Hi Nikos, thanks for your reply! Nikos Mavrogiannopoulos wrote: >> My first question is this: is there a good reason that GnuTLS doesn't >> indicate an older record version in accordance with appendix E by default? > > This is tricky. There are other servers that do not operate well if the > client hello version does not match record version. This is the reason > why gnutls has this behavior. Of course this was noticed many years ago. > I don't know how many servers now have this problem.
I see, and in that light it might make sense to not have the Appendix E behaviour by default. In my opinion, it would be desirable if you could at least configure GnuTLS to use that approach, though. >> It seems that _gnutls_record_set_default_version would provide a way to >> get the intended behaviour of an older record version but a recent >> client hello version. That function doesn't seem to be intended as part >> of the public interface of GnuTLS, though [3]. Why is that? > > It was meant as a hack to test for buggy servers that I mentioned above. > I don't think it should be normally used. A better solution would be to > have a priority string %RFC4346 that would enforce that behavior. What > do you think on that? The reference to RFC 4346 in your sentence confuses me, especially as I see no reference to a "priority string" in that RFC. The only possible interpretation of your suggestion would be to use a call to gnutls_protocol_set_priority in order to disable TLS 1.1, thus enforcing a TLS 1.0 record header and client hello. While this approach does solve the backwards compatibility problem, it breaks forward compatibility. There is a good chance that the restriction will stay in the client code long after all servers have been updated to deal with TLS 1.1 or later, maybe even long after newly found security issues with TLS 1.0 advise against its use. So while feasible, I'm not happy with this approach. With only the record version changed, the backwards compatibility would be ensured (at least with the server in question), while there is a good chance that future implementations might negotiate a higher version based on the hello messages. If _gnutls_record_set_default_version can do this, and there is no plan that forces the removal of this functionality in the near future, I'd love to see it made official, so that clients can configure their own backwards compatibility, based on whether high record versions or record versions not matching hello versions are more likely to cause trouble. Would I have to take the issues to the dev mailing list to get a decision on this? Greetings, Martin
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
