What purpose does putting the version in the AD serve? It's not harmful, sure, but just using the sequence number is simplest. It seems the only reason we'd consider putting it into the AD is because historically the record version was in there as part of the record header. In a vacuum, I'm having a hard time imagining why one would want negotiated_version in there that wouldn't also apply to putting the whole handshake hash in there. Am I missing something?
David On Mon, Oct 19, 2015 at 12:40 PM Colm MacCárthaigh <c...@allcosts.net> wrote: > > If (2.) is used, would it be nice to make it negotiated_version > + seq_num? I think for some algorithms, the MAC can be partially > pre-computed if things are in that order. > > On Mon, Oct 19, 2015 at 9:28 AM, Eric Rescorla <e...@rtfm.com> wrote: > >> Folks, >> >> https://github.com/tlswg/tls13-spec/issues/278 >> >> The additional data field presently includes the version: >> >> additional_data = seq_num + TLSPlaintext.record_version >> >> However, TLSPlaintext.record_version is now always {3, 1}, so >> this is redundant. There seem to be two primary options here: >> >> 1. Don't MAC the version at all. >> 2. MAC the negotiated version (which should be clear at >> this point). >> >> I could go either way on this (slightly leaning towards #2) but >> the current thing seems silly. >> >> -Ekr >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> >> > > > -- > Colm > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
