[TLS] tls with DSA and ECDSA

Nikos Mavrogiannopoulos <nmav@gnutls.org> Fri, 03 June 2011 07:27 UTC

Return-Path: <n.mavrogiannopoulos@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5C5A8E0665 for <tls@ietfa.amsl.com>; Fri, 3 Jun 2011 00:27:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id bzo39i2BYwXC for <tls@ietfa.amsl.com>; Fri, 3 Jun 2011 00:27:13 -0700 (PDT)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com []) by ietfa.amsl.com (Postfix) with ESMTP id 82ED3E0662 for <tls@ietf.org>; Fri, 3 Jun 2011 00:27:13 -0700 (PDT)
Received: by wwa36 with SMTP id 36so926929wwa.13 for <tls@ietf.org>; Fri, 03 Jun 2011 00:27:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:message-id:date:from:user-agent :mime-version:to:subject:x-enigmail-version:openpgp:content-type :content-transfer-encoding; bh=/ydD7VEKrCLN5wsR7LSjgVPhsT4FmAkK1BV9ApHkdho=; b=tWW7aEls9BYcO0Q3Btb7mZ65XreDdBeMknWMIkNgkquCRHUAnfKfvnfKbe97ARPQM8 VlKghxtuCBJPJiUfxzQ34/phEbjjDaa2JvZz2SDBKRkpWSQlAoZzn/lJw2J6VvtLk2o8 u5SHdWd0XEgCKx8LRQ5bm/vw91ZlyH0YWkiUQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=fyuKipzp64Fp1IhB8SWqi1KhgizIZQwSWtlosrWDyq9+nU0JJ3h/Dj16mNCl7M0Eie qjELgvlRpc7nF090JflZlISLyHMZsz1YcFWE17UCv44JZ3v1fMzDi++W0EMONiHUaoU0 Ed6QYjXXU/fcYegTNHMqEkhsMI4wKgNB/8QDU=
Received: by with SMTP id z50mr1486051wes.60.1307086032485; Fri, 03 Jun 2011 00:27:12 -0700 (PDT)
Received: from [] (94-225-167-75.access.telenet.be []) by mx.google.com with ESMTPS id w10sm667370weq.27.2011. (version=SSLv3 cipher=OTHER); Fri, 03 Jun 2011 00:27:11 -0700 (PDT)
Sender: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Message-ID: <4DE88CCD.5010303@gnutls.org>
Date: Fri, 03 Jun 2011 09:27:09 +0200
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110424 Thunderbird/3.1.10
MIME-Version: 1.0
To: "tls@ietf.org" <tls@ietf.org>
X-Enigmail-Version: 1.1.2
OpenPGP: id=96865171
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [TLS] tls with DSA and ECDSA
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jun 2011 07:27:14 -0000

 I've submitted:

The purpose is to define choices for the hash algorithm to be used for
the TLS handshake and eventually make the hash algorithm selection for
the DSS signature standard deterministic. That is because DSS as a
standard allows the usage of any SHAx hash function truncated or not.

For example given 256-bit curve, I could use SHA-256, or SHA-384
truncated to 256 bits, or SHA-512 truncated to 256 bits, to sign. This
document tries to restrict the choices to promote interoperability.

This is in line with rfc5480 that does the same thing for PKIX ECDSA