[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: ClientHello protocol versions with s_server
From: Jason Schultz <jetson23 () hotmail ! com>
Date: 2014-06-16 14:15:20
Message-ID: COL126-W361B9193914B0DAB1668DAC7160 () phx ! gbl
[Download RAW message or body]
I'm a bit confused on the appropriate protocol versions
to use on a ClientHello in my SSL/TLS implementation. (I am using s_server to test my \
client code.) I say “versions” as there is the record version and the suggested \
protocol version. Ignoring SSLv2, the initial ClientHello to a server should have a \
record version of 3.0, as the lowest supported, and 3.3 as the suggested version (or \
whatever is the highest supported by the client).
RFC 5246 states on page 40 for ClientHello:
"client_version
The version of the TLS
protocol by which the client wishes to
communicate during this
session. This SHOULD be the latest
(highest valued) version
supported by the client. For this
version of the specification,
the version will be 3.3 (see
Appendix E for details about
backward compatibility)."
That's clear and unequivocal--not sure why it is not a MUST,
just a SHOULD –I’m guessing this is to allow servers to be more permissive and
increase interoperability?
In Appendix E there are two interesting statements:
"If a TLS server receives a ClientHello containing a
version number
greater than the highest version supported by the server, it
MUST
reply according to the highest version supported by the
server."
So if the client sent 3.3 as the suggested version, I can
assume that whatever the server negotiates is the highest version it supports,
correct?
"Whenever a client already knows the highest protocol
version known to
a server (for example, when resuming a session), it SHOULD
initiate
the connection in that native protocol."
OK, here is where I am confused. If the server
negotiated 3.1, and I am doing session resumption, what protocol versions
should I send in the ClientHello to be compliant with the RFC?
Should the record version be 3.1 to satisfy the appendix,
and the suggested version 3.3 to satisfy page 40? My SSL/TLS implementation acting as \
a client sends record version 3.0 and suggested version 3.1 and OpenSSL s_server \
accepts it as OK. Is OpenSSL just being permissive to allow for interoperation?
Thanks for any clarification. Also please advise if
there are any differences in this area between session resumption and
renegotiation.
[Attachment #3 (text/html)]
<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'><p class="MsoNormal">I'm a bit confused on the \
appropriate protocol versions to use on a ClientHello in my SSL/TLS implementation. \
(I am using s_server to test my client code.) I say “versions” as there is the record \
version and the suggested protocol version. Ignoring SSLv2, the initial
ClientHello to a server should have a record version of 3.0, as the lowest
supported, and 3.3 as the suggested version (or whatever is the highest
supported by the client). <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">RFC 5246 states on page 40 for ClientHello:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">"client_version<o:p></o:p></p>
<p class="MsoNormal"> The version of the TLS
protocol by which the client wishes to<o:p></o:p></p>
<p class="MsoNormal"> communicate during this
session. This SHOULD be the latest<o:p></o:p></p>
<p class="MsoNormal"> (highest valued) version
supported by the client. For this<o:p></o:p></p>
<p class="MsoNormal"> version of the specification,
the version will be 3.3 (see<o:p></o:p></p>
<p class="MsoNormal"> Appendix E for details about
backward compatibility)."<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">That's clear and unequivocal--not sure why it is not a MUST,
just a SHOULD –I’m guessing this is to allow servers to be more permissive and
increase interoperability?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">In Appendix E there are two interesting \
statements:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">"If a TLS server receives a ClientHello containing a
version number<o:p></o:p></p>
<p class="MsoNormal">greater than the highest version supported by the server, it
MUST<o:p></o:p></p>
<p class="MsoNormal">reply according to the highest version supported by the
server."<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">So if the client sent 3.3 as the suggested version, I can
assume that whatever the server negotiates is the highest version it supports,
correct?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">"Whenever a client already knows the highest protocol
version known to<o:p></o:p></p>
<p class="MsoNormal">a server (for example, when resuming a session), it SHOULD
initiate<o:p></o:p></p>
<p class="MsoNormal">the connection in that native protocol."<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">OK, here is where I am confused. If the server
negotiated 3.1, and I am doing session resumption, what protocol versions
should I send in the ClientHello to be compliant with the RFC?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Should the record version be 3.1 to satisfy the appendix,
and the suggested version 3.3 to satisfy page 40? My SSL/TLS implementation acting as \
a client sends record version 3.0 and suggested version 3.1 and OpenSSL s_server \
accepts it as OK. Is OpenSSL <span style="font-size: 12pt;">just being \
permissive to allow for interoperation?</span></p><p class="MsoNormal"><span \
style="font-size: 12pt;"><br></span></p><p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal">Thanks for any clarification. Also please advise if
there are any differences in this area between session resumption and
renegotiation.<o:p></o:p></p> </div></body>
</html>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic