IETF Logo Mail Archive

Re: [TLS] questions regarding draft-ietf-tls-rfc2246-bis-13.txt

Eric Rescorla <ekr@networkresonance.com> Mon, 06 February 2006 19:04 UTC

Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F6BfU-0003CQ-2o; Mon, 06 Feb 2006 14:04:56 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F6BfQ-0003Ar-HX for tls@megatron.ietf.org; Mon, 06 Feb 2006 14:04:54 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA12965 for <tls@ietf.org>; Mon, 6 Feb 2006 14:02:55 -0500 (EST)
Received: from raman.networkresonance.com ([198.144.196.3]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1F6BrO-0007MS-HQ for tls@ietf.org; Mon, 06 Feb 2006 14:17:15 -0500
Received: by raman.networkresonance.com (Postfix, from userid 1001) id B5DC71E8C4C; Mon, 6 Feb 2006 11:04:25 -0800 (PST)
To: Sami Lehtinen <sjl@ssh.com>
Subject: Re: [TLS] questions regarding draft-ietf-tls-rfc2246-bis-13.txt
References: <43C5FF00.5040704@ssh.com>
From: Eric Rescorla <ekr@networkresonance.com>
Date: Mon, 06 Feb 2006 11:04:25 -0800
In-Reply-To: <43C5FF00.5040704@ssh.com> (Sami Lehtinen's message of "Thu, 12 Jan 2006 09:02:24 +0200")
Message-ID: <868xsogvgm.fsf@raman.networkresonance.com>
User-Agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4.18 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9182cfff02fae4f1b6e9349e01d62f32
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: EKR <ekr@networkresonance.com>
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Sender: tls-bounces@lists.ietf.org
Errors-To: tls-bounces@lists.ietf.org

Sami Lehtinen <sjl@ssh.com> writes:

> Hello,
>
> In section 6.2.3.2. CBC block cipher:
>
>     The encrypted data length (TLSCiphertext.length) is one more than the
>     sum of TLSCompressed.length, CipherSpec.hash_size, and
>     padding_length.
>
> Should this be:
>
>     The encrypted data length (TLSCiphertext.length) is one more than the
>     sum of CipherSpec.block_length, TLSCompressed.length,
>            ^^^^^^^^^^^^^^^^^^^^^^^^^
>     CipherSpec.hash_size, and padding_length.
>
> to accommondate for the explicit IV?

I've reviewed this and I believe this is incorrect. You can form the
explicit IV by encrypting a non-explicit IV, but it's not properly
part of the ciphertext.

Best,
-Ekr

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email