[TLS] RFC 4346 - TLS 1.2
Bob Relyea <rrelyea@redhat.com> Tue, 02 May 2006 18:30 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FazdM-00083f-8c; Tue, 02 May 2006 14:30:04 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FazdK-00083Y-HF for tls@ietf.org; Tue, 02 May 2006 14:30:02 -0400
Received: from mx1.redhat.com ([66.187.233.31]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FazdJ-0000E0-Ad for tls@ietf.org; Tue, 02 May 2006 14:30:02 -0400
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k42IU1UK018214 for <tls@ietf.org>; Tue, 2 May 2006 14:30:01 -0400
Received: from potter.sfbay.redhat.com (potter.sfbay.redhat.com [172.16.27.15]) by int-mx1.corp.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k42IU0Wf023488 for <tls@ietf.org>; Tue, 2 May 2006 14:30:00 -0400
Received: from [172.16.24.13] (relyea.sfbay.redhat.com [172.16.24.13]) by potter.sfbay.redhat.com (8.12.8/8.12.8) with ESMTP id k42ITxpl014375 for <tls@ietf.org>; Tue, 2 May 2006 14:29:59 -0400
Message-ID: <4457A4DE.9060209@redhat.com>
Date: Tue, 02 May 2006 11:28:46 -0700
From: Bob Relyea <rrelyea@redhat.com>
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: tls@ietf.org
X-Spam-Score: 0.4 (/)
X-Scan-Signature: a8a20a483a84f747e56475e290ee868e
Cc:
Subject: [TLS] RFC 4346 - TLS 1.2
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0417261836=="
Errors-To: tls-bounces@lists.ietf.org
The TLS 1.2 spec attempts to define more flexibility in the choice of hashing, and does fix a number of problems in 1.1 when wanting to use hash functions other than SHA-1 and MD5, however there appears to be wording left over from the 1.1 spec that seems to contradict this goal. Shouldn't this wording be removed or changes, or was it left in intentionally: Section 5 ... second paragraph: HMAC can be used with a variety of different hash algorithms. TLS uses it in the handshake with two different algorithms: MD5 and SHA-1, denoting these as HMAC_MD5(secret, data) and HMAC_SHA(secret, data). Additional hash algorithms can be defined by cipher suites and used to protect record data, but MD5 and SHA-1 are hard coded into the description of the handshaking for this version of the protocol. Shouldn't the 'hard coded' wording be removed, or does TLS 1.2 initially expect to continue to use MD5 and SHA-1 for the handshaking? Thanks, bob
_______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] RFC 4346 - TLS 1.2 Bob Relyea
- Re: [TLS] RFC 4346 - TLS 1.2 Eric Rescorla