IETF Logo Mail Archive

[TLS] What counts as the same ClientHello?

Noah Robbin <Noah_Robbin@symantec.com> Tue, 22 August 2017 14:16 UTC

Return-Path: <Noah_Robbin@symantec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59BD41329B6 for <tls@ietfa.amsl.com>; Tue, 22 Aug 2017 07:16:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JLBTGvy9R4xQ for <tls@ietfa.amsl.com>; Tue, 22 Aug 2017 07:16:24 -0700 (PDT)
Received: from asbsmtoutape02.symantec.com (asbsmtoutape02.symantec.com [155.64.138.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A6A51329B8 for <tls@ietf.org>; Tue, 22 Aug 2017 07:16:24 -0700 (PDT)
Received: from asbsmtmtaapi02.symc.symantec.com (asb1-f5-symc-ext-prd-snat8.net.symantec.com [10.90.75.8]) by asbsmtoutape02.symantec.com (Symantec Messaging Gateway) with SMTP id 62.02.30714.7BC3C995; Tue, 22 Aug 2017 14:16:23 +0000 (GMT)
X-AuditID: 0a5af81a-737859a0000177fa-01-599c3cb7ffb2
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (asb1-f5-symc-ext-prd-snat7.net.symantec.com [10.90.75.7]) by asbsmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 9D.6A.58537.3BC3C995; Tue, 22 Aug 2017 14:16:23 +0000 (GMT)
Received: from TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (10.44.91.33) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Tue, 22 Aug 2017 07:16:18 -0700
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (10.44.128.4) by TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (10.44.91.33) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Frontend Transport; Tue, 22 Aug 2017 07:16:18 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symc.onmicrosoft.com; s=selector1-symantec-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=LH3OstLQc68ATqbEhhPy32QDpny066o235lb3CPCG6w=; b=N6lLhGTYSCIFDviQe+WXO9jPVonJp2ILtowbHlqAJN5VshW464IhOpmkbEdqCO55SIwy4M+gjA2KD4WJsxfp2sFcYfX//CfrrXSVmKxwys3omFx6XVdej4TZGmPVTsmXPQg/usb1ICQ6XjN9zg/DlQruJhBQ3nmcqZHmf3drIzg=
Received: from DM5PR16MB1723.namprd16.prod.outlook.com (10.172.44.16) by DM5PR16MB1530.namprd16.prod.outlook.com (10.173.212.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1362.18; Tue, 22 Aug 2017 14:16:16 +0000
Received: from DM5PR16MB1723.namprd16.prod.outlook.com ([10.172.44.16]) by DM5PR16MB1723.namprd16.prod.outlook.com ([10.172.44.16]) with mapi id 15.01.1362.019; Tue, 22 Aug 2017 14:16:17 +0000
From: Noah Robbin <Noah_Robbin@symantec.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: What counts as the same ClientHello?
Thread-Index: AQHTG1E3oLw1mAaE8UCKW3rg0dt+vQ==
Date: Tue, 22 Aug 2017 14:16:16 +0000
Message-ID: <66EC4BBA-6082-40BA-B723-7C9F0A35E6EA@symantec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Noah_Robbin@symantec.com;
x-originating-ip: [72.23.5.194]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR16MB1530; 6:EqwCTzcAapBl3CguG0cV1DkvQboEA5nBCvc07bN+mCiriX0Fo6CgKXhYq15jTQnxhmNIg0uqmArj2tXAnLntCEh+H4zyAD8qHke2vzaiUTN19L4FaXNn2UVK3Uqs9L6XLMcNtdhUw1+MpYNO06oKiRY32lkgBsVXBlwLqvHLggcF9VWm6CT2YTgl5/B5Gv/sKBFUFgXRa4sCOOgqrjTEo+SV3LMBuikLBIB8JQ/ipBHXJGxQ7hLlIIJr7SM+aBR9LO6v5T5N0WhK+pVrhLaUuT5jb07mwt7sSi686DbOFD2soeflmMIV42FjgLMT2Avf0WsDTB6MRPOhAAvtKw/EJg==; 5:ATHy38snaNMR4NPqjp0aTjWZ8hkJTDlZcKjbdg/z9Oz1anjwp9gsxZiL/tfDWc/PNLqPzpLAbYrpGklxDlKYOIVXlUi1ndcXjhhEp+zREQ3hKO/yv8hLfXTZe9xWrxm+ddBPDdga4u1D03CoFaANTw==; 24:AN9tn5Yn8Z3GQteDhVcNBvomhYritr5DF2xMN71SYcFYOVTL1xT7u7VHc495XjJlnr77MVg24REejDC2sXInIhrb2Dbn5fzZ7tprj3fIRbQ=; 7:bYP53MiY8xryeFrMudBFdCgPdkWnCeV4Zac/GV98+wPAlyAlCi94TbQBU0Lv0fkEYe8hRVlSprT36riiRMSDJ+z/eL4a9J48zZakkBj0SwoMziBQ5gThDL0Tm05/8QQfNvrD5nbFCubNLtRtryQJHtOXxBYdVhP0v+j2tGmvIZtbxeR7i/+qX5xzv+1bz98QOCC36XfGfRn8k0ayHNTHsHiHR7Gfp4jAYR2AYLAyYx4=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 83caf91c-2446-4930-965c-08d4e9685a8b
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM5PR16MB1530;
x-ms-traffictypediagnostic: DM5PR16MB1530:
x-exchange-antispam-report-test: UriScan:(158342451672863)(21748063052155);
x-microsoft-antispam-prvs: <DM5PR16MB1530EAFD395975DE689B90FCE2840@DM5PR16MB1530.namprd16.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(6041248)(20161123562025)(20161123558100)(20161123564025)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM5PR16MB1530; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM5PR16MB1530;
x-forefront-prvs: 04073E895A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(199003)(189002)(81166006)(2501003)(110136004)(36756003)(81156014)(53936002)(14454004)(66066001)(478600001)(101416001)(8676002)(83716003)(82746002)(33656002)(6512007)(54896002)(6306002)(86362001)(10290500003)(80792005)(25786009)(6436002)(2900100001)(1730700003)(50986999)(54356999)(102836003)(3846002)(6116002)(189998001)(6506006)(106356001)(77096006)(5660300001)(105586002)(68736007)(6486002)(2351001)(3280700002)(8936002)(97736004)(6916009)(2906002)(5640700003)(7736002)(99286003)(72206003)(3660700001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR16MB1530; H:DM5PR16MB1723.namprd16.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_66EC4BBA608240BAB7237C9F0A35E6EAsymanteccom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Aug 2017 14:16:16.9644 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR16MB1530
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrOKsWRmVeSWpSXmKPExsXCFeXNobvdZk6kwdc2EYtP57sYHRg9liz5 yRTAGMVlk5Kak1mWWqRvl8CVsbX3CGvBAfOKxyu+szUwfjbtYuTkkBAwkdg78QhzFyMXh5DA R0aJu50r2bsYOcASG4/nQcS/MUo03JrLDuEcYZTYeeobK0i3kMALRomruwRAEiwCncwSP8/d gKqaxiSxZmkLQsu9i11sIC1sAjoSr6esYQKxRQQUJXZc7WYHsYUFdCW2rnvPDhE3krh99DAL hK0n8eTnSjCbRUBVYu+6L2A1vAL2Es87ToDNYRQQk/h+CmIms4C4xK0n85kgnhOQWLLnPDOE LSrx8vE/Voj6aIkNk/eyQ8TlJe4/Pc0IYctKXJrfzQhytIRAG7vE2atbWCESehJbJ76FKvKV 2LT7NRtE0SMmid9LjkFt05L4tucZ1FRvie2nrrNA2NkSMz4eYoVouMwq8fH1VqhJMhLLfnaz TmDUm4Xkcgg7WaJryRz2WWCfCkqcnPmEZRYwVpgFNCXW79KHKFGUmNL9kB3C1pBonTMXyvaQ mLBhIRuymgWMHKsYFRKLk4pzS/JLSxILUg2M9Iorc5NBRCIwMSXrJefnbmIEJ6cfUjsYn9zx OcQowMGoxMN7Sn5OpBBrYhlQ5SFGCQ5mJRHej5ZAId6UxMqq1KL8+KLSnNTiQ4zSHCxK4ryH f5lFCgmkJ5akZqemFqQWwWSZODilGhhjRRKXH2j8c0L87v8QEcH9HzdlR8cxaOh8n2HS/sr6 WforA4FzWzZwGc+IcmyKvCVxU+4645RfBTrs4ZGPnBsZe+fMiWQyuLVgXfjaF7IvNxVtqbHy FLoheDJIs9jIPuvi1WdeFtXBp6cV9Siz8rT0laxf5yk+4YCDOuv5KHGvSAur76K3xZVYijMS DbWYi4oTAcLxXGFKAwAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprFKsWRmVeSWpSXmKPExsXCFeXNrrvdZk6kweHr7BafzncxOjB6LFny kymAMYrLJiU1J7MstUjfLoErY2vvEdaCA+YVj1d8Z2tg/GzaxcjBISFgIrHxeF4XIxeHkMA3 RomGW3PZIZwjjBI7T31j7WLkBHJeMEpc3SUAkmAR6GSW+HnuBlTVNCaJNUtbEFruXexiA2lh E9CReD1lDROILSKgKLHjajc7iC0soCuxdd17doi4kcTto4dZIGw9iSc/V4LZLAKqEnvXfQGr 4RWwl3jecQJsDqOAmMT3UxAzmQXEJW49mQ9mSwgISCzZc54ZwhaVePn4HytEfbTEhsl72SHi 8hL3n55mhLBlJS7N72YEOVpCoI1d4uzVLawQCT2JrRPfQhX5Smza/ZoNougRk8TvJcegtmlJ fNvzDGqqt8T2U9dZIOxsiRkfD7FCNFxmlfj4eivUJBmJZT+7oTbsZpX4MiMIFPRCAqkS22eo T2DUmoXkIQg7WaJryRz2WeAAEJQ4OfMJyyygDmYBTYn1u/QhShQlpnQ/ZIewNSRa58yFsj0k JmxYyIasZgEjxypGhcTipOLcktySxMSCTAMjveLK3GQQkQhMSsl6yfm5mxjBiem3+A7Gc398 DjEKcDAq8fBaWM+JFGJNLAOqPMQozcGiJM6rvUokUkggPbEkNTs1tSC1KL6oNCe1+BAjEwen VAOjxmpbZi2/yxp/N5g2yrEabpBpmsN43+amqtWzqKmW3AmvJJYc4yo72s4s6JL+vbDAVOc4 Q/meDY1TtB8IBIZE/ct2dg4RZbufqnLMaOmxJSz1/M3GiR/WP1+Rc2aJCv8y80WV/brlfCzz b9hqxehNfet9gMX90XSVuQI+z++qMUnlfbP7+FeJpTgj0VCLuag4EQAuP+ySLQMAAA==
X-CFilter-Loop: ASB03
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/r_wb197k1Yu2vA7nusJjPvkJbUk>
Subject: [TLS] What counts as the same ClientHello?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Aug 2017 14:16:26 -0000

Section 4.1.2 of the TLS 1.3 draft RFC specifies that the ClientHello sent in response to a HelloRetryRequest “MUST be the same (without modification) except” for a list of specific exceptions.  I have found one server that verifies that the random in the first ClientHello is the same as the random in the second ClientHello.  I have also found servers that accept the second ClientHello with a different random.  Many clients are sending a different random in the second ClientHello.
My reading of the specification is that the random must be the same, but if there are clients and servers taking different postures on this we will run into interop issues.
I also have two additional questions.
1 - The changes to key_share, early_data, and pre_shared_key extensions, and the addition of the cookie extension may change the overall length of the ClientHello such that it is now in the 256-511 range that some implementations have issues with.  Is it permissible to alter the padding extension?
2 -  The MUST language means that the order of the extensions must remain the same.  How strictly should a server enforce this and does this create a requirement for where the cookie extension should be inserted into the list?

Thank you,
Noah Robbin

v2.23.0 | Report a Bug | By Email