[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [TLS] RE: WGLC - Stepping up Hash

To: <stefans@xxxxxxxxxxxxx>
Subject: RE: [TLS] RE: WGLC - Stepping up Hash
From: <Pasi.Eronen@xxxxxxxxx>
Date: Fri, 14 Dec 2007 09:34:08 +0200
Cc: tls@xxxxxxxx
In-reply-to: <9F11911AED01D24BAA1C2355723C3D320A10F36C32@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <B356D8F434D20B40A8CEDAEC305A1F2404ED41E2@xxxxxxxxxxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320567FF2229@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320A10E835BD@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx><B356D8F434D20B40A8CEDAEC305A1F2404FEE97F@xxxxxxxxxxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320A10E83C0C@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20071212230617.870E733C6D@xxxxxxxxxxxxxx> <9F11911AED01D24BAA1C2355723C3D320A10F36C32@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Thread-index: Acg9FGS9zTbUNt2tQa2GeAAfo7haxwAvDotQABRuVGA=
Thread-topic: [TLS] RE: WGLC - Stepping up Hash

Stefan Santesson wrote:

> > I don't understand why it's a problem to simply have the client
> > offer the extension in these special cases.
> 
> It is not. But what if it doesn't. This should clearly be the 
> implementation goal for all clients. However, theory and 
> practice don't always meet and we should not create rules 
> that prevents the server from safely step up the security 
> level in case the client fail to send this info. Or we should 
> REQUIRE the client to provide this extension in these cases 
> (e.g. for some cipher suites). The client is after all not 
> required to provide this in the current spec.

I think the source of this confusion is the sentence "Clients 
SHOULD send this extension if they support any hash algorithm 
other than SHA-1" (in Section 7.4.1.4.1)

This is not quite correct. It should say something along
the lines:

  "If the client supports other hash and signature 
  algorithms (than the defaults listed in this section), 
  and it is willing to use them for verifying messages 
  sent by server (server certificates and server key exchange), 
  it MUST send the signature_algorithms extension listing
  the algorithms it is willing to accept."

(IMHO this is what the current spec implicitly means.)

Best regards,
Pasi


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- RE: [TLS] RE: WGLC - Stepping up Hash
  - From: Kemp, David P.

References:
- [TLS] WGLC for draft-ietf-tls-rfc4346-bis-07
  - From: Pasi.Eronen
- [TLS] RE: WGLC for draft-ietf-tls-rfc4346-bis-07
  - From: Stefan Santesson
- [TLS] WGLC - Stepping up Hash
  - From: Stefan Santesson
- [TLS] RE: WGLC - Stepping up Hash
  - From: Pasi.Eronen
- [TLS] RE: WGLC - Stepping up Hash
  - From: Stefan Santesson
- Re: [TLS] RE: WGLC - Stepping up Hash
  - From: Eric Rescorla
- RE: [TLS] RE: WGLC - Stepping up Hash
  - From: Stefan Santesson

Prev by Date: RE: [TLS] RE: WGLC - Stepping up Hash
Next by Date: RE: [TLS] Re: IDNs in draft-ietf-tls-rfc4366-bis
Previous by thread: RE: [TLS] RE: WGLC - Stepping up Hash
Next by thread: RE: [TLS] RE: WGLC - Stepping up Hash
Index(es):
- Date
- Thread