Re: [TLS] Client Hello size intolerance Was: Re: Thoughts on Version Intolerance

Hubert Kario wrote: > 170 were detected as TLS 1.3 incompatible (3.9%) > 183 were detected as TLS 1.4 incompatible (4.2%) > 229 were detected as TLS 1.253 incompatible (5.22%) > > in the below excerpt (full list below, this is just entries that have at least > 4 servers with

[TLS] [Editorial Errata Reported] RFC5246 (4750)

The following errata report has been submitted for RFC5246, "The Transport Layer Security (TLS) Protocol Version 1.2". -- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=5246=4750 --

Re: [TLS] Keeping TLS extension points working

David, Technically, IANA makes the assignments we (the IETF/TLS WG) ask them to make via the IANA considerations section. They enforce the registry policy established when we (the IETF/TLS WG) originally established the registry; the available policies are found in RFC 5226 (and there’s some

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

On Tuesday, 26 July 2016 12:08:33 CEST Viktor Dukhovni wrote: > On Tue, Jul 26, 2016 at 01:09:04PM +0300, Ilari Liusvaara wrote: > > > Failure: > > > openssl s_client -connect regmedia.co.uk:443 -cipher > > > ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305> > > If you swap the order of

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

On Tue, Jul 26, 2016 at 01:09:04PM +0300, Ilari Liusvaara wrote: > > Failure: > > openssl s_client -connect regmedia.co.uk:443 -cipher > > ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305 > > If you swap the order of these two ciphersuites, does it suceed or fail? > > I.e. > >

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

On Monday, 25 July 2016 21:08:49 CEST Martin Rex wrote: > I've just run into a weird interoperability problem with an (alleged) > cloudflare/nginx TLS server and my personal Firefox settings. > > https://regmedia.co.uk/2015/07/14/giant_weta_mike_locke_flicker_cc_20.jpg > > > Traditionally I

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

Since I've referred to TLS-LTS a couple of times now I should mention that I've just posted an update, with the following changes: - Clarified what happens during a session resumption. - Fixed the ServerKeyExchange text to indicate what happens when the hash isn't the default SHA-256. Is the

Re: [TLS] Keeping TLS extension points working

On Monday, 25 July 2016 23:32:41 CEST David Benjamin wrote: > On Mon, Jul 25, 2016 at 7:23 PM Viktor Dukhovni > > wrote: > > On Mon, Jul 25, 2016 at 10:32:29PM +, David Benjamin wrote: > > > I'm not sure how this process usually works, but I would like to reserve > >

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

Ilari Liusvaara writes: >The basic problem (let's ignore non-cert modes for a bit): > >When choosing the certificate, you need to consider if you have a ciphersuite >that can use some supported group and protection/prf-hash available. > >Similarly, when choosing a

Re: [TLS] Keeping TLS extension points working

On Tue, Jul 26, 2016 at 6:56 AM Hubert Kario wrote: > On Monday, 25 July 2016 22:32:29 CEST David Benjamin wrote: > > I would like to fix this by reserving a few values in our registries so > > that clients may advertise random ones and regularly exercise these > > codepaths

Re: [TLS] Keeping TLS extension points working

On Monday, 25 July 2016 22:32:29 CEST David Benjamin wrote: > I would like to fix this by reserving a few values in our registries so > that clients may advertise random ones and regularly exercise these > codepaths in servers. If enough of the client base does this, we can turn a > large class of

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

On Tue, Jul 26, 2016 at 07:48:05AM +, Peter Gutmann wrote: > Ilari Liusvaara writes: > > >I recently (tried to) implement(ed) TLS 1.2 ciphersuite negotiation in a way > >that always negotiates something if at least one valid configuration exists, > >and respects TLS

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

Viktor Dukhovni wrote: > >> On Jul 25, 2016, at 3:08 PM, Martin Rex wrote: >> >> specifically, after the FF update, this new TLS ciphersuite: >> >> security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256 (0xcc, 0xa9) >> >> was the only ECDSA cipher suite enabled in my Firefox 47.0.1,

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

Ilari Liusvaara writes: >I recently (tried to) implement(ed) TLS 1.2 ciphersuite negotiation in a way >that always negotiates something if at least one valid configuration exists, >and respects TLS 1.2 rules. > >The resulting code was totally insane, and I am very much

Re: [TLS] weird ECDSA interop problem with cloudflare/nginx

Correction-- I'm sorry, I mistyped the firefox config, this should have said the chacha20_poly1305 (0xcc 0xa9) cipher suite was the only one enabled. Martin Rex wrote: > I've just run into a weird interoperability problem with an (alleged) > cloudflare/nginx TLS server and my personal Firefox