Re: [TLS] Review of draft-kato-tls-rfc4132bis-00
KATO Akihiro <akato@po.ntts.co.jp> Thu, 06 March 2008 07:42 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: ietfarch-tls-archive@core3.amsl.com
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6B1F828C897; Wed, 5 Mar 2008 23:42:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.877
X-Spam-Level:
X-Spam-Status: No, score=-99.877 tagged_above=-999 required=5 tests=[AWL=0.560, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0qJyJkIa3USf; Wed, 5 Mar 2008 23:41:59 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5EBD128C833; Wed, 5 Mar 2008 23:41:56 -0800 (PST)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 857DB28C84E for <tls@core3.amsl.com>; Wed, 5 Mar 2008 23:41:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Ymc3mKV4Jsc for <tls@core3.amsl.com>; Wed, 5 Mar 2008 23:41:51 -0800 (PST)
Received: from mail2.ics.ntts.co.jp (mail2.ics.ntts.co.jp [202.32.24.42]) by core3.amsl.com (Postfix) with ESMTP id 37B3B28C872 for <tls@ietf.org>; Wed, 5 Mar 2008 23:41:42 -0800 (PST)
Received: from sadoku34.silk.ntts.co.jp (sadoku34 [10.7.18.34]) by mail2.ics.ntts.co.jp (8.13.8/NTTSOFT) with ESMTP id m267fTna011048; Thu, 6 Mar 2008 16:41:29 +0900 (JST)
Received: (from root@localhost) by sadoku34.silk.ntts.co.jp (8.13.8/NTTSOFT) id m267fTXM004509; Thu, 6 Mar 2008 16:41:29 +0900 (JST)
Received: from mail26.silk.ntts.co.jp [10.7.18.26] by sadoku34.silk.ntts.co.jp with SMTP id SAA04469; Thu, 6 Mar 2008 16:40:49 +0900
Received: from mail26.silk.ntts.co.jp (localhost [127.0.0.1]) by mail26.silk.ntts.co.jp (8.13.8/NTTSOFT) with ESMTP id m267enRb001405; Thu, 6 Mar 2008 16:40:49 +0900 (JST)
Received: from [127.0.0.1] (lepus.ms.ntts.co.jp [10.7.221.39]) by mail26.silk.ntts.co.jp (8.13.8/NTTSOFT) with ESMTP id m267ehC9001312; Thu, 6 Mar 2008 16:40:49 +0900 (JST)
Message-ID: <47CF9FF9.30406@po.ntts.co.jp>
Date: Thu, 06 Mar 2008 16:40:41 +0900
From: KATO Akihiro <akato@po.ntts.co.jp>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: Eric Rescorla <ekr@networkresonance.com>
References: <20080304175320.ED75A5081A@romeo.rtfm.com>
In-Reply-To: <20080304175320.ED75A5081A@romeo.rtfm.com>
Cc: tls@ietf.org
Subject: Re: [TLS] Review of draft-kato-tls-rfc4132bis-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
Eric,
Thank you for reviewing and comments.
On 2008/03/05 2:53, Eric Rescorla wrote:
> $Id: draft-kato-tls-rfc4132bis-00-rev.txt,v 1.1 2008/03/04 17:32:45 ekr Exp $
>
> It's not clear to me why this document isn't simply an updated
> cut-and-paste of RFC 4132 with additional ciphers. In particular,
> this draft contains a large number of grammatical errors which
> have already been ironed out of 4132.
Sure, quality of this version of our draft is low. I-D repository
version will get through more internal review.
> It's not clear to me that we really need the combinatoric
> explosion of all possible key exchange and signature
> algorithms with Camellia.
Cipher suites combined CTR mode will remove. But one-side of Cipher
suite combined SHA-384 or SHA-512 will remain.
>
> I think it's a bad idea to specify HMAC-SHA-1 for use with
> the SHA-1 cipher suites. Note that all the suites in
> TLS 1.2 use SHA-256
I found this description for PRF. I'm going to change MAC section as
following;
Indicator of
Cipher Suite MAC PRF
SHA HMAC-SHA-1 P_SHA-256
SHA256 HMAC-SHA-256 P_SHA-256
SHA384 HMAC-SHA-384 P_SHA-256
SHA512 HMAC-SHA-512 P_SHA-256
>
> Why do we need a mandatory to implement Camellia cipher
> suite? TLS is quite capable of negotiating this stuff.
"Mandatory Cipher Suite" section will remove.
>
>
> -Ekr
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>
--
- KATO Akihiro
+ NTT Software Corporation
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
- [TLS] Review of draft-kato-tls-rfc4132bis-00 Eric Rescorla
- Re: [TLS] Review of draft-kato-tls-rfc4132bis-00 KATO Akihiro