[TLS] Closing some open comments on draft-ietf-tls-renegotiation

Eric Rescorla <ekr@networkresonance.com> Mon, 07 December 2009 22:01 UTC

Return-Path: <ekr@networkresonance.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A5A243A694E for <tls@core3.amsl.com>; Mon, 7 Dec 2009 14:01:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.928
X-Spam-Level:
X-Spam-Status: No, score=0.928 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NTmBoLoAca3t for <tls@core3.amsl.com>; Mon, 7 Dec 2009 14:01:09 -0800 (PST)
Received: from kilo.networkresonance.com (216.156.83.78.ptr.us.xo.net [216.156.83.78]) by core3.amsl.com (Postfix) with ESMTP id ED1CD3A6919 for <tls@ietf.org>; Mon, 7 Dec 2009 14:01:08 -0800 (PST)
Received: from kilo.local (localhost [127.0.0.1]) by kilo.networkresonance.com (Postfix) with ESMTP id DA1A06C5242 for <tls@ietf.org>; Mon, 7 Dec 2009 14:02:44 -0800 (PST)
Date: Mon, 07 Dec 2009 14:02:44 -0800
From: Eric Rescorla <ekr@networkresonance.com>
To: tls@ietf.org
User-Agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20091207220244.DA1A06C5242@kilo.networkresonance.com>
Subject: [TLS] Closing some open comments on draft-ietf-tls-renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2009 22:01:09 -0000

Hi folks,

I've been going through the list discussion on
draft-ietf-tls-renegotiation and wanted to try to close on some of the
edits people have proposed.

1. Replace "cipher suite" with magic cipher suite value (MCSV) 
   throughout.

2. Add "Updates: RFC 5246, 4366, 4347". Pasi, should we be explicitly stating
   4346 and 2246? ISTM we already transitively update them, but I don't
   care either way.

3. Rewrite the introduction along the lines suggested by Marsh Ray, 
   Nicolas Williams, David-Sarah Hopwood, and others to more accurately
   capture the entities which are being spliced here. I will propose
   new text on the list.

4. Channel bindings: replace the end of S 1. with:

   "The data used in the extension is similar to, but not the same as, the
   channel binding data used in [I-D.altman-tls-channel-bindings], however
   this extension is not a generic-purpose RFC 5056 channel binding
   facility."

   Nico, did you have other text you wanted?

5. Explicitly state that this extension also applies to DTLS and
   that the same normativity levels apply.

6. Explicitly state that this extension may also be used with
   SSLv3 (we don't have any authority to update SSLv3 in any
   way but we can certainly say that there is no technical
   obstacle.)

7. Clarify that RI MUST be generated in all rehandshakes, per the
   issue Martin raised earlier and proposed resolution by Marsh
   and Nelson.

8. Rewrite the introduction to more clearly elucidate 
   the impact on app-level protocols. As Chris Newman has pointed
   out it currently apples primarily to HTTPS, but we should have
   some non-HTTPS text. I will propose new text on the list.

9. Rewrite the section about identity changes in Security Considerations.
   I'll propose new text on the list.

I'll also make whatever small editorial changes I see. 
If I've missed something important that people think there is
consensus on, please let me know. There are a lot of messages, 
so I may well have.

Best,
-Ekr