Re: [TLS] Open issue: Record Version Numbers
Bodo Moeller <bmoeller@acm.org> Mon, 23 October 2006 09:08 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gbvmu-0001Qu-5S; Mon, 23 Oct 2006 05:08:04 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gbvmt-0001Qf-GZ for tls@ietf.org; Mon, 23 Oct 2006 05:08:03 -0400
Received: from moutng.kundenserver.de ([212.227.126.188]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gbvmr-0007mw-Jm for tls@ietf.org; Mon, 23 Oct 2006 05:08:03 -0400
Received: from [134.147.40.251] (helo=tau.invalid) by mrelayeu.kundenserver.de (node=mrelayeu3) with ESMTP (Nemesis), id 0MKxQS-1Gbvmo3Rpk-0005oq; Mon, 23 Oct 2006 11:07:59 +0200
Received: by tau.invalid (Postfix, from userid 1000) id 25D754E5C; Mon, 23 Oct 2006 11:07:57 +0200 (CEST)
Date: Mon, 23 Oct 2006 11:07:57 +0200
From: Bodo Moeller <bmoeller@acm.org>
To: Pasi.Eronen@nokia.com
Subject: Re: [TLS] Open issue: Record Version Numbers
Message-ID: <20061023090757.GA10448@tau.invalid>
References: <20061020070358.GA26457@tau.invalid> <B356D8F434D20B40A8CEDAEC305A1F2403495D36@esebe105.NOE.Nokia.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <B356D8F434D20B40A8CEDAEC305A1F2403495D36@esebe105.NOE.Nokia.com>
User-Agent: Mutt/1.5.9i
X-Provags-ID: kundenserver.de abuse@kundenserver.de login:2100a517a32aea841b51dac1f7c5a318
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
On Fri, Oct 20, 2006 at 03:26:12PM +0300, Pasi.Eronen@nokia.com wrote: > Bodo Moeller wrote: >> What remains is my main conclusion that the language in the >> specification in this regards is a total mess, and that we can't just >> look what we would *like* the specification to be, but mostly at what >> will work best with the implementations that are actually out there. > I agree. Here's some suggested text; let's see if we can improve on > it somehow... Your suggestion looks quite good! There are just two things I'd like to change: > E.1. Compatibility with TLS 1.0/1.1 and SSL 3.0 > > For historical reasons and in order to avoid a profligate > consumption of reserved port numbers, application protocols which > are secured by various versions of TLS (1.0, 1.1, and 1.2) and SSL > (2.0 and 3.0) all frequently share the same connection port: for > example, the https protocol (HTTP secured by SSL or TLS) uses port > 443 regardless of which security protocol it is using. Thus, some > mechanism must be determined to distinguish and negotiate among the > various protocols. > > TLS versions 1.0, 1.1, and 1.2, and SSL 3.0 are very similar, and > use compatible ClientHello messages; thus, supporting all of them > is relatively easy. > > [...] I'd remove the discussion of ports. If we really want to explain why the TLS protocol has to do version negotiation, then for completeness we'd also have to mention the various mechanisms of the STARTTLS variety. But I think all this distracts from what the TLS specification is about; I think that the basic concept of version negotiation is obvious enough that we don't have to explain the background it detail. Here's my proposal: E.1. Compatibility with TLS 1.0/1.1 and SSL 3.0 Since there are various versions of TLS (1.0, 1.1, 1.2, and any future versions) and SSL (2.0 and 3.0), means are needed to negotiate the specific protocol version to use. The TLS protocol provides a built-in mechanism for version negotiation so as not to bother other protocol components with the complexities of version selection. TLS versions 1.0, 1.1, and 1.2, and SSL 3.0 are very similar, and use compatible ClientHello messages; thus, supporting all of them is relatively easy. [...] My second change request is to specifically mention future protocol versions, since mishandling of these is a frequent cause of problems. So let's reword the second paragraph quoted above: TLS versions 1.0, 1.1, and 1.2, and SSL 3.0 are very similar, and use compatible ClientHello messages; thus, supporting all of them is relatively easy. Similarly, servers can easily handle clients trying to use future versions of TLS as long as the clients still support the highest protocol version available in the server. [...] Bodo _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- RE: [TLS] Open issue: Record Version Numbers Pasi.Eronen
- [TLS] Open issue: Record Version Numbers Eric Rescorla
- Re: [TLS] Open issue: Record Version Numbers Eric Rescorla
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- Re: [TLS] Open issue: Record Version Numbers Martin Rex
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- Re: [TLS] Open issue: Record Version Numbers Martin Rex
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- Re: [TLS] Open issue: Record Version Numbers Martin Rex
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- Re: [TLS] Open issue: Record Version Numbers Martin Rex
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- RE: [TLS] Open issue: Record Version Numbers Pasi.Eronen
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- [TLS] TLS 1.1 and static DH Jan Nordqvist
- RE: [TLS] TLS 1.1 and static DH Pasi Eronen
- RE: [TLS] TLS 1.1 and static DH Peter Gutmann
- RE: [TLS] TLS 1.1 and static DH Pasi.Eronen
- Re: [TLS] TLS 1.1 and static DH Bodo Moeller
- Re: [TLS] TLS 1.1 and static DH Dr Stephen Henson
- RE: [TLS] Open issue: Record Version Numbers Pasi.Eronen
- Re: [TLS] Open issue: Record Version Numbers Bodo Moeller
- Re: [TLS] TLS 1.1 and static DH EKR
- RE: [TLS] Open issue: Record Version Numbers Peter Gutmann
- Re: [TLS] TLS 1.1 and static DH Nelson B Bolyard
- Re: [TLS] TLS 1.1 and static DH Nelson B Bolyard
- Re: [TLS] Open issue: Record Version Numbers Nelson B Bolyard
- Re: [TLS] TLS 1.1 and static DH Peter Gutmann
- Re: [TLS] Open issue: Record Version Numbers tom.petch
- RE: [TLS] TLS 1.1 and static DH Pasi.Eronen
- RE: [TLS] TLS 1.1 and static DH Rob Dugal
- Re: [TLS] TLS 1.1 and static DH Jan Nordqvist
- Re: [TLS] TLS 1.1 and static DH Jan Nordqvist
- Re: [TLS] TLS 1.1 and static DH Rob Dugal
- RE: [TLS] Open issue: Record Version Numbers Pasi.Eronen
- [TLS] Stateless TLS Session Resumption extension … Jan Nordqvist
- RE: [TLS] Stateless TLS Session Resumption extens… Joseph Salowey (jsalowey)
- RE: [TLS] Stateless TLS Session Resumption extens… Joseph Salowey (jsalowey)