Re: [TLS] Awkward Handshake: Possible mismatch of client/server view on client authentication in post-handshake mode in Revision 18
David Wong <davidwong.crypto@gmail.com> Tue, 14 February 2017 16:18 UTC
Return-Path: <davidwong.crypto@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3619A129483 for <tls@ietfa.amsl.com>; Tue, 14 Feb 2017 08:18:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.599
X-Spam-Level:
X-Spam-Status: No, score=-1.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377, MIME_HTML_ONLY=0.723, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 94nZ80V8MmkF for <tls@ietfa.amsl.com>; Tue, 14 Feb 2017 08:18:38 -0800 (PST)
Received: from mail-wm0-x241.google.com (mail-wm0-x241.google.com [IPv6:2a00:1450:400c:c09::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 186B3129690 for <tls@ietf.org>; Tue, 14 Feb 2017 08:18:30 -0800 (PST)
Received: by mail-wm0-x241.google.com with SMTP id r18so4306431wmd.3 for <tls@ietf.org>; Tue, 14 Feb 2017 08:18:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:from:to:cc:in-reply-to:references:subject:message-id :date:content-transfer-encoding:mime-version; bh=ptjP3Jk6R7TRnCLjU+9PvGQ7pN+ZreyEQFAOMeGvLSk=; b=AoXPBfhcnWuITO28Y2tGFO/LzN7sGJ0CbmWiIGNMTye+KRC4vHDjSgATnLB54gj4si o/A4Acbps5ZMzh1TBQ4n3iAqs+vvRsNEStedx9A3NKPGj5YOM79LoUG05QAvETQ3tgK0 JXSxy929Gk3Gf2QlJILJhDYHOATDpya5wDLG0QRGovUVt0oKxLNbv63OAs+NFtn0aGs6 SiYYHfB7fIcSI39oYaOjUUBQMYF8rHqd9QJiyU0xT5oScbwuDA4OfByGJLrU4uSUGCXk A24XJsa5NaazrZyBrayJ1SpyBlQ/G2yR/jRYfQH98FeXjP/RTDnTH1x8WYrdWHxCgpjl sTbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:from:to:cc:in-reply-to:references :subject:message-id:date:content-transfer-encoding:mime-version; bh=ptjP3Jk6R7TRnCLjU+9PvGQ7pN+ZreyEQFAOMeGvLSk=; b=USDfmK8NtzSSFNMMUVO2D9nvC79sMCC3C/FOmlIxfIFHc2vskxzs5c/uqhaecQc79O KZZStZhE3MpdSwvR19/dSoCSndfDhprqi8swsZODW7j5Gh+YKZiIEqM4r/vNRvgpka/Q m1rK1Smnck5mRCKiySFAtrHaEVJa5aWJqXHQu2aJxygFWhFYNlJn4sOzqgUlFabjlJu5 3lIGBgC/gxrtqhI/ZdrgdvFswUV6fFssxBwlBSJ0VdZV0vma3CLmutLWMDgcV9mCSQcE 1lMi7ktJsR6va+cTDaac7CqEHjVjyArL7Tvs9guHVECp8mRMairllBXMsvm+qCRwoqah Hf4w==
X-Gm-Message-State: AMke39ns3rz3xpF66svDgnBf7XhfoIhJcC1zpJukaqhACN0Z6RO6uKB0lDjROr6hyioMGw==
X-Received: by 10.28.86.214 with SMTP id k205mr3793424wmb.26.1487089108513; Tue, 14 Feb 2017 08:18:28 -0800 (PST)
Received: from little-david.home (LFbn-1-9943-152.w86-202.abo.wanadoo.fr. [86.202.61.152]) by smtp.gmail.com with ESMTPSA id s17sm1395740wrc.6.2017.02.14.08.18.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Feb 2017 08:18:28 -0800 (PST)
Content-Type: text/html
User-Agent: NylasMailer-K2
From: David Wong <davidwong.crypto@gmail.com>
To: David Benjamin <davidben@chromium.org>
In-Reply-To: <CAF8qwaBQOfW68BcyG_d6wNsGTT+e6XajEYd0OSjjDekEQOD2mw@mail.gmail.com>
References: <CABdrxL6qupAu+Ztxw7BU1e-eoy-kfJKRQq+ZZyoKokXHNZEoZQ@mail.gmail.com> <local-bdf4ca0e-d529@nylas-mail.nylas.com> <CAF8qwaBQOfW68BcyG_d6wNsGTT+e6XajEYd0OSjjDekEQOD2mw@mail.gmail.com>
Message-ID: <local-a70c902a-5994@nylas-mail.nylas.com>
Date: Tue, 14 Feb 2017 16:18:27 +0000
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/zBgsmNfNDLJReMgcLw4TVb7huMo>
Cc: Cas Cremers <cas.cremers@cs.ox.ac.uk>, tls@ietf.org
Subject: Re: [TLS] Awkward Handshake: Possible mismatch of client/server view on client authentication in post-handshake mode in Revision 18
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2017 16:18:39 -0000
On Feb 14 2017, at 4:44 pm, David Benjamin <davidben@chromium.org> wrote:
NewSessionTicket always includes in-handshake client auth. The resumption secret can't even be derived without it.
- [TLS] Awkward Handshake: Possible mismatch of cli… Cas Cremers
- Re: [TLS] Awkward Handshake: Possible mismatch of… Ilari Liusvaara
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Victor Vasiliev
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Cas Cremers
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Benjamin
- Re: [TLS] Awkward Handshake: Possible mismatch of… Ilari Liusvaara
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Martin Thomson
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… Martin Rex
- Re: [TLS] Awkward Handshake: Possible mismatch of… Cas Cremers
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Benjamin
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Martin Rex