[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[TLS] Re: Record layer padding

To: <Pasi.Eronen@xxxxxxxxx>
Subject: [TLS] Re: Record layer padding
From: Simon Josefsson <simon@xxxxxxxxxxxxx>
Date: Thu, 31 Jan 2008 09:49:03 +0100
Cc: tls@xxxxxxxxxxxxxx, 1.41421@xxxxxxxxx
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F24052BA924@xxxxxxxxxxxxxxxxxxxxxx> (Pasi Eronen's message of "Fri, 25 Jan 2008 20:05:01 +0200")
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <a10b0c8a0801242017y7ce85cden8bc0a4272d7d9f44@xxxxxxxxxxxxxx> <B356D8F434D20B40A8CEDAEC305A1F240528D5BA@xxxxxxxxxxxxxxxxxxxxxx> <a10b0c8a0801250829k390588afv9095e975c90de683@xxxxxxxxxxxxxx> <B356D8F434D20B40A8CEDAEC305A1F24052BA924@xxxxxxxxxxxxxxxxxxxxxx>
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)

<Pasi.Eronen@xxxxxxxxx> writes:

>> Even more: If I am understand it correctly, implementations are
>> encouraged to do so in order to foil traffic analysis-based cracking
>> attempts.
>
> Well, "encouraged" is perhaps an overstatement: as far as I know,
> most existing TLS implementations don't this. (When some versions
> of GnuTLS shipped with this feature enabled, it was discovered
> that Symbian TLS implementation didn't like receiving that 
> extra padding -- a bug that hadn't been discovered in probably 5+
> years, suggesting that nobody else sends such records. There were
> some messages on the list back in November, I think.)

GnuTLS still pad records randomly, for security reasons, and has done so
since basically forever as far as I know.  I see no reason to disable it
by default.  There has been relatively few reports about problems caused
by this, and only from Symbian TLS users.

What has changed since it was discovered that record padding was
problematic in some environments is that we offer a mechanism for
applications to disable it.  We recommend that application authors use
the defaults (i.e., record padding enabled), and only that users disable
it on their own initiative, and further, that they only do so on a
per-IP or per-account basis if possible.

I would encourage all implementers to enable record padding.

/Simon

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] Record layer padding
  - From: JCA
- RE: [TLS] Record layer padding
  - From: Pasi.Eronen
- Re: [TLS] Record layer padding
  - From: JCA
- RE: [TLS] Record layer padding
  - From: Pasi.Eronen

Prev by Date: RE: [TLS] password-based authentication (was: Some comments about draft-badra-ecdhe-tls-psk-01)
Previous by thread: RE: [TLS] Record layer padding
Next by thread: [TLS] I-D ACTION:draft-ietf-tls-rfc4346-bis-08.txt
Index(es):
- Date
- Thread