'Re: [TLS] Abbreviated Handshake != Renegotiated Handshake'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    Re: [TLS] Abbreviated Handshake != Renegotiated Handshake
From:       Martin Rex <mrex () sap ! com>
Date:       2009-12-21 14:21:40
Message-ID: 200912211421.nBLELeiU012354 () fs4113 ! wdf ! sap ! corp
[Download RAW message or body]

Marsh Ray wrote:
> 
> Ravi Ganesan wrote:
> > 
> > But regardless even if there is something in existence called a
> > "renegotiated abbreviated handshake", I think the distinction between
> > 'abbreviated handshakes without renegoitation' which are very very
> > widely used should not be confused with 'renegotiated handshakes of any
> > kind'.

Ravi, your terminology is slightly confusing.  Renegotiation refers
to a TLS handshake that is performed under protection of an existing
TLS session, so the two things you could distinguish are:

  - renegotiation with a full handshake
  - renegotiation with an abbreviated handshake (aka session resume)

> 
> Nowhere in the draft does it talk about "abbreviated handshakes".

That might be considered a defect, because it is the terminology
established by RFC-5246 7.3 Handshake Protocol Overview, Figure 2

http://tools.ietf.org/html/rfc5246#page-37


>
> Whether or not a handshake is "abbreviated" has absolutely nothing to do
> with whether or not it is an initial or a renegotiation handshake.

Correct.


-Martin

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic