Re: [Gen-art] Gen-art LC review of draft-ietf-tls-encrypt-then-mac-02
Peter Gutmann <pgut001@cs.auckland.ac.nz> Tue, 17 June 2014 20:23 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45B311A006D for <gen-art@ietfa.amsl.com>; Tue, 17 Jun 2014 13:23:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 14ktHJ4-RxhZ for <gen-art@ietfa.amsl.com>; Tue, 17 Jun 2014 13:23:49 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B0631A0043 for <gen-art@ietf.org>; Tue, 17 Jun 2014 13:23:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1403036629; x=1434572629; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=hKasQLJguLCpGCdkm3tkRnM55XmmpsQ1W6qzDQAmYSE=; b=lAjqOOWGmVHrlaox0ftwh8Y6mMiZJZfvOcUY24gvPd8kyl55KZcpyTja JygNvAg4wtXJvXWn/E4LnWKPM4mqMjNWDa4VUrwyAyj1bV6LCQJLnnVlO YCKGoAuT+yZ6O0qkfO138PezmVzdqfvCN/4aJ4bR2mQvR8sVSIfcv8T1l 4=;
X-IronPort-AV: E=Sophos;i="5.01,496,1399982400"; d="scan'208";a="259096078"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.106 - Outgoing - Outgoing
Received: from uxchange10-fe2.uoa.auckland.ac.nz ([130.216.4.106]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 18 Jun 2014 08:23:47 +1200
Received: from UXCN10-TDC06.UoA.auckland.ac.nz ([169.254.11.9]) by uxchange10-fe2.UoA.auckland.ac.nz ([169.254.27.86]) with mapi id 14.03.0174.001; Wed, 18 Jun 2014 08:23:46 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "elwynd@dial.pipex.com" <elwynd@dial.pipex.com>, "gen-art@ietf.org" <gen-art@ietf.org>, "draft-ietf-tls-encrypt-then-mac.all@tools.ietf.org" <draft-ietf-tls-encrypt-then-mac.all@tools.ietf.org>
Thread-Topic: Gen-art LC review of draft-ietf-tls-encrypt-then-mac-02
Thread-Index: Ac+Kagn+BrXuFS5SROCs7mdlmRY2Rg==
Date: Tue, 17 Jun 2014 20:23:45 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C738DEC8474@uxcn10-tdc06.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/gen-art/POXUQLT6Xh8ws6_fckXE7GcTVJw
X-Mailman-Approved-At: Tue, 17 Jun 2014 13:36:25 -0700
Subject: Re: [Gen-art] Gen-art LC review of draft-ietf-tls-encrypt-then-mac-02
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jun 2014 20:23:51 -0000
Apologies for the slow reply, currently travelling with limited Internet access... >Header/Abstract/Intro: Doesn't this update RFC 6347 and either or both of RFC >6066 and RFC 5246 since it defines a new extension? It doesn't really update any other RFC, it does add a new extension but then the purpose of having generic extensions is that they don't require changing/updating anything else. >s3.1: [I am not a TLS expert so I may not have got this right...] If the >rehandshake proposes to use a cipher that doesn't need encrypt-then-mac as >per GenericStreamCiphers, or GenericAEADCiphers as mentioned in s3, then >presumably this is allowed whether encrypt-then-mac had or had not been >negotiated previously on the session. It should be clarified whether this is >allowed and, if it isn't, what the response should be. It shouldn't be allowed since it's falling back to a non-EtM form. It doesn't matter what the cipher form is (stream cipher or whatever), once you've agreed on EtM then you can't fall back to a non-EtM cipher (see the third line of the table in section 3.1). >s3: (very nitty nit) I think the MAC calculation piece would be clearer with >what it updates noted before the update. Thus: OK, fixed. >s3, next to last para: >> For DTLS, the record MUST be discarded and a fatal bad_record_mac MAY >> be generated [2]. >Shouldn't the reference here be [4] for DTLS? Oops, yep. Also fixed. >s3.1 (last para)/s7.1: Shouldn't the TLS_ext reference [3] be to the updated >RFC 6066? Ah, yes. Also fixed. Peter.
- [Gen-art] Gen-art LC review of draft-ietf-tls-enc… Elwyn Davies
- Re: [Gen-art] Gen-art LC review of draft-ietf-tls… Sean Turner
- Re: [Gen-art] Gen-art LC review of draft-ietf-tls… Elwyn Davies
- Re: [Gen-art] Gen-art LC review of draft-ietf-tls… Peter Gutmann
- Re: [Gen-art] Gen-art LC review of draft-ietf-tls… Elwyn Davies