IETF Logo Mail Archive

Re: [TLS] 4492 ECDH_anon

Dave Garrett <davemgarrett@gmail.com> Wed, 22 July 2015 17:07 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1C421A8BAF for <tls@ietfa.amsl.com>; Wed, 22 Jul 2015 10:07:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ba7I0JtKdiZ for <tls@ietfa.amsl.com>; Wed, 22 Jul 2015 10:07:13 -0700 (PDT)
Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com [IPv6:2607:f8b0:400d:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 074D11A0110 for <tls@ietf.org>; Wed, 22 Jul 2015 10:07:13 -0700 (PDT)
Received: by qkfc129 with SMTP id c129so114507718qkf.1 for <tls@ietf.org>; Wed, 22 Jul 2015 10:07:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=TG1bQIZDcfNpjZ9X6u/6f55H38wWDZaIiKyl2j+cnBU=; b=GnLdVEZNEUIsJPcsue5fiOuZxtwq4ofhIj/6DErNbrY6EfRCLYwbqeKWKkjXJUuJqO Oknw+7vmLjGAagx5uxaoz2mBCi9Nx3Y7EmJU9QbHdLMgSyUkw0DuZ6H0hC6w82FpE7Nm 12LvwR4eIXG6EdN9KJH/CZn2Cq2DXioWpTuUQU/30fozwTnj5glK88ld1/EZyyo9FslX kZlMT/P03HadspDZld06e0rUIIH4HP/E5/ukfWT01bW0aGv6uAkIsWLVDPj4QFIfyOWS XlEBkoQbyYK7uy7/toGoz+SdO4t0Ockj4B63wVXiAkHko7+WjRVTn0BdRn1jkNosHs72 XH+A==
X-Received: by 10.55.25.131 with SMTP id 3mr5372045qkz.85.1437584832358; Wed, 22 Jul 2015 10:07:12 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by smtp.gmail.com with ESMTPSA id g81sm984302qhc.8.2015.07.22.10.07.11 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 22 Jul 2015 10:07:11 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org, Yoav Nir <ynir.ietf@gmail.com>
Date: Wed, 22 Jul 2015 13:07:09 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <CABkgnnV3b76rr=v2GVkcrFdJGomb_Yg91zU7yZLOXp5-onfLRA@mail.gmail.com> <E3B69C38-A84C-447C-BD0B-35CE69504854@gmail.com> <CABkgnnXEVw1X=uN1kzbVUZRSOZZ+Ow19czgM+fY+tSbLiDuSAQ@mail.gmail.com>
In-Reply-To: <CABkgnnXEVw1X=uN1kzbVUZRSOZZ+Ow19czgM+fY+tSbLiDuSAQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201507221307.10279.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/1-KQmRTG64xDcKBZZUXG-8b3PJk>
Subject: Re: [TLS] 4492 ECDH_anon
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 17:07:14 -0000

On Wednesday, July 22, 2015 07:36:50 am Martin Thomson wrote:
> On 22 July 2015 at 02:29, Yoav Nir <ynir.ietf@gmail.com> wrote:
> > PR at https://github.com/tlswg/rfc4492bis/blob/master/draft-ietf-tls-rfc4492bis.xml ?
> 
> https://github.com/tlswg/rfc4492bis/pull/6

Could the cipher suite names be officially changed to add the 'E' to them? It'd make things simpler to be consistent.

e.g.

TLS_ECDH_anon_WITH_AES_128_CBC_SHA => TLS_ECDHE_anon_WITH_AES_128_CBC_SHA

Anon is ephemeral by nature, but putting the 'E' in there matches existing notation better. TLS 1.3 will be deprecating all ECDH in favor of ECDHE, so it would be nice to not have to always stick in side notes that ECDH_anon==ECDHE_anon.


Dave

v2.23.0 | Report a Bug | By Email