ietf
[Top] [All Lists]

Re: [TLS] Last Call: draft-hoffman-tls-additional-random-ext (Additional Random

2010-04-23 09:15:51
Hi again. It appears that people have a hard time with the additional random 
extension because it has limited applicability but I cannot fully state what 
that is. The purpose here is to help fix problems that shouldn't happen, and to 
be harmless when the bad situation doesn't happen. This has led some people to 
think that an implementer will therefore feel free to code more carelessly. I 
have a higher respect for TLS implementers, but maybe I shouldn't.

I am not sure that I can convince people of what seems like an obvious fact: 
the PRNG on a system might fail in a way that the TLS implementation cannot 
detect. If it could detect the failure, of course it should shut down, 
screaming. But lots of PNRG failures seem undetectable to the implementation 
but possibly detectable to an attacker. Remedying that was the motivation for 
these drafts. If that problem is not of interest, or is considered to induce 
developers to do a worse job, I can see why people would not want these drafts 
to move forwards.

I still believe that this extension itself is harmless in all cases, and 
helpful in limited ones; I have not seen anyone directly prove otherwise. 
Having said that, I'm of course willing to go along with IETF consensus if 
people think that the mere standardization of this extension will somehow 
weaken existing implementations.

--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf