Re: [TLS] new error alerts?

Aaron Zauner <azet@azet.org> Thu, 23 July 2015 10:50 UTC

Return-Path: <azet@azet.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BA321A1A06 for <tls@ietfa.amsl.com>; Thu, 23 Jul 2015 03:50:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8qrfi-4QELiR for <tls@ietfa.amsl.com>; Thu, 23 Jul 2015 03:50:29 -0700 (PDT)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3F381A033A for <tls@ietf.org>; Thu, 23 Jul 2015 03:50:28 -0700 (PDT)
Received: by wibud3 with SMTP id ud3so18271700wib.1 for <tls@ietf.org>; Thu, 23 Jul 2015 03:50:27 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=LcHUPzKmDpdvOTfMAWZWAduRUJvC5XsURRicW986Q/g=; b=hWfuCVNqZTc+aQ7dSX+i8wH6vMrEHjQ1vSvHUF6vFaellXVQV38NIMTSdREL5rlWyw wbgV0sVrsm9turz0ZdOxSAYZXYXApU1wnyZsJYlNtVeOMEnQTlAPZoWvA6tkefq0jxWg zLa98mZp5u5W0r0P7kOnolXXgMgPJEpDiqmRRfU79uv/+Y3nRNk1zvw7Iug37Wy9YH7A D0ga5d1P+XBVTncK4dNrzphYkNtbrdwMHOnQb66KzAEqBO50XjdB+17A/7IYekHsj1RM wNrgL9ctz1LZZHep7sOpEnE2tds/FTIzCySSoEkSu5YZic3s7J8cDMJIWIL5Aa1AMM2K rqxw==
X-Gm-Message-State: ALoCoQk0qPw1/5eEoiIWoKFgdSZUkuPcB22UCZmonvGPpFTUJ6s041RQwdXc8c/fhiynE9eKYvoT
X-Received: by 10.194.77.97 with SMTP id r1mr13911682wjw.98.1437648627649; Thu, 23 Jul 2015 03:50:27 -0700 (PDT)
Received: from [31.133.162.148] (dhcp-a294.meeting.ietf.org. [31.133.162.148]) by smtp.gmail.com with ESMTPSA id di7sm7885232wib.23.2015.07.23.03.50.26 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 23 Jul 2015 03:50:26 -0700 (PDT)
Message-ID: <55B0C6A2.40304@azet.org>
Date: Thu, 23 Jul 2015 12:49:06 +0200
From: Aaron Zauner <azet@azet.org>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Dave Garrett <davemgarrett@gmail.com>
References: <201507222139.46391.davemgarrett@gmail.com>
In-Reply-To: <201507222139.46391.davemgarrett@gmail.com>
X-Enigmail-Version: 1.2.3
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigE34FE0F6851A90ED22667D62"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/s_rho-OoimtzM2MxK03C1iuTths>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] new error alerts?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2015 10:50:30 -0000

Hi Dave,

Dave Garrett wrote:
> 
>   enum {
>        handshake_failure(40),
>        unsupported_cipher_suites(71),  /* formerly insufficient_security */
>        unsupported_dh_groups(72),  /* new */
>        client_authentication_failure(73),  /* new */
>        (255)
>    } AlertDescription;
> 

I mean I kinda agree that 'insufficent security' is a misleading name,
but as it has been used for decades in TLS I'm a bit hesitant if it's a
good idea to change the name now.

Aaron