On Mon, Apr 9, 2018 at 2:16 PM, Joseph Birr-Pixton <jpix...@gmail.com> wrote:
> Hello, > > PR#1163 in draft-26 seems to have broken interop with previous drafts > with a variety of deployed implementations. draft-26 and later clients > fail with a protocol_version alert. > > Affected Internet servers include: > > cloudflare.com: offers draft-23, intolerant to draft-26 > www.apple.com: seemingly unwilling to negotiate any draft, but > intolerant anyway(?) > www.microsoft.com: same > google.com: same > > https://jbp.io/assets/tls13-logs/cloudflare.broken.txt > https://jbp.io/assets/tls13-logs/apple.broken.txt > https://jbp.io/assets/tls13-logs/microsoft.broken.txt > https://jbp.io/assets/tls13-logs/google.broken.txt > > In all these cases, offering TLS1.2 in supported_versions (ie, the > pre-draft-26 behaviour) works, and TLS1.2 is negotiated: > You're just sending supported_versions = {0x7f1a}, but that's not correct. You need to send {0x7f1a, 0x0303}: " The "supported_versions" extension is used by the client to indicate which versions of TLS it supports and by the server to indicate which version it is using. The extension contains a list of supported versions in preference order, with the most preferred version first. Implementations of this specification MUST send this extension in the ClientHello containing all versions of TLS which they are prepared to negotiate (for this specification, that means minimally 0x0304, but if previous versions of TLS are allowed to be negotiated, they MUST be present as well). " So what's happening here is the any server which knows about TLS 1.3 (supported_versions) is getting a version mismatch. PR#1163 was just about what the server sends. -Ekr > https://jbp.io/assets/tls13-logs/cloudflare.works.txt > https://jbp.io/assets/tls13-logs/apple.works.txt > https://jbp.io/assets/tls13-logs/microsoft.works.txt > https://jbp.io/assets/tls13-logs/google.works.txt > > Corroboration appreciated. It's totally possible I'm doing something > stupid :) > > Thanks, > Joe > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
