Make TLS 1.3 look like TLS 1.2 resumption

RESOLVED FIXED in 3.34

Status

enhancement
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: mt, Assigned: mt)

Tracking

Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(5 attachments)

This hack is one that is being considered for dealing with middlebox incompatibility issues with the current TLS 1.3 handshake.  In short:

* add a session ID to the ClientHello and echo that in the ServerHello,
* retain the compression methods in the ServerHello
* send a ChangeCipherSpec message after the ServerHello and ClientHello

Implementation might be a little tricky (especially for 0-RTT), but it is mostly straightforward.
Assignee: nobody → martin.thomson
Comment on attachment 8921711 [details]
Bug 1411475 - Google Hack, r?ekr

Eric Rescorla (:ekr) has approved the revision.

https://phabricator.services.mozilla.com/D162#4549
Attachment #8921711 - Flags: review+
Comment on attachment 8923260 [details]
Bug 1411475 - Set the record layer version, r?ekr

Eric Rescorla (:ekr) has approved the revision.

https://phabricator.services.mozilla.com/D171#4569
Attachment #8923260 - Flags: review+
Comment on attachment 8924819 [details]
Bug 1411475 - Google Hack, NSS trunk version

Eric Rescorla (:ekr) has approved the revision.

https://phabricator.services.mozilla.com/D186#4739
Attachment #8924819 - Flags: review+
Comment on attachment 8924853 [details]
Bug 1411475 - Set the record layer version, NSS trunk version

Eric Rescorla (:ekr) has approved the revision.

https://phabricator.services.mozilla.com/D187#4757
Attachment #8924853 - Flags: review+
NSS_TLS13_DRAFT19_BRANCH:
https://hg.mozilla.org/projects/nss/rev/bc1c987491f52b141a28421202273780f3236e58
https://hg.mozilla.org/projects/nss/rev/12b9406a5c6707209322378ae8c9af7fc7e8d809
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: Future → 3.35
Comment on attachment 8925747 [details]
Bug 1411475 - Fixup merge trash, r?ekr

Eric Rescorla (:ekr) has approved the revision.

https://phabricator.services.mozilla.com/D200#4953
Attachment #8925747 - Flags: review+
Target Milestone: 3.35 → 3.34
Blocks: 1418862
Attachment #8924819 - Attachment description: Bug 1411475 - Google Hack, r?ekr → Bug 1411475 - Google Hack, NSS trunk version
Attachment #8924853 - Attachment description: Bug 1411475 - Set the record layer version, r?ekr → Bug 1411475 - Set the record layer version, NSS trunk version
You need to log in before you can comment on or make changes to this bug.