Re: [TLS] Review of draft-kato-tls-rfc4132bis-00
KATO Akihiro <akato@po.ntts.co.jp> Thu, 06 March 2008 07:42 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: ietfarch-tls-archive@core3.amsl.com
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6B1F828C897; Wed, 5 Mar 2008 23:42:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.877
X-Spam-Level:
X-Spam-Status: No, score=-99.877 tagged_above=-999 required=5 tests=[AWL=0.560, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0qJyJkIa3USf; Wed, 5 Mar 2008 23:41:59 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5EBD128C833; Wed, 5 Mar 2008 23:41:56 -0800 (PST)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 857DB28C84E for <tls@core3.amsl.com>; Wed, 5 Mar 2008 23:41:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Ymc3mKV4Jsc for <tls@core3.amsl.com>; Wed, 5 Mar 2008 23:41:51 -0800 (PST)
Received: from mail2.ics.ntts.co.jp (mail2.ics.ntts.co.jp [202.32.24.42]) by core3.amsl.com (Postfix) with ESMTP id 37B3B28C872 for <tls@ietf.org>; Wed, 5 Mar 2008 23:41:42 -0800 (PST)
Received: from sadoku34.silk.ntts.co.jp (sadoku34 [10.7.18.34]) by mail2.ics.ntts.co.jp (8.13.8/NTTSOFT) with ESMTP id m267fTna011048; Thu, 6 Mar 2008 16:41:29 +0900 (JST)
Received: (from root@localhost) by sadoku34.silk.ntts.co.jp (8.13.8/NTTSOFT) id m267fTXM004509; Thu, 6 Mar 2008 16:41:29 +0900 (JST)
Received: from mail26.silk.ntts.co.jp [10.7.18.26] by sadoku34.silk.ntts.co.jp with SMTP id SAA04469; Thu, 6 Mar 2008 16:40:49 +0900
Received: from mail26.silk.ntts.co.jp (localhost [127.0.0.1]) by mail26.silk.ntts.co.jp (8.13.8/NTTSOFT) with ESMTP id m267enRb001405; Thu, 6 Mar 2008 16:40:49 +0900 (JST)
Received: from [127.0.0.1] (lepus.ms.ntts.co.jp [10.7.221.39]) by mail26.silk.ntts.co.jp (8.13.8/NTTSOFT) with ESMTP id m267ehC9001312; Thu, 6 Mar 2008 16:40:49 +0900 (JST)
Message-ID: <47CF9FF9.30406@po.ntts.co.jp>
Date: Thu, 06 Mar 2008 16:40:41 +0900
From: KATO Akihiro <akato@po.ntts.co.jp>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: Eric Rescorla <ekr@networkresonance.com>
References: <20080304175320.ED75A5081A@romeo.rtfm.com>
In-Reply-To: <20080304175320.ED75A5081A@romeo.rtfm.com>
Cc: tls@ietf.org
Subject: Re: [TLS] Review of draft-kato-tls-rfc4132bis-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
Eric, Thank you for reviewing and comments. On 2008/03/05 2:53, Eric Rescorla wrote: > $Id: draft-kato-tls-rfc4132bis-00-rev.txt,v 1.1 2008/03/04 17:32:45 ekr Exp $ > > It's not clear to me why this document isn't simply an updated > cut-and-paste of RFC 4132 with additional ciphers. In particular, > this draft contains a large number of grammatical errors which > have already been ironed out of 4132. Sure, quality of this version of our draft is low. I-D repository version will get through more internal review. > It's not clear to me that we really need the combinatoric > explosion of all possible key exchange and signature > algorithms with Camellia. Cipher suites combined CTR mode will remove. But one-side of Cipher suite combined SHA-384 or SHA-512 will remain. > > I think it's a bad idea to specify HMAC-SHA-1 for use with > the SHA-1 cipher suites. Note that all the suites in > TLS 1.2 use SHA-256 I found this description for PRF. I'm going to change MAC section as following; Indicator of Cipher Suite MAC PRF SHA HMAC-SHA-1 P_SHA-256 SHA256 HMAC-SHA-256 P_SHA-256 SHA384 HMAC-SHA-384 P_SHA-256 SHA512 HMAC-SHA-512 P_SHA-256 > > Why do we need a mandatory to implement Camellia cipher > suite? TLS is quite capable of negotiating this stuff. "Mandatory Cipher Suite" section will remove. > > > -Ekr > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > -- - KATO Akihiro + NTT Software Corporation _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Review of draft-kato-tls-rfc4132bis-00 Eric Rescorla
- Re: [TLS] Review of draft-kato-tls-rfc4132bis-00 KATO Akihiro