On Friday 18 September 2015 15:13:37 Bill Frantz wrote:
> On 9/18/15 at 4:27 AM, hka...@redhat.com (Hubert Kario) wrote:
> >except that a TLS1.3 version intolerant implementation won't
> >show its ugly head until TLS1.4 gets deployed
>
> Is there a reason a test suite can't offer TLS 1.4, even if
On Friday 18 September 2015 13:24:33 Brian Smith wrote:
> On Fri, Sep 18, 2015 at 4:36 AM, Hubert Kario
wrote:
> > On Friday 18 September 2015 00:58:19 Martin Rex wrote:
> > > Easier troubleshooting is IMO a sufficient rationale to justify
> > > existence of the alert
On Wed, Sep 16, 2015 at 01:54:20PM +0200, Florian Weimer wrote:
> On 09/16/2015 01:51 PM, Henrik Grubbström wrote:
> > On Wed, Sep 16, 2015 at 12:02 PM, Florian Weimer wrote:
> >> On 09/15/2015 06:29 PM, Nico Williams wrote:
> > [...]
> >>>
> >>> But if you have a fatal error
On 09/16/2015 09:53 PM, Brian Smith wrote:
> Assume the client and the server implement the mandatory-to-implement
> parameters and that both the client and the server are otherwise
> conformant. In this scenerio, when would an alert other than the non-fatal
> close_notify be sent?
I have been
On Wednesday 16 September 2015 12:53:53 Brian Smith wrote:
> Thus, the empirical evidence from Mozilla's
> widely-deployed implementation shows that (a) the requirement to send
> alerts is difficult to conform to, and (b) it is unimportant in
> practice to send alerts.
and yet Firefox depends on
On Wed, Sep 16, 2015 at 12:53:53PM -0700, Brian Smith wrote:
> Further, the alerting mechanism has encouraged the unsafe practice of
> "version fallback." It is clear from looking at the bug databases of
> Firefox and Chrome that their attempts to make security decisions based on
> what alerts
On Sat, Sep 12, 2015 at 01:49:49PM -0700, Eric Rescorla wrote:
> Issue: https://github.com/tlswg/tls13-spec/issues/242
>
> In https://github.com/tlswg/tls13-spec/pull/231, Brian Smith argues:
>
> "Nobody must ever be *required* to send an alert. Any requirement for
> sending an alert should be
On Thu, Sep 17, 2015 at 3:00 PM, Nico Williams
wrote:
> On Sat, Sep 12, 2015 at 01:49:49PM -0700, Eric Rescorla wrote:
> > Issue: https://github.com/tlswg/tls13-spec/issues/242
> >
> > In https://github.com/tlswg/tls13-spec/pull/231, Brian Smith argues:
> >
> > "Nobody
(Resending from the right address, again. Possibly I should have subscribed
with the other one...)
On Thu, Sep 17, 2015 at 6:23 PM David Benjamin wrote:
> On Thu, Sep 17, 2015 at 5:46 PM Brian Smith wrote:
>
>> On Thu, Sep 17, 2015 at 1:50 PM, Nico
On Thu, Sep 17, 2015 at 3:15 PM, Dave Garrett
wrote:
> On Thursday, September 17, 2015 06:00:05 pm Brian Smith wrote:
> > There's no evidence that the presence or absence of an alert when a
> > connection is closed makes any positive difference in the security of any
> >
On Thu, Sep 17, 2015 at 03:00:05PM -0700, Brian Smith wrote:
> On Thu, Sep 17, 2015 at 2:55 PM, Nico Williams
> wrote:
> > On Thu, Sep 17, 2015 at 05:47:50PM -0400, Dave Garrett wrote:
> >
> > Yes, exactly. Thanks.
> >
>
> There's no evidence that the presence or absence
Martin Thomson wrote:
> On 17 September 2015 at 14:46, Brian Smith wrote:
> > Browser vendors, if web servers were to stop sending alerts during
> handshake
> > failures, would you start doing version fallback when a connection is
> > closed?
>
>
On Thu, Sep 17, 2015 at 1:50 PM, Nico Williams
wrote:
> On Wed, Sep 16, 2015 at 12:53:53PM -0700, Brian Smith wrote:
> > Further, the alerting mechanism has encouraged the unsafe practice of
> > "version fallback." It is clear from looking at the bug databases of
> >
On Thu, Sep 17, 2015 at 02:46:39PM -0700, Brian Smith wrote:
> On Thu, Sep 17, 2015 at 1:50 PM, Nico Williams
> wrote:
> > Do we think that silent connection closings wouldn't also lead to
> > version fallback?
>
> Let's ask the browser vendors:
>
> Browser vendors, if
On Thu, Sep 17, 2015 at 2:55 PM, Nico Williams
wrote:
> On Thu, Sep 17, 2015 at 05:47:50PM -0400, Dave Garrett wrote:
> > On Thursday, September 17, 2015 03:27:10 pm Brian Smith wrote:
> > > (We should focus on conformant implementations because non-conformant
> > >
On Wed, Sep 16, 2015 at 12:02:57PM +0200, Florian Weimer wrote:
> On 09/15/2015 06:29 PM, Nico Williams wrote:
> > But if you have a fatal error you'll be closing immediately anyways.
>
> I'm trying to explain that any requirement to send fatal alerts will be
> difficult to implement. With the
On Sat, 12 Sep 2015 13:49:49 -0700
Eric Rescorla wrote:
> Issue: https://github.com/tlswg/tls13-spec/issues/242
>
> In https://github.com/tlswg/tls13-spec/pull/231, Brian Smith argues:
>
> "Nobody must ever be *required* to send an alert. Any requirement for
> sending an alert
: [TLS] Should we require implementations to send alerts?
On Saturday, September 12, 2015 05:55:41 pm Salz, Rich wrote:
> > > After all, what are you going to do when the connection drops
> > > without a GOAWAY? Drop the connection?
> >
> > Try again, assuming the probl
> > After all, what are you going to do when the connection drops without
> > a GOAWAY? Drop the connection?
>
> Try again, assuming the problem is a one-time glitch?
That's important. Without the alert, you might just try again. And again.
And again.. ..
On Sat, Sep 12, 2015 at 2:13 PM, Martin Thomson
wrote:
> On 12 September 2015 at 13:49, Eric Rescorla wrote:
> > "Nobody must ever be required to send an alert. Any requirement for
> sending
> > an alert should be SHOULD, at most."
>
> This was a point
Martin Thomson writes:
> On 12 September 2015 at 13:49, Eric Rescorla wrote:
> > "Nobody must ever be required to send an alert. Any requirement for sending
> > an alert should be SHOULD, at most."
>
> This was a point of debate for HTTP/2 as well. The
This seems like the right set of options...
On 12 September 2015 at 14:26, Eric Rescorla wrote:
> 1. Require termination and say nothing else
I think the mere existence of alerts suggests that this isn't really a
good option.
> 2. Require termination and suggest an alert.
> 3.
On Sat, Sep 12, 2015 at 3:18 PM, Viktor Dukhovni
wrote:
> On Sat, Sep 12, 2015 at 01:49:49PM -0700, Eric Rescorla wrote:
>
> > "Nobody must ever be *required* to send an alert. Any requirement for
> > sending an alert should be SHOULD, at most."
>
To be clear, you're
On Sat, Sep 12, 2015 at 01:49:49PM -0700, Eric Rescorla wrote:
> "Nobody must ever be *required* to send an alert. Any requirement for
> sending an alert should be SHOULD, at most."
Interoperability problems are hard enough to debug even when alerts
are sent, and they are *very* useful. If the
24 matches
Mail list logo