IETF Logo Mail Archive

Re: [TLS] '15 TLS Fall Interim Minutes

Dave Garrett <davemgarrett@gmail.com> Wed, 23 September 2015 02:03 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 500E91B308D for <tls@ietfa.amsl.com>; Tue, 22 Sep 2015 19:03:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CPeaEUifUSiw for <tls@ietfa.amsl.com>; Tue, 22 Sep 2015 19:03:41 -0700 (PDT)
Received: from mail-yk0-x236.google.com (mail-yk0-x236.google.com [IPv6:2607:f8b0:4002:c07::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05E821AD0B3 for <tls@ietf.org>; Tue, 22 Sep 2015 19:03:41 -0700 (PDT)
Received: by ykdz138 with SMTP id z138so28607722ykd.2 for <tls@ietf.org>; Tue, 22 Sep 2015 19:03:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=1LLvH9xbmmPLLZ6TKpOP1SD3vSFaK5il6oJ4w3Z7U0I=; b=JnLCHaXi3ypGxbpbcQUJKm5ZA8KoeJkxfP8PLHX57/qhqzYkx4LJzSkDuapvWT72St QHAz6fKjvtrzFYi0aLBzhHXHkblSzKjuLU12m9ReO0AoLTPRnmd7MudVPm1QOg6uU4QT 2FxNBzJ6bzqdGA5bZSY7arMXeDa5lzeimJ154ZbRiWtZnaKwqJLaw6k6V03t0rBl+O69 EZ6Paggu6DnBGrZZJdS7iTq2xU1B1gSmGiEsCFTnTekmeEr7HRS94+iT7DWh4cjBYomE PmRqvovhtua0KRRFY0SdTdx575ksaJ1r5pHwRCl5BrjImUaLwRhWceoSJKLyEdTQ0Lar yjOA==
X-Received: by 10.170.88.84 with SMTP id f81mr24403525yka.78.1442973820255; Tue, 22 Sep 2015 19:03:40 -0700 (PDT)
Received: from dave-laptop.localnet (pool-72-94-152-197.phlapa.fios.verizon.net. [72.94.152.197]) by smtp.gmail.com with ESMTPSA id u79sm2923680ywf.21.2015.09.22.19.03.39 (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 22 Sep 2015 19:03:39 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 22 Sep 2015 22:03:37 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <A1F63168-7736-452D-BC1B-23B665D81989@sn3rd.com> <201509221945.13138.davemgarrett@gmail.com> <CABcZeBNixj_zcaSKVOwJuWcAcFmKUsqERRE7h5ctb86hijgiSA@mail.gmail.com>
In-Reply-To: <CABcZeBNixj_zcaSKVOwJuWcAcFmKUsqERRE7h5ctb86hijgiSA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-Id: <201509222203.38092.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/x0D-ms1hebl_8HjzeVCNMgjIVMw>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] '15 TLS Fall Interim Minutes
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 02:03:43 -0000

Thanks.

What sort of errors are we trying to avoid by making sure implementations have to check for zeroed padding? Are we really worried some sloppy implementation is going to leave it uninitialized in a memory-unsafe language and just encrypt an arbitrary block of memory? This was mentioned at some point, and sounds really stupid, but planning for the stupid is probably a good idea.


Dave


On Tuesday, September 22, 2015 09:18:53 pm Eric Rescorla wrote:
> "Versions of TLS prior to 1.3 had limited support for padding. This padding
> scheme was selected because it allows padding of any encrypted TLS record
> by an arbitrary size (from zero up to TLS record size limits) without
> introducing new content types. The design also enforces all-zero padding
> octets, which allows for quick detection of padding errors.
> "
> 
> On Tue, Sep 22, 2015 at 4:45 PM, Dave Garrett <davemgarrett@gmail.com>
> wrote:
> 
> > On Tuesday, September 22, 2015 07:27:35 pm Sean Turner wrote:
> > > I’ve gone ahead and posted the minutes/list of decisions to:
> > >
> > >
> > https://www.ietf.org/proceedings/interim/2015/09/21/tls/minutes/minutes-interim-2015-tls-3
> >
> > That has this:
> >
> > > For padding, we reached a very rough consensus to start with the content
> > type followed by all zeros (insert reasons why) over the explicit length
> > option (insert reasons why).  DKG to propose a PR that we'll then fight out
> > on the list.  See PR #253.
> >
> > The "reasons why" that were discussed were not inserted. ;)

v2.30.2 | Report a Bug | By Email | System Status