Re: [quicwg/base-drafts] Don't allow use of AEAD_AES_128_CCM_8 (#2029)

Martin Thomson <notifications@github.com> Thu, 22 November 2018 00:56 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 767CA130DDF for <quic-issues@ietfa.amsl.com>; Wed, 21 Nov 2018 16:56:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5OWx5doz2pV4 for <quic-issues@ietfa.amsl.com>; Wed, 21 Nov 2018 16:56:19 -0800 (PST)
Received: from out-2.smtp.github.com (out-2.smtp.github.com [192.30.252.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12233130DD4 for <quic-issues@ietf.org>; Wed, 21 Nov 2018 16:56:19 -0800 (PST)
Date: Wed, 21 Nov 2018 16:56:18 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1542848178; bh=XA3CaI0bOXJc3U1NoCBm9rGvP1MZbmDhSslBapJzutw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=hT5sqRxbSejjgoqNnDPejASKpDBo2lEbP4F9/4IBbrL9IcOAvreao0QsL5sbNLoQN GgvW5zKiCCSrzN/9v30bY0THrMNEQshTej5chTGFSd+MX5Fj/TCNbLC4j+MVWvWc7R NvLQUfy6PRHk+11kjxxml5kbK+cmpiJUh6nrU4so=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abd38751ae3ef31f6fe486b4c31fa71f6ea6c2dc3f92cf00000001180dc0b292a169ce16d3575c@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2029/c440871967@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2029@github.com>
References: <quicwg/base-drafts/pull/2029@github.com>
Subject: Re: [quicwg/base-drafts] Don't allow use of AEAD_AES_128_CCM_8 (#2029)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf5feb22ffe9_26863fe2728d45c06271c"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/HB73GhISV7q6iNR6PilKhM5QnXI>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Nov 2018 00:56:21 -0000

The argument for rejecting it is that it isn't strong enough.  The padding thing is merely consequential.

(I say this knowing that in other, similar contexts, certain entities happily negotiate 32-bit authentication tags...  But we're trying very hard to eradicate that.)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2029#issuecomment-440871967