IETF Logo Mail Archive

Re: [TLS] working group discussion of draft-mcgrew-tls-aes-ccm-01

Don Sturek <d.sturek@att.net> Fri, 05 August 2011 16:42 UTC

Return-Path: <d.sturek@att.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 769F521F8C45 for <tls@ietfa.amsl.com>; Fri, 5 Aug 2011 09:42:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.003
X-Spam-Level:
X-Spam-Status: No, score=-2.003 tagged_above=-999 required=5 tests=[AWL=0.596, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oL9LHo3K3N5F for <tls@ietfa.amsl.com>; Fri, 5 Aug 2011 09:42:33 -0700 (PDT)
Received: from nm8.access.bullet.mail.sp2.yahoo.com (nm8.access.bullet.mail.sp2.yahoo.com [98.139.44.135]) by ietfa.amsl.com (Postfix) with SMTP id E17A621F8C44 for <tls@ietf.org>; Fri, 5 Aug 2011 09:42:33 -0700 (PDT)
Received: from [98.139.44.98] by nm8.access.bullet.mail.sp2.yahoo.com with NNFMP; 05 Aug 2011 16:42:48 -0000
Received: from [98.139.44.84] by tm3.access.bullet.mail.sp2.yahoo.com with NNFMP; 05 Aug 2011 16:42:48 -0000
Received: from [127.0.0.1] by omp1021.access.mail.sp2.yahoo.com with NNFMP; 05 Aug 2011 16:42:48 -0000
X-Yahoo-Newman-Id: 765056.60771.bm@omp1021.access.mail.sp2.yahoo.com
Received: (qmail 13151 invoked from network); 5 Aug 2011 16:42:47 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1312562567; bh=f/wsmtePo34LvHrhWVmBhq7TC4ZOsfJrb5caKdz2aws=; h=X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:User-Agent:Date:Subject:From:To:CC:Message-ID:Thread-Topic:In-Reply-To:Mime-version:Content-type:Content-transfer-encoding; b=E7XNpoLAymbbHoUBrsNNn5CVduvhY/PEQlLR2+vQa44PRrmQ/6LJNNvIhR76/epy9+NaJtWI1YT47licEbILOfZSgnonxUx/S3kOmRKZeEFpFMxTyY8FUJb4258NkK1yY7Agt3bY4JhqjYdMHDaLsO578LQQcRkKCVaYYstHGZg=
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 7357NzgVM1mvNxHjJbWNcd3vxYUigEQy_SXZTsmW2jXHFe4 zs9GJILy9PN7B45Tkrp6fdF1NUyI2Mzb3BI166Z_6YV1BaVKlJut4GdQM3g_ WmFooFWFsfHMBaf4pelcI1pNp_cixvVMciLIvKBmfywuX.P1_dvZbNtIcbmc 26McNub3Vtp4GLheIBYJm3Oj9RJ1v7mtb6AFQ..KpDsBL3DM7spufK._OSDu 7raZOEVEvIKcHBysPcQXFDSiQZXSDMpOxPNGwBmFPEDHuvyLZag_6.tLoO6L JcYwr6Cr0eA9yxSturY4BsPxfchWYNs192kg5yuUHkldMskG.UitH6JfT75p VAJhfLvyazABUskdAPZUJnSqqxHBzl5xdFyzPFNYnPjVDivZkg6DBLp9vw2B UIn8-
X-Yahoo-SMTP: fvjol_aswBAraSJvMLe2r1XTzhBhbFxY8q8c3jo-
Received: from [10.1.1.103] (d.sturek@174.78.56.227 with login) by smtp102.sbc.mail.gq1.yahoo.com with SMTP; 05 Aug 2011 09:42:46 -0700 PDT
User-Agent: Microsoft-MacOutlook/14.12.0.110505
Date: Fri, 05 Aug 2011 09:42:42 -0700
From: Don Sturek <d.sturek@att.net>
To: Rene Struik <rstruik.ext@gmail.com>, Joe Salowey <jsalowey@cisco.com>
Message-ID: <CA616B48.9A06%d.sturek@att.net>
Thread-Topic: [TLS] working group discussion of draft-mcgrew-tls-aes-ccm-01
In-Reply-To: <4E3C1C06.1040801@gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] working group discussion of draft-mcgrew-tls-aes-ccm-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 16:42:34 -0000

Hi Rene,

Can you elaborate on the issue around this topic "If so,
this suggests one has to segregate key management for the MAC (if using
802.15.4) and for higher layers, including the management of counters
used with the CCM mode of operation."?

On the surface, segregating key management for the MAC from the higher
layers seems like the *right* thing to do!

Don




On 8/5/11 9:36 AM, "Rene Struik" <rstruik.ext@gmail.com> wrote:

>Dear colleagues:
>
>It would help if one could elaborate somewhat more on some of the
>implicit design decisions underlying those internet drafts.
>
>Example:
>The nonce construction with the CCM mode in the drafts seems to be
>incompatible with that suggested with 802.15.4-2006 (as mentioned in the
>introduction and, presumably, to be used with ZigBee SE2.0).  If so,
>this suggests one has to segregate key management for the MAC (if using
>802.15.4) and for higher layers, including the management of counters
>used with the CCM mode of operation.
>
>Best regards, Rene
>
>On 05/08/2011 11:47 AM, Joe Salowey wrote:
>> Where we left this was there was some, but not overwhelming support to
>>bring it into the working group.  It was left to the authors on which
>>path to take, through the working group process or as an individual
>>submission.   If you go through the working group it is more likely
>>there will be changes than if you go the individual submission route.
>>Matthew also raised the question of standards track vs information for
>>ECC cipher suites.   For ECC, I still believe that informational will be
>>the most expedient.
>>
>> Joe
>> On Aug 5, 2011, at 7:45 AM, Robert Cragie wrote:
>>
>>> I would like to poke the coals on this one again too.
>>>
>>> There was a presentation at IETF80 regarding two drafts originating
>>>from David McGrew (draft-mcgrew-tls-aes-ccm-01 and
>>>draft-mcgrew-tls-aes-ccm-ecc-01) given by Matthew Campagna and IIRC
>>>there were no significant objections to this moving forward. However
>>>there was no particular support from the WG chairs for doing this
>>>through the WG. In the meantime, a number of vendors have been using
>>>these drafts and testing the TLS_PSK_WITH_AES_128_CCM_8 and
>>>TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 in both PANA/EAP-TLS and TLS forms
>>>successfully.
>>>
>>> Therefore I would like to get an clear view as to the way to move this
>>>forward - either through the WG or as individual submissions.
>>>
>>> Thanks
>>>
>>> Robert
>>>
>>> On 01/08/2011 10:13 PM, Thomas Herbst wrote:
>>>> Not sure where this fits into the wg chair's extensions triaging, but
>>>>was hoping for an update on draft-mcgrew-tls-aes-ccm-01 last week.
>>>>
>>>> In Zigbee we'd specified ccm as most of the 802.15.4 chips have
>>>>hardware support.
>>>>
>>>> tom
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> TLS mailing list
>>>>
>>>> TLS@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/tls
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>
>
>-- 
>email: rstruik.ext@gmail.com
>Skype: rstruik
>cell: +1 (647) 867-5658
>USA Google voice: +1 (415) 690-7363
>
>_______________________________________________
>TLS mailing list
>TLS@ietf.org
>https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email