Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02
Chris Newman <chris.newman@oracle.com> Mon, 18 August 2014 18:01 UTC
Return-Path: <chris.newman@oracle.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57D2C1A03D8 for <uta@ietfa.amsl.com>; Mon, 18 Aug 2014 11:01:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.869
X-Spam-Level:
X-Spam-Status: No, score=-4.869 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uAIM-vrlgN-E for <uta@ietfa.amsl.com>; Mon, 18 Aug 2014 11:01:21 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A60A1A070F for <uta@ietf.org>; Mon, 18 Aug 2014 11:01:19 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s7II1IAB001849 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <uta@ietf.org>; Mon, 18 Aug 2014 18:01:18 GMT
Received: from hermes-fe-1.easd.brm.oracle.com (hermes-fe-1.easd.brm.oracle.com [10.79.248.10]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s7II1HOF025214 for <uta@ietf.org>; Mon, 18 Aug 2014 18:01:17 GMT
MIME-version: 1.0
Content-type: multipart/mixed; boundary="Boundary_(ID_a37twzHKv9SGDITd9H72mQ)"
Received: from [10.145.239.205] (nifty-silver.us.oracle.com [10.145.239.205]) by hermes-fe-1.easd.brm.oracle.com (Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5 2014)) with ESMTPSA id <0NAI00C0OKQ3V900@hermes-fe-1.easd.brm.oracle.com> for uta@ietf.org; Mon, 18 Aug 2014 11:01:17 -0700 (PDT)
Date: Mon, 18 Aug 2014 11:01:02 -0700
From: Chris Newman <chris.newman@oracle.com>
To: Leif Johansson <leifj@mnt.se>, uta@ietf.org
Message-id: <5D7E66F6642C1E1A80820A9D@96B2F16665FF96BAE59E9B90>
In-reply-to: <53F1B167.3000202@mnt.se>
References: <53F1B167.3000202@mnt.se>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/OLKZcUiuDVYrYhaWnSXi9iQ1jZU
Subject: Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Aug 2014 18:01:23 -0000
--On August 18, 2014 9:55:19 +0200 Leif Johansson <leifj@mnt.se> wrote: > This starts a 2 week working group last call on > draft-ietf-uta-tls-attacks-02. Please send any final comments on the > list by 1/9. I had previously spent the time to write suggested text for the draft (message attached). It seems that suggested text was ignored. I strongly object to advancing this draft without having my suggested text considered. If I see a statement along the lines "your suggested text was not included because of X", and the WG has rough consensus on that statement, that's fine. But ignoring suggested text is not fine. - Chris
--- Begin Message ---I've reviewed draft-ietf-uta-tls-attacks-01.txt and support its publication. I believe the document would be improved by including CVE numbers for the vulnerabilities in the document. I had volunteered to write text describing the STARTTLS attack. Here's strawman text: --- 2.9 STARTTLS Command Injection Attack (CVE-2011-0411) A number of IETF application protocols have used an application-level command, usually STARTTLS, to upgrade a clear-text connection to use TLS. Multiple implementations of STARTTLS had a flaw where an application-layer input buffer retained commands that were pipelined with the STARTTLS command, such that commands received prior to TLS negotiation are executed after TLS negotiation. This problem is resolved by requiring the application-level command input buffer to be empty before negotiating TLS. Note that this flaw lives in the application layer code and does not impact the TLS protocol directly. Because several independent implementations had the same problem, use of STARTTLS in new IETF protocols is discouraged. --- This attack is a key factor in changing the bias of the application area with respect to use of STARTTLS and is one of the motivations behind the "implicit TLS" preference in http://tools.ietf.org/html/draft-newman-email-deep-01 - Chris _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta--- End Message ---
- [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Leif Johansson
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 t.p.
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Ilari Liusvaara
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Chris Newman
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Leif Johansson
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Chris Newman
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Leif Johansson
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Yaron Sheffer
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Leif Johansson
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Chris Newman
- Re: [Uta] WGLC on draft-ietf-uta-tls-attacks-02 Leif Johansson