Re: [TLS] Text for draft-ietf-tls-rfc4366-bis
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Thu, 20 May 2010 21:22 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0DD0C3A68B1 for <tls@core3.amsl.com>; Thu, 20 May 2010 14:22:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.014
X-Spam-Level:
X-Spam-Status: No, score=-10.014 tagged_above=-999 required=5 tests=[AWL=0.585, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8UHEIWZBrtOO for <tls@core3.amsl.com>; Thu, 20 May 2010 14:22:13 -0700 (PDT)
Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by core3.amsl.com (Postfix) with ESMTP id 75C9A3A68AA for <tls@ietf.org>; Thu, 20 May 2010 14:22:13 -0700 (PDT)
Authentication-Results: sj-iport-5.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEANdE9UurRN+J/2dsb2JhbACeGnGlXJlVhRIEg0A
X-IronPort-AV: E=Sophos;i="4.53,273,1272844800"; d="scan'208";a="200424627"
Received: from sj-core-3.cisco.com ([171.68.223.137]) by sj-iport-5.cisco.com with ESMTP; 20 May 2010 21:22:07 +0000
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-3.cisco.com (8.13.8/8.14.3) with ESMTP id o4KLM7Ls012653; Thu, 20 May 2010 21:22:07 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 20 May 2010 14:22:07 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 20 May 2010 14:22:01 -0700
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE50A7828B9@xmb-sjc-225.amer.cisco.com>
In-Reply-To: <201005201810.o4KIAx6L005366@fs4113.wdf.sap.corp>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] Text for draft-ietf-tls-rfc4366-bis
Thread-Index: Acr4R9Gvyg7jXV7qRN+VZMquRXZYUQAGZzFA
References: <AC1CFD94F59A264488DC2BEC3E890DE50A67D0FA@xmb-sjc-225.amer.cisco.com> from "Joseph Salowey" at May 20, 10 08:29:21 am <201005201810.o4KIAx6L005366@fs4113.wdf.sap.corp>
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: mrex@sap.com
X-OriginalArrivalTime: 20 May 2010 21:22:07.0140 (UTC) FILETIME=[7FFF4640:01CAF862]
Cc: tls@ietf.org
Subject: Re: [TLS] Text for draft-ietf-tls-rfc4366-bis
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 May 2010 21:22:20 -0000
Hi Martin, Thanks, I think I captured your suggestion below. "When the server is deciding whether or not to accept a request to resume a session, the contents of a server_name extension MAY be used in the lookup of the session in the session cache. The client SHOULD include the same server_name extension in session resumption request as it did in the full handshake that established the session. A server that implements this extension MUST NOT accept the request to resume the session if the server_name extension contains a different name. Instead, it proceeds with a full handshake to establish a new session. The client MAY omit the extension, in which case, if the server chooses to resume the session, it must use the server name cached from the original full handshake. When resuming a session, the server MUST NOT include a server_name extension in the server hello." > -----Original Message----- > From: Martin Rex [mailto:mrex@sap.com] > Sent: Thursday, May 20, 2010 11:11 AM > To: Joseph Salowey (jsalowey) > Cc: ietfc@btconnect.com; tls@ietf.org > Subject: Re: [TLS] Text for draft-ietf-tls-rfc4366-bis > > Joseph Salowey wrote: > > > > Good suggestion, thanks for the text, here is the text reworked: > > > > "When the server is deciding whether or not to accept a request to > > resume a session, the contents of a server_name extension may be used > > in the lookup of the session in the session cache. The client SHOULD > > include the same server_name extension in session resumption > > request as it did in the full handshake that established the > > session. If the server_name extension contains a different name, > > the server MUST NOT accept the request to resume the session. > > Instead, it proceeds with a full handshake to establish a new > > Session. The client MAY omit the extension, in which case, if > > the server chooses to resume the session, it must use the server > > name cached from the original full handshake. When resuming a > > session, the server MUST NOT include a server_name extension in > > the server hello." > > The requirements appear somewhat imbalanced to me. > In order to conform to the requirement > > If the server_name extension contains a different name, > the server MUST NOT accept the request to resume the session. > > every server must (a) implement server_name extension and (b) > memorize the content from the initial handshake in the TLS session > cache. At that point the "may be used in the lookup of the session" > effectively becomes a MUST be used in the lookup of the session, > because the contents will always have to be verified before agreeing > a session resumption, even if the server_name contents isn't > technically used as a "lookup key" into the cache. > > > This MUST NOT would need to be scoped to the implementors of the > "MAY be used in the lookup of the session", and the MAY in the > first sentence probably be uppercased. > > > From the architecture point of view, I see the following issues > to consider about interaction of ClientHello parameters and > session resumption: > > - ClientHello parameters from the session resumption request > MUST NOT affect the session within the session cache at all > (except possibly deleting the session on a failed resumption) > > - ClientHello parameters from the session resumption request > MUST affect connection parameters only in documented fashion > (derivation of keying material e.g. through additional PRF input, > renegotiation_info extension) > > - ClientHello parameters MUST be checked for compatibility with > the characteristics of the cached session before resumption, > but this check is limited to those parameters that the server > actually implements/supports. > > - In addition, a server may decide that ClientHello parameters > provides characteristics that the server would prefer over the > characteristics of the cached session and go for a full handshake > > > -Martin
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis t.petch
- [TLS] Text for draft-ietf-tls-rfc4366-bis Joseph Salowey (jsalowey)
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Joseph Salowey (jsalowey)
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Michael D'Errico
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis t.petch
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Martin Rex
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Joseph Salowey (jsalowey)
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Joseph Salowey (jsalowey)
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Martin Rex
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Michael D'Errico
- Re: [TLS] Text for draft-ietf-tls-rfc4366-bis Donald Eastlake