[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [TLS] RE: WGLC - Stepping up Hash

To: <tls@xxxxxxxx>
Subject: RE: [TLS] RE: WGLC - Stepping up Hash
From: "Kemp, David P." <DPKemp@xxxxxxxxxxxxxx>
Date: Fri, 14 Dec 2007 11:21:06 -0500
Cc:
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F240501C2AA@xxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <B356D8F434D20B40A8CEDAEC305A1F2404ED41E2@xxxxxxxxxxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320567FF2229@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320A10E835BD@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx><B356D8F434D20B40A8CEDAEC305A1F2404FEE97F@xxxxxxxxxxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320A10E83C0C@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx><20071212230617.870E733C6D@xxxxxxxxxxxxxx><9F11911AED01D24BAA1C2355723C3D320A10F36C32@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <B356D8F434D20B40A8CEDAEC305A1F240501C2AA@xxxxxxxxxxxxxxxxxxxxxx>
Thread-index: Acg9FGS9zTbUNt2tQa2GeAAfo7haxwAvDotQABRuVGAAEgI4QA==
Thread-topic: [TLS] RE: WGLC - Stepping up Hash

I agree with Martin Rex that permitting implicit (meta-knowledge-based)
signaling could inhibit implementation of proper signaling,
and that the interoperability disadvantage (when meta-knowledge
turns out to be wrong) outweighs any advantage of being able
to use step-up hash with clients that support additional hash
algorithms but do not send the extension.  Such clients,
if there are any, should be fixed.

The spec should be modified along the lines suggested below
to remove ambiguity from the requirement for explicit
signaling.

Dave


-----Original Message-----
From: Pasi.Eronen@xxxxxxxxx [mailto:Pasi.Eronen@xxxxxxxxx] 
Sent: Friday, December 14, 2007 2:34 AM
To: stefans@xxxxxxxxxxxxx
Cc: tls@xxxxxxxx
Subject: RE: [TLS] RE: WGLC - Stepping up Hash

Stefan Santesson wrote:

> > I don't understand why it's a problem to simply have the client
> > offer the extension in these special cases.
> 
> It is not. But what if it doesn't. This should clearly be the 
> implementation goal for all clients. However, theory and 
> practice don't always meet and we should not create rules 
> that prevents the server from safely step up the security 
> level in case the client fail to send this info. Or we should 
> REQUIRE the client to provide this extension in these cases 
> (e.g. for some cipher suites). The client is after all not 
> required to provide this in the current spec.

I think the source of this confusion is the sentence "Clients 
SHOULD send this extension if they support any hash algorithm 
other than SHA-1" (in Section 7.4.1.4.1)

This is not quite correct. It should say something along
the lines:

  "If the client supports other hash and signature 
  algorithms (than the defaults listed in this section), 
  and it is willing to use them for verifying messages 
  sent by server (server certificates and server key exchange), 
  it MUST send the signature_algorithms extension listing
  the algorithms it is willing to accept."

(IMHO this is what the current spec implicitly means.)

Best regards,
Pasi


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- RE: [TLS] RE: WGLC - Stepping up Hash
  - From: Stefan Santesson

References:
- [TLS] WGLC for draft-ietf-tls-rfc4346-bis-07
  - From: Pasi.Eronen
- [TLS] RE: WGLC for draft-ietf-tls-rfc4346-bis-07
  - From: Stefan Santesson
- [TLS] WGLC - Stepping up Hash
  - From: Stefan Santesson
- [TLS] RE: WGLC - Stepping up Hash
  - From: Pasi.Eronen
- [TLS] RE: WGLC - Stepping up Hash
  - From: Stefan Santesson
- Re: [TLS] RE: WGLC - Stepping up Hash
  - From: Eric Rescorla
- RE: [TLS] RE: WGLC - Stepping up Hash
  - From: Stefan Santesson
- RE: [TLS] RE: WGLC - Stepping up Hash
  - From: Pasi.Eronen

Prev by Date: RE: [TLS] Re: IDNs in draft-ietf-tls-rfc4366-bis
Next by Date: the most beautiful timepieces
Previous by thread: RE: [TLS] RE: WGLC - Stepping up Hash
Next by thread: RE: [TLS] RE: WGLC - Stepping up Hash
Index(es):
- Date
- Thread