14:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id M3cK_ga2oh6t for <>; Fri, 29 May 2015 11:14:40 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4001:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4A2981B2BA8 for <>; Fri, 29 May 2015 11:14:40 -0700 (PDT)
Received: by igbpi8 with SMTP id pi8so21058145igb.0 for <>; Fri, 29 May 2015 11:14:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-type; bh=nXEyYfGc5PJ3EeCVOUiNchK2Z6S8UU0uUpeOtNhM9Fo=; b=jL3Thc1NYU9cisBpqjYDP5lqpAWKs0/zemFMtpg+dhgJKGt7mOo+4GArbXqzAkoLzM llVuDcIBMdISAEyqZ9nM1KfsZrMUyqc0VNr67ruPoPTgZVngYQULDteUgwKdiOh5VHm3 PSoTe6/S+O9VGe4B7D8Kvi7tjUynTVzRg3q1o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-type; bh=nXEyYfGc5PJ3EeCVOUiNchK2Z6S8UU0uUpeOtNhM9Fo=; b=Z1yM3P77mGs/ORQUuNfZKqqNFWG8XlHuraUW/EItzd+5FcFg1GNarqsbv92G/PTpjX TiO0gL9sIBGcR9YkqpRpRqXdNRfe0y07qgC7zXUQZfBqpicvm00k9K+cg4IA9OEOV0nc +1UWk5RRZ1zKAyBraXmtUAOtj+ISf8QnMV+jsPDLkUSfULmgpr7t3xOCQriPADM6sk32 TZvtCO/LVJh6zrrgT/0vhqGT6VzldiopcPY++z6xM6bkodTvWcJZVMsNQ6Gkedn5MoHP 7vvthXq/ySeEmkPQ1kcrOK5u2P5IIeRhCM0u/+UiFdllyjhOKc88COHZXX+B0cvayNp1 po3g==
X-Gm-Message-State: ALoCoQl0SqCc5YOMPEIaqIRr3JPb8qBQmFauubxAM9PHbbtOBmX7GDl9mHhvFPfyP0Z3B9G1xENK
X-Received: by with SMTP id l77mr11435484iod.92.1432923279719; Fri, 29 May 2015 11:14:39 -0700 (PDT)
MIME-Version: 1.0
References: <> <20150527172329.GI27628@localhost> <> <> <> <>
In-Reply-To: <>
From: David Benjamin <>
Date: Fri, 29 May 2015 18:14:29 +0000
Message-ID: <>
To: "Salz, Rich" <>, Eric Rescorla <>, Martin Thomson <>
Content-Type: multipart/alternative; boundary=001a113ec86414378c05173c73b2
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] More clarity on resumption and session hash
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 29 May 2015 18:14:41 -0000

On Fri, May 29, 2015 at 2:09 PM Salz, Rich <> wrote:

> > I poked a bit more and I was mistaken about OpenSSL's d2i_SSL_SESSION
> behavior: Although it does ignore the structure version, it will fail the
> parse if it sees elements at the end of the structure it doesn't understand.
> We'd like to change this.  Allow applications to append their own data to
> a session is very useful.
> (We is probably my employer submitting patches to OpenSSL which someone on
> the dev team like me will review.()

This is somewhat tangential, but this seems a bad idea. Having applications
squat the same namespace of tag numbers as OpenSSL will break when OpenSSL
internally adds more fields to the end. If you want applications-specific
data in the session, either the application should serialize and
deserialize a wrapper structure that happens to contain a serialized
SSL_SESSION, or explicitly introduce an OCTET STRING hole to stuff opaque
application-specific data into.