Re: [TLS] Accepting that other SNI name types will never work.

Martin Thomson <martin.thomson@gmail.com> Fri, 04 March 2016 06:14 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C93171B33CB for <tls@ietfa.amsl.com>; Thu, 3 Mar 2016 22:14:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibsX0HD-xUAP for <tls@ietfa.amsl.com>; Thu, 3 Mar 2016 22:14:42 -0800 (PST)
Received: from mail-ig0-x231.google.com (mail-ig0-x231.google.com [IPv6:2607:f8b0:4001:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DE701B33C9 for <tls@ietf.org>; Thu, 3 Mar 2016 22:14:42 -0800 (PST)
Received: by mail-ig0-x231.google.com with SMTP id z8so10772803ige.0 for <tls@ietf.org>; Thu, 03 Mar 2016 22:14:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=9eZffpSqEu6c93YkruYiNH4Azooq9Ucj7coZhxp3UpA=; b=b5CuLmoGFrKqowmP3WJOEuDkLKmD1NG2st8lehgHY9Ir+ERxRIF443Ffez+UKG+in0 OcbPCiPTo4bGCg7MOy/oyHCnBlY4aMDUy4GYBqmhUIIgW4JkV7TschUsX9Yjl7mOy9vS Y73AoEx0vUvw+dJxiPSGqvUZLSvrTx0DmDeDZb8buoLX1+ufddaAcQBPTuVCFJf1KtH1 b+U30ncTj30CZZe4BgH9/AppZp44mxx+hzNznMQZeXyf+uy8sgYtaTQB1B1nWBoggRMV 29bXqDrA6gHl1Zx/x/5WhxBXcAF42ujB4dyepP5iLw9ORbM3HmAaK957rLTkEQT2MNTn pIFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=9eZffpSqEu6c93YkruYiNH4Azooq9Ucj7coZhxp3UpA=; b=M4G10Pw8vzsVMWBZhHBWstw02dUZQkCZuQflTBaUWkNWbOlIrXzLVBjnOwcZKRbWS0 ipBDIQqEEiSZnV8ERtNhBCrksVyG0w6njuwBTE83NocylR8vH4spsIFwmpa9X2ojgJNx xzFyeMnZJDSMjSRnjLBQ+rQIskiOAjFE/02HCY0/W2eL7qJiP8Rzf31kHFvjVTuk93JS uDw7M1EPuHnidpzMA7gGLaqrQpapl74iCXPJJvuW3M5RB+I8GjtKuA7sIb+PBWWYsVCF CrYh15cS7MuchVpZ7aF17oH3jaiThF7XnciVmEuH7I88tpPI1ywyzdHa9RwzfTS8Zziu Z5Dw==
X-Gm-Message-State: AD7BkJI+iASHp9nJQ8R1cRj3XI8BxpNKNAQTfYprNNgzfDG/WUVa/PyABsSQneul9hPGAI+If2LwbivT5aTAaQ==
MIME-Version: 1.0
X-Received: by 10.50.41.106 with SMTP id e10mr2169026igl.94.1457072081891; Thu, 03 Mar 2016 22:14:41 -0800 (PST)
Received: by 10.36.43.5 with HTTP; Thu, 3 Mar 2016 22:14:41 -0800 (PST)
In-Reply-To: <201603032043.43158.davemgarrett@gmail.com>
References: <CAMfhd9WNHqfRH=M=_B7_apJ-r43fi8qoe-+VcDkrKPwwhkPR5A@mail.gmail.com> <CAMp7mVtwrF9CL-MqyF0UZJemBOMyFieAy++-_539fE5eAB_KMQ@mail.gmail.com> <CABkgnnWf_W--LQixDBfSqeinQ01Ew4c-QXuSnyE-qN5ckrfCsA@mail.gmail.com> <201603032043.43158.davemgarrett@gmail.com>
Date: Fri, 4 Mar 2016 17:14:41 +1100
Message-ID: <CABkgnnUWeiTFr6c9XZEDGo1vGcmvYjwh1Trk1E=Bc3_7MHzg9Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/sM98o-JNNUt4SirQLO7gErZ-LBo>
Cc: Adam Langley <agl@imperialviolet.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Accepting that other SNI name types will never work.
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2016 06:14:43 -0000

On 4 March 2016 at 12:43, Dave Garrett <davemgarrett@gmail.com> wrote:
> Just adding a quick blurb for this in there somewhere seems like the simplest solution to me.


That doesn't fix it for 1.2, but I'd be OK with that.  Define SNI as:

struct {
  uint16 extension_tag = 0;
  uint16 extension_length = strlen(name) + 5;
  uint16 name_list_length = strlen(name) + 3;
  uint8 name_type = 0;
  uint16 name_length = strlen(name);
  uint8 name[strlen(name)];
} SNI;

Or something like that.