[Anima-bootstrap] Crypto parameters [Re: a repost of summary]
Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 05 July 2015 23:25 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 775FA1A8739 for <anima-bootstrap@ietfa.amsl.com>; Sun, 5 Jul 2015 16:25:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EZx3fY23jgSH for <anima-bootstrap@ietfa.amsl.com>; Sun, 5 Jul 2015 16:25:14 -0700 (PDT)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com [IPv6:2607:f8b0:400e:c03::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 471601A8734 for <anima-bootstrap@ietf.org>; Sun, 5 Jul 2015 16:25:14 -0700 (PDT)
Received: by pacgz10 with SMTP id gz10so11307610pac.3 for <anima-bootstrap@ietf.org>; Sun, 05 Jul 2015 16:25:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=TR4RcS+LZ5DdYlTYQvd7URjsCGc6M2gPF9S99WvnZBo=; b=Hn5NVlO3qzmdCm7qhB5Z+sNL4nzlRaht8mo80MQm6432Ho6jZ8Qdzp0xtG679sAdsl NVcSyAr0cJM7rbX7R4q4i67YeqsKA2jsnfsaKU6HqQHFFs5NiIAxdKNPo3VWVXKHD1eh rGMbRny4yEHaH+A79U0w+8RB6RSJXPLf8nRIeMrxhzNj1oqbjOuFuN6FVJkHKkCwhZEH R9J/5xI5l5HS+4K14ptBTh6UYAMxXY1WpoJzIsaeH7ILFdcUY1neMRzifrTXids6FzNJ s+BF1NY5TUi0yWmpWHrtvR9EYmHEpWQ5R0BeVt2I9Z/BbZ5J8nog6DyD6l/f/ClZKbn0 PmJQ==
X-Received: by 10.66.146.100 with SMTP id tb4mr99353753pab.70.1436138713916; Sun, 05 Jul 2015 16:25:13 -0700 (PDT)
Received: from ?IPv6:2001:df0:0:2006:c0da:ac17:5f6d:8e76? ([2001:df0:0:2006:c0da:ac17:5f6d:8e76]) by mx.google.com with ESMTPSA id oa14sm15973728pdb.47.2015.07.05.16.25.10 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 05 Jul 2015 16:25:12 -0700 (PDT)
Message-ID: <5599BCD2.1080306@gmail.com>
Date: Mon, 06 Jul 2015 11:25:07 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Michael Richardson <mcr+ietf@sandelman.ca>, anima-bootstrap@ietf.org
References: <11466.1435154789@sandelman.ca>
In-Reply-To: <11466.1435154789@sandelman.ca>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/px_YSuohu2o0R4GQGb0f10OWAgA>
Subject: [Anima-bootstrap] Crypto parameters [Re: a repost of summary]
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jul 2015 23:25:15 -0000
I'm in catch-up mode: On 25/06/2015 02:06, Michael Richardson wrote: ... > it turns out there is an additional benefit in making the constrained > node the TLS "Server" -- side. Specifically, it means that the selection > of crypto parameters is done by the more constrained device, Point taken, but isn't that also an exposure to a downgrade attack by a bad actor pretending to be constrained in order to reduce algorithm or key strength? Brian
- [Anima-bootstrap] a repost of summary Michael Richardson
- Re: [Anima-bootstrap] a repost of summary Michael Behringer (mbehring)
- [Anima-bootstrap] MB review of Bootstrap charter … Michael Richardson
- [Anima-bootstrap] Crypto parameters [Re: a repost… Brian E Carpenter
- Re: [Anima-bootstrap] Crypto parameters [Re: a re… Michael Richardson