Re: [TLS] Confirming Consensus on supporting only AEAD ciphers
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Fri, 28 March 2014 04:42 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FA571A07D4 for <tls@ietfa.amsl.com>; Thu, 27 Mar 2014 21:42:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.511
X-Spam-Level:
X-Spam-Status: No, score=-9.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GFD0fX-GN4o1 for <tls@ietfa.amsl.com>; Thu, 27 Mar 2014 21:42:03 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) by ietfa.amsl.com (Postfix) with ESMTP id 7D3D91A07D3 for <tls@ietf.org>; Thu, 27 Mar 2014 21:42:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=957; q=dns/txt; s=iport; t=1395981721; x=1397191321; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=WTI5rtELF22t44rCX28GCxWMDOvrbWVOxTJa1MtJrQw=; b=bi613RG8GqUfYkaTu6nHZL4yWCDtVmTqLB9tMJrp/JvaJ+9B7cVVkubm w8M5EtZiBeFHzvExuxSgQ5l3UNWKyFPWUxomMZ5dl0s8E9nG3svvtwSRF 1Ru4cXvFYKLHz1/U+BJYgs0eor452fS2oVHWGg+zt9s0I0c2Hw/y0JijK c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhoFAC79NFOtJV2Z/2dsb2JhbABZDoJ4O1e7MIc3gR0WdIIlAQEBAwEBAQE3NAsFCwIBCA4oECcLJQEBBA4Fh3EIDdFfEwSORzMHgySBFAEDmE2SNIJwP4Ir
X-IronPort-AV: E=Sophos;i="4.97,748,1389744000"; d="scan'208";a="31059122"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-4.cisco.com with ESMTP; 28 Mar 2014 04:42:01 +0000
Received: from xhc-rcd-x13.cisco.com (xhc-rcd-x13.cisco.com [173.37.183.87]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id s2S4g1pR004972 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 28 Mar 2014 04:42:01 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.247]) by xhc-rcd-x13.cisco.com ([173.37.183.87]) with mapi id 14.03.0123.003; Thu, 27 Mar 2014 23:42:01 -0500
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Thread-Topic: [TLS] Confirming Consensus on supporting only AEAD ciphers
Thread-Index: Ac9KNwUkqiIeFUDRHUase0LCUT6SLgAMvJEA
Date: Fri, 28 Mar 2014 04:42:00 +0000
Message-ID: <F8DB048B-24D0-4B97-85F0-39807B54EDDB@cisco.com>
References: <9A043F3CF02CD34C8E74AC1594475C7372394B6C@uxcn10-6.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C7372394B6C@uxcn10-6.UoA.auckland.ac.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.248.91]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A92E94773446AB4E9769304B72FBF626@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/5nDU-hydivxe4z-yCw_m5fiR8vo
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirming Consensus on supporting only AEAD ciphers
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2014 04:42:05 -0000
On Mar 27, 2014, at 8:37 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: > Russ Housley <housley@vigilsec.com> writes: > >> Please look at RFC 6476. In that document, Peter Gutmann uses traditional >> encryption and integrity functions to make an AEAD cipher. Does this >> decision allow or prohibit such ciphers? > > I had a similar question, the EtM draft uses the existing CBC as part of an > AEAD mechanism, in a manner that requires minimal changes and no > implementation of new cipher modes. Does that count as AEAD, or does it have > to be a combined cipher mode? > [Joe] I don't think it counts as an AEAD mechanism. It is not using the AEAD cipher type defined in RFC 5246. You could define EtM using CBC so that it fits the AEAD interface. > Peter. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Confirming Consensus on supporting only AEA… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Russ Housley
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Peter Gutmann
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Nikos Mavrogiannopoulos
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] Confirming Consensus on supporting only… Watson Ladd
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Fedor Brunner
- Re: [TLS] Confirming Consensus on supporting only… Peter Gutmann
- Re: [TLS] Confirming Consensus on supporting only… Watson Ladd
- Re: [TLS] Confirming Consensus on supporting only… Peter Bowen
- Re: [TLS] Confirming Consensus on supporting only… Michael D'Errico
- Re: [TLS] Confirming Consensus on supporting only… Martin Thomson
- Re: [TLS] Confirming Consensus on supporting only… Ralph Holz
- Re: [TLS] Confirming Consensus on supporting only… Michael D'Errico
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] Confirming Consensus on supporting only… Michael StJohns
- Re: [TLS] Confirming Consensus on supporting only… Martin Rex
- Re: [TLS] Confirming Consensus on supporting only… Michael StJohns
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Fedor Brunner
- [TLS] (offline note) Re: Confirming Consensus on … Rene Struik
- Re: [TLS] (offline note) Re: Confirming Consensus… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Michael StJohns
- Re: [TLS] (offline note) Re: Confirming Consensus… Martin Rex
- Re: [TLS] (offline note) Re: Confirming Consensus… Michael StJohns
- Re: [TLS] (offline note) Re: Confirming Consensus… Michael StJohns
- Re: [TLS] (offline note) Re: Confirming Consensus… Manuel Pégourié-Gonnard
- Re: [TLS] (offline note) Re: Confirming Consensus… Michael StJohns
- Re: [TLS] Confirming Consensus on supporting only… Manuel Pégourié-Gonnard
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Martin Thomson
- [TLS] [PATCH] Clean up removal of all non-AEAD mo… Daniel Kahn Gillmor
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Eric Rescorla
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Daniel Kahn Gillmor
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Eric Rescorla