IETF Logo Mail Archive

[saag] TLS working group report

"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Thu, 07 November 2013 19:18 UTC

Return-Path: <jsalowey@cisco.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87D7811E828A for <saag@ietfa.amsl.com>; Thu, 7 Nov 2013 11:18:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.562
X-Spam-Level:
X-Spam-Status: No, score=-110.562 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1LsWKAuTRhst for <saag@ietfa.amsl.com>; Thu, 7 Nov 2013 11:18:18 -0800 (PST)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 3BEF811E8285 for <saag@ietf.org>; Thu, 7 Nov 2013 11:18:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=885; q=dns/txt; s=iport; t=1383851890; x=1385061490; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=7LxXGVGzDVDDMqJynAdb08HAxrluJKLZNv9/NejEO1o=; b=B+nlXo/EOOgkKUGkMqQPvLHK787D77weuHKET4sxS1Xwymy5yyzy8zjl VB7aGr1wI8zKHHvHmLbp5dOfdRnw4nKla1EVcpCqHYCFlijislxl+nTsk fZ0je9OlTRJRRao7tNhVBkYKg9ZvAUXMtfSEQ3XyvOAVQJaelW1W5VEpC 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AsEGAD7ne1KtJXHA/2dsb2JhbABagweBC8A0Fm0Hgiw6UQE+QicEiBSbE6FakwCBEAOYDJIKgyaCKg
X-IronPort-AV: E=Sophos;i="4.93,653,1378857600"; d="scan'208";a="282100781"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by rcdn-iport-5.cisco.com with ESMTP; 07 Nov 2013 19:18:09 +0000
Received: from xhc-rcd-x10.cisco.com (xhc-rcd-x10.cisco.com [173.37.183.84]) by rcdn-core2-5.cisco.com (8.14.5/8.14.5) with ESMTP id rA7JI8eM013871 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <saag@ietf.org>; Thu, 7 Nov 2013 19:18:08 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.122]) by xhc-rcd-x10.cisco.com ([173.37.183.84]) with mapi id 14.03.0123.003; Thu, 7 Nov 2013 13:18:08 -0600
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "saag@ietf.org" <saag@ietf.org>
Thread-Topic: TLS working group report
Thread-Index: AQHO2+4XDFhnY8UyBkSymdkCw0ZBNQ==
Date: Thu, 07 Nov 2013 19:18:07 +0000
Message-ID: <1F3F70CE-4994-4AB2-A21A-5F2A51EF65B4@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.85.165.166]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <E49DCB06B7639842BD71B75740FB640E@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [saag] TLS working group report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 19:18:24 -0000

TLS met on Tuesday Afternoon.  The raw public key draft has completed IETF last call.   The cached info draft will be reviewed by the DICE working group.  The ALPN draft is under discussion due to issues with some servers dropping clientHellos of particular sizes.  TLS-PWD will be heading to working group last call.   The room voiced support for adopting the TLS BCP draft, but a new revision will be necessary before working group adoption.   We discussed several approaches to migrate to encrypt then mac for CBC mode, more discussion on the list is necessary to determine the approach.  We had a presentation on ChaCha20 based cipher suites and there was general support for it in the room.  We discussed different protocol flows to reduce the round trips for the TLS 1.3 handshake and to initiate encryption earlier in the TLS 1.3 handshake.

v2.23.0 | Report a Bug | By Email