draft-ietf-tls-downgrade-scsv-04.txt   draft-ietf-tls-downgrade-scsv-05.txt 
Network Working Group B. Moeller Network Working Group B. Moeller
Internet-Draft A. Langley Internet-Draft A. Langley
Updates: 2246, 4346, 4347, 5246, 6347 Google Updates: 2246, 4346, 4347, 5246, 6347 Google
(if approved) February 12, 2015 (if approved) February 20, 2015
Intended status: Standards Track Intended status: Standards Track
Expires: August 16, 2015 Expires: August 24, 2015
TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol
Downgrade Attacks Downgrade Attacks
draft-ietf-tls-downgrade-scsv-04 draft-ietf-tls-downgrade-scsv-05
Abstract Abstract
This document defines a Signaling Cipher Suite Value (SCSV) that This document defines a Signaling Cipher Suite Value (SCSV) that
prevents protocol downgrade attacks on the Transport Layer Security prevents protocol downgrade attacks on the Transport Layer Security
(TLS) protocol. It updates RFC 2246, RFC 4346, and RFC 5246. Server (TLS) and Datagram Transport Layer Security (DTLS) protocols. It
updates RFC 2246, RFC 4346, RFC 4347, RFC 5246, and RFC 6347. Server
update considerations are included. update considerations are included.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 16, 2015. This Internet-Draft will expire on August 24, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 20 skipping to change at page 2, line 21
2. Protocol values . . . . . . . . . . . . . . . . . . . . . . . 3 2. Protocol values . . . . . . . . . . . . . . . . . . . . . . . 3
3. Server behavior . . . . . . . . . . . . . . . . . . . . . . . 3 3. Server behavior . . . . . . . . . . . . . . . . . . . . . . . 3
4. Client behavior . . . . . . . . . . . . . . . . . . . . . . . 4 4. Client behavior . . . . . . . . . . . . . . . . . . . . . . . 4
5. Operational Considerations . . . . . . . . . . . . . . . . . 5 5. Operational Considerations . . . . . . . . . . . . . . . . . 5
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
8.1. Normative References . . . . . . . . . . . . . . . . . . 7 8.1. Normative References . . . . . . . . . . . . . . . . . . 7
8.2. Informative References . . . . . . . . . . . . . . . . . 7 8.2. Informative References . . . . . . . . . . . . . . . . . 7
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 7 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction 1. Introduction
To work around interoperability problems with legacy servers, many To work around interoperability problems with legacy servers, many
TLS client implementations do not rely on the TLS protocol version TLS client implementations do not rely on the TLS protocol version
negotiation mechanism alone, but will intentionally reconnect using a negotiation mechanism alone, but will intentionally reconnect using a
downgraded protocol if initial handshake attempts fail. Such clients downgraded protocol if initial handshake attempts fail. Such clients
may fall back to connections in which they announce a version as low may fall back to connections in which they announce a version as low
as TLS 1.0 (or even its predecessor, SSL 3.0) as the highest as TLS 1.0 (or even its predecessor, SSL 3.0) as the highest
supported version. supported version.
skipping to change at page 6, line 32 skipping to change at page 6, line 32
weaknesses that cannot be addressed by implementation workarounds weaknesses that cannot be addressed by implementation workarounds
like the remaining weaknesses in later (TLS) protocol versions. like the remaining weaknesses in later (TLS) protocol versions.
7. IANA Considerations 7. IANA Considerations
[[ TO BE REMOVED: The requested registry allocations require [[ TO BE REMOVED: The requested registry allocations require
Standards Action, i.e., will only be official with the IESG's Standards Action, i.e., will only be official with the IESG's
Standards Track RFC approval. Since this document is currently an Standards Track RFC approval. Since this document is currently an
Internet-Draft, IANA so far has in fact not added the cipher suite Internet-Draft, IANA so far has in fact not added the cipher suite
number and alert number to the respective registries. The values as number and alert number to the respective registries. The values as
shown are used in early implementations. shown are used in early implementations. ]]
+-----------+-------------------+---------+-----------------+ +-----------+-------------------+---------+-----------------+
| Value | Description | DTLS-OK | Reference | | Value | Description | DTLS-OK | Reference |
+-----------+-------------------+---------+-----------------+ +-----------+-------------------+---------+-----------------+
| 0x56,0x00 | TLS_FALLBACK_SCSV | Y | (this document) | | 0x56,0x00 | TLS_FALLBACK_SCSV | Y | (this document) |
+-----------+-------------------+---------+-----------------+ +-----------+-------------------+---------+-----------------+
http://www.iana.org/assignments/tls-parameters http://www.iana.org/assignments/tls-parameters
+-------+------------------------+---------+-----------------+ +-------+------------------------+---------+-----------------+
| Value | Description | DTLS-OK | Reference | | Value | Description | DTLS-OK | Reference |
+-------+------------------------+---------+-----------------+ +-------+------------------------+---------+-----------------+
| 86 | inappropriate_fallback | Y | (this document) | | 86 | inappropriate_fallback | Y | (this document) |
+-------+------------------------+---------+-----------------+ +-------+------------------------+---------+-----------------+
http://www.iana.org/assignments/tls-parameters http://www.iana.org/assignments/tls-parameters
]]
IANA has added TLS cipher suite number 0x56,0x00 with name IANA has added TLS cipher suite number 0x56,0x00 with name
TLS_FALLBACK_SCSV to the TLS Cipher Suite registry, and alert number TLS_FALLBACK_SCSV to the TLS Cipher Suite registry, and alert number
86 with name inappropriate_fallback to the TLS Alert registry. 86 with name inappropriate_fallback to the TLS Alert registry.
8. References 8. References
8.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
 End of changes. 8 change blocks. 
8 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/