Re: [TLS] Should we require implementations to send alerts?
Brian Smith <brian@briansmith.org> Thu, 17 September 2015 21:46 UTC
Return-Path: <brian@briansmith.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDFA71A7007 for <tls@ietfa.amsl.com>; Thu, 17 Sep 2015 14:46:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c-p3i4oKDInB for <tls@ietfa.amsl.com>; Thu, 17 Sep 2015 14:46:40 -0700 (PDT)
Received: from mail-io0-f176.google.com (mail-io0-f176.google.com [209.85.223.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23D851A7014 for <tls@ietf.org>; Thu, 17 Sep 2015 14:46:40 -0700 (PDT)
Received: by ioiz6 with SMTP id z6so37234269ioi.2 for <tls@ietf.org>; Thu, 17 Sep 2015 14:46:39 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=pIsHuQcY/uraR7o5gaW63J+GnKT4XLXOOYXKIW6jYTA=; b=LC4j5xlRWF5SgZMXS3aMgSuauxxlH0R0F3Vpc/ADZ9XCqGZdV1udrrR7MaJBKk3Whj 9YMcBTX5JKL8q6ToVCIOZIQqypCEtOUR0fMNMSHHidjUoqxGkUPyarFrlAvxhen56z2K /on413JZuVlxcL4kfBzRuxvAHL0wiSXI9jsgbuicRb0E3cXMDQMb6G0WlPs6STOAFiVt vtIsnDjPC/nOLnuRK38FG6dEiwViEfBObXKlvonmK0anBj4VIx+OTsj2ape8ZdutzZ7O eoVP5++fAcEGZamc5HfrIOm+ZeoBsqbDq+/lYWo+rQxA6wxQwzey5GaYNpxdI0qeNhyO qcsA==
X-Gm-Message-State: ALoCoQnn2WX4IFF5A6vlokqNrhA3fV7VsPav+2ncOYswf/PdnBeZewYuITisBK5rGWkbhJxE4vo4
MIME-Version: 1.0
X-Received: by 10.107.18.167 with SMTP id 39mr10927316ios.34.1442526399452; Thu, 17 Sep 2015 14:46:39 -0700 (PDT)
Received: by 10.79.107.204 with HTTP; Thu, 17 Sep 2015 14:46:39 -0700 (PDT)
In-Reply-To: <20150917205004.GW13294@localhost>
References: <CABcZeBPnO4zn_HkvwLpLC+EVYN8EKOBEsR80oRt3HZgsiNGDoQ@mail.gmail.com> <CAFewVt6JAY20iXGZhufFRHSUrs5kVzP_CO2VmR5c1vaM-D_KZQ@mail.gmail.com> <20150917205004.GW13294@localhost>
Date: Thu, 17 Sep 2015 14:46:39 -0700
Message-ID: <CAFewVt4ayyOfzQBgAkSEu7R+x+0PjHbxCWd400fSLrzoQYsTAA@mail.gmail.com>
From: Brian Smith <brian@briansmith.org>
To: Nico Williams <nico@cryptonector.com>
Content-Type: multipart/alternative; boundary="001a113f2de89e795c051ff85980"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/zMYlcdWJM9pTmTbAJXxyrApOpkw>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Should we require implementations to send alerts?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2015 21:46:42 -0000
On Thu, Sep 17, 2015 at 1:50 PM, Nico Williams <nico@cryptonector.com> wrote: > On Wed, Sep 16, 2015 at 12:53:53PM -0700, Brian Smith wrote: > > Further, the alerting mechanism has encouraged the unsafe practice of > > "version fallback." It is clear from looking at the bug databases of > > Firefox and Chrome that their attempts to make security decisions based > on > > what alerts they received was bad for security. > > Do we think that silent connection closings wouldn't also lead to > version fallback? > Let's ask the browser vendors: Browser vendors, if web servers were to stop sending alerts during handshake failures, would you start doing version fallback when a connection is closed? Fatal alerts are quite handy for diagnostics on the client side, really. > I agree that they are often marginally useful. However, the risks associated with the alert mechanism outweigh those benefits. > I'd rather keep them than remove them, but I'd be OK with clients never > sending them. I'm OK with fata alerts being SHOULD send. I suggest that, at most, implementations SHOULD NOT send them. IMO it would be better to remove the alert mechanism altogether in TLS 1.3. Most people that are arguing for retaining the alert requirements seem to be concerned about alerts sent from the server to the client. Does anybody think it is important to require clients to ever send alerts other than close_notify? Cheers, Brian -- https://briansmith.org/
- [TLS] Should we require implementations to send a… Eric Rescorla
- Re: [TLS] Should we require implementations to se… Martin Thomson
- Re: [TLS] Should we require implementations to se… Eric Rescorla
- Re: [TLS] Should we require implementations to se… Geoffrey Keating
- Re: [TLS] Should we require implementations to se… Martin Thomson
- Re: [TLS] Should we require implementations to se… Salz, Rich
- Re: [TLS] Should we require implementations to se… Viktor Dukhovni
- Re: [TLS] Should we require implementations to se… Eric Rescorla
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Andrei Popov
- Re: [TLS] Should we require implementations to se… Hanno Böck
- Re: [TLS] Should we require implementations to se… Florian Weimer
- Re: [TLS] Should we require implementations to se… Salz, Rich
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Florian Weimer
- Re: [TLS] Should we require implementations to se… Henrik Grubbström
- Re: [TLS] Should we require implementations to se… Florian Weimer
- Re: [TLS] Should we require implementations to se… Salz, Rich
- Re: [TLS] Should we require implementations to se… Viktor Dukhovni
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Jim Schaad
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Florian Weimer
- Re: [TLS] Should we require implementations to se… Hubert Kario
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Martin Thomson
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Nico Williams
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… David Benjamin
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Martin Rex
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… David Benjamin
- Re: [TLS] Should we require implementations to se… Hubert Kario
- Re: [TLS] Should we require implementations to se… Hubert Kario
- Re: [TLS] Should we require implementations to se… Brian Smith
- Re: [TLS] Should we require implementations to se… Benjamin Kaduk
- Re: [TLS] Should we require implementations to se… Tony Arcieri
- Re: [TLS] Should we require implementations to se… Dave Garrett
- Re: [TLS] Should we require implementations to se… Bill Frantz
- Re: [TLS] Should we require implementations to se… Kurt Roeckx
- Re: [TLS] Should we require implementations to se… Kurt Roeckx
- Re: [TLS] Should we require implementations to se… Viktor Dukhovni
- Re: [TLS] Should we require implementations to se… Hubert Kario
- Re: [TLS] Should we require implementations to se… Hubert Kario