IETF Logo Mail Archive

Re: [TLS] Working Group Last Call for draft-ietf-tls-ssl2-must-not-02

Martin Rex <mrex@sap.com> Mon, 25 October 2010 19:50 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C1FD23A68C1 for <tls@core3.amsl.com>; Mon, 25 Oct 2010 12:50:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.901
X-Spam-Level:
X-Spam-Status: No, score=-9.901 tagged_above=-999 required=5 tests=[AWL=0.348, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x7zIMlBdnN+n for <tls@core3.amsl.com>; Mon, 25 Oct 2010 12:50:47 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by core3.amsl.com (Postfix) with ESMTP id 965933A68BB for <tls@ietf.org>; Mon, 25 Oct 2010 12:50:47 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id o9PJq4Oa027165 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 25 Oct 2010 21:52:04 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201010251952.o9PJq3pa012929@fs4113.wdf.sap.corp>
To: jsalowey@cisco.com
Date: Mon, 25 Oct 2010 21:52:03 +0200
In-Reply-To: <31EBE58E-709F-4447-AC4D-5E7CBB531E8F@cisco.com> from "Joe Salowey" at Oct 24, 10 09:16:47 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Scanner: Virus Scanner virwal07
X-SAP: out
Cc: tls@ietf.org
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-ssl2-must-not-02
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Oct 2010 19:50:48 -0000

Joe Salowey wrote:
> 
> This is an announcement of WGLC for draft-ietf-tls-ssl2-must-not-02.  The draft and its revisions can be found here:
> 
> http://tools.ietf.org/html/draft-ietf-tls-ssl2-must-not-02
> 
> Please send comments to the TLS list by November 17, 2010.  

This WGLC is about publication of the document, I assume.

In principle I'm OK with publication.



Re-reading it, I'd like to make two observations:

1. Per document header:
       Updates: 5246 (once approved)
   this document intends to update rfc-5246 _only_.  The text in
   Sections 1 and 3 does not limit itself to implementations of TLSv1.2,
   and I would support to similarily discourage the use of SSLv2 for
   existing implementations of TLSv1.0 and TLSv1.1.

   How about listing TLSv1.0 (rfc2246) and TLSv1.1 (rfc4346)
   as well in the Updates: of the document header,
   just like RFC5746 (TLS extension RI) does.
  

2. SSLv2 deficiencies: "Sessions can be easily terminated"

    o Sessions can be easily terminated.  A man-in-the-middle can easily
     insert a TCP FIN to close the session and the peer is unable to
     determine whether or not it was a legitimate end of the session.

   I think this exaggerates the usefulness of the closy_notify(0)
   warning level alert as used in practice.  By using an application
   level framing protocol to mark boundaries of data, it is fairly
   easy for application callers to compensate for this "lack" of SSLv2.
   Many applications that use a framing protocol look only at their
   own framing rather than waiting for the close_notify alert exchange
   to _complete_.


-Martin

v2.23.0 | Report a Bug | By Email