Re: [quicwg/base-drafts] Don't allow use of AEAD_AES_128_CCM_8 (#2029)

MikkelFJ <> Thu, 22 November 2018 00:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 70A85130E72 for <>; Wed, 21 Nov 2018 16:50:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ZfERlgbdUXJM for <>; Wed, 21 Nov 2018 16:50:39 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D6E71130E6F for <>; Wed, 21 Nov 2018 16:50:37 -0800 (PST)
Date: Wed, 21 Nov 2018 16:50:37 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1542847837; bh=3YzALvq1MBRau4S8qKLLQ5lkS3G4aAYIjAkCkR8oLYo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=q/60WEnAzur34dQB8nnkHVj/5CoZSnxe0SqGUThM7o2SFHcqbwzx5cNeEX2L12Aur MqHhc9oGW0PmAxPdMwtnpeUpGU3IJ7ftV25gI6C6H/LL4+W4FHCzH0w53JS7S09juN mFrQM/+c9AlUhu3Y06VdmsyClIFcRRUE6eWBEQpQ=
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2029/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Don't allow use of AEAD_AES_128_CCM_8 (#2029)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf5fd5d2de78_58f13f8fe42d45c01210f3"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 22 Nov 2018 00:50:44 -0000

Is it still relevant to disallow this cipher now that padding up to sample length is required?

The argument for rejecting the cipher is: padding works against the idea of a short AEAD tag - better reject it now and come up with something better for short packets in future versions. Additional argument is simplicity and consistency of 16.

The argument for allowing the cipher is that that there is no reason for it to not work and it is odd to have one cipher that is not permitted.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: