Re: [TLS] ServerHello layout in TLS 1.3
Eric Rescorla <ekr@rtfm.com> Sat, 12 December 2015 20:28 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 132C21A8F50 for <tls@ietfa.amsl.com>; Sat, 12 Dec 2015 12:28:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id luYAG-l_-yAi for <tls@ietfa.amsl.com>; Sat, 12 Dec 2015 12:28:41 -0800 (PST)
Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A62E81A8F4E for <tls@ietf.org>; Sat, 12 Dec 2015 12:28:41 -0800 (PST)
Received: by qkfb125 with SMTP id b125so86416106qkf.2 for <tls@ietf.org>; Sat, 12 Dec 2015 12:28:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=zUuMy1Oo5eLTAm1SD9XwMrv9WpaNNPAJK5bSE9EfqI0=; b=puhKcipqrh66G0nCr96goHXHR4beOcS/Vh36VqR0MLBEOYfkQjg7zs0XHuqN2ujtub ahDmpm32zA8eTWMvLBLK3Wa9otjHpV+1+vrbbUeVrPJkXBPahclanFBUJijlCVoRFlcl 3xLd0Pxekn9dV7WzhJK7/GGYdGQ9375aAnKD0A+okX9iu/tUAuI/8vRiPta/aA1AU9ER eQuTSkgCciMcKbMrPaPZQ7epWNz4ncpnszKY4qQGD99Z/erTbeJKMtStYX8CafBh4vYg Sdt4l+1LNq5HXkJdOr9WUIpMWVH0iiWtE9kPP32OXo4QtNa1tOA8JmWnLY5Zi6j0W+7R XViQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=zUuMy1Oo5eLTAm1SD9XwMrv9WpaNNPAJK5bSE9EfqI0=; b=kU+gi0tTUEC4p0jvFkU9rjZwjZnG4aaM+hTeBMTEv1LaFYRuDTa4d/glPSvarmbZOL mg3BLH5B6tBJVxSLK0rAtL3vAuHiLMtV8c4I/LYnbcVYJ2veqB7aXrOe/2B13/pACjQl TqDdabddAdQ+IoehkHBK0TeLUkAsGsCaeNgvvoIGhs6wnvbhFLkYF3U05/4R1Tr0DVkY DFaRiju732+QsP+XGExUBM1P/BXuz94uVEeAuMBNmpHeA1ilTXE8bKtACW6Kl5NyAx5t V0RqSRN0swaJb53yNul9dVUOI7m/Ghx27NO7SwZb/hPpurT+OUiCiRBVL3C7+U7Cpsdl dl7w==
X-Gm-Message-State: ALoCoQlR3YLICq4jyVgsuIkXdUi3ODWHht6IYv/NOPcBzHGlYEsFtfZv3UiwKsuW2mANfxxZYntoYyI0Jpt9MIviux8GnpB0Mg==
X-Received: by 10.129.79.87 with SMTP id d84mr6355732ywb.115.1449952120788; Sat, 12 Dec 2015 12:28:40 -0800 (PST)
MIME-Version: 1.0
Received: by 10.13.249.197 with HTTP; Sat, 12 Dec 2015 12:28:01 -0800 (PST)
In-Reply-To: <566C0E25.5080703@mehnert.org>
References: <566C0E25.5080703@mehnert.org>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 12 Dec 2015 12:28:01 -0800
Message-ID: <CABcZeBPVMc9474149xQq5KkJc8N+FXfeqMZsgusiubDL2SE+Lw@mail.gmail.com>
To: Hannes Mehnert <hannes@mehnert.org>
Content-Type: multipart/alternative; boundary="001a114dc3601a07650526b9496a"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/swUahokdxYdg2buFBtEOYxlWqfA>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] ServerHello layout in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Dec 2015 20:28:43 -0000
On Sat, Dec 12, 2015 at 4:08 AM, Hannes Mehnert <hannes@mehnert.org> wrote: > Hi, > > while implementing the TLS 1.3 draft, I came across the modified > ServerHello message - it does neither contain a SessionID nor a > CompressionMethod field. This makes code which supports both TLS 1.3 > and earlier versions more complicated*: a client sending out a > ClientHello does not know which protocol version the server is willing > to talk. > > Thus, depending on the protocol version inside of the server hello, the > remainder of the packet needs to be parsed. > > I'm not sure whether it is worth to safe two bytes (empty SessionID and > NULL CompressionMethod) to introduce such an intrinsic dependency. > > Is there a reason behind this change, apart from cleanup? > I'm not aware of ay reason besides cleanup. I don't feel strongly about the current state. -Ekr > Thanks, > > Hannes > > *: It is not hard to implement a conditional here, but it makes the > control flow of the code unnecessary complex imho, especially since up > to TLS-1.2 client and server hello can be parsed by the same function > (modulo the list vs single ciphersuite and compression method, see > > https://github.com/mirleft/ocaml-tls/blob/99384104e09b21a736872854e0a69615a4545780/lib/reader.ml#L295-L327 > ). > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
- [TLS] ServerHello layout in TLS 1.3 Hannes Mehnert
- Re: [TLS] ServerHello layout in TLS 1.3 Eric Rescorla
- Re: [TLS] ServerHello layout in TLS 1.3 Dave Garrett