Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
Dr Stephen Henson <lists@drh-consultancy.co.uk> Sun, 22 September 2013 18:34 UTC
Return-Path: <lists@drh-consultancy.co.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A19621F9C8E for <tls@ietfa.amsl.com>; Sun, 22 Sep 2013 11:34:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2BCgajLqOFh0 for <tls@ietfa.amsl.com>; Sun, 22 Sep 2013 11:34:46 -0700 (PDT)
Received: from claranet-outbound-smtp01.uk.clara.net (claranet-outbound-smtp01.uk.clara.net [195.8.89.34]) by ietfa.amsl.com (Postfix) with ESMTP id C215821F9C55 for <tls@ietf.org>; Sun, 22 Sep 2013 11:34:46 -0700 (PDT)
Received: from dab-bas1-h-18-10.dab.02.net ([82.132.215.183]:29915 helo=[10.133.31.245]) by relay01.mail.eu.clara.net (relay.clara.net [213.253.3.41]:10465) with esmtpa (authdaemon_plain:drh) id 1VNoUQ-0004s0-4d for tls@ietf.org (return-path <lists@drh-consultancy.co.uk>); Sun, 22 Sep 2013 18:34:38 +0000
Message-ID: <523F383A.20803@drh-consultancy.co.uk>
Date: Sun, 22 Sep 2013 19:34:34 +0100
From: Dr Stephen Henson <lists@drh-consultancy.co.uk>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: tls@ietf.org
References: <CABcZeBN+0hX1-cb0V4AyaO3FrwaGrtjbRO3BGOV0KBSjRkNwkw@mail.gmail.com> <523c738f.0733cc0a.41a0.3096@mx.google.com>
In-Reply-To: <523c738f.0733cc0a.41a0.3096@mx.google.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Sep 2013 18:34:51 -0000
On 20/09/2013 17:10, Christian Kahlo wrote: > > Even some other standards bodies like ISO, CEN, BSI, etc. agreed on CBC-modes > > (with or without EtM) as a lowest common factor with TLS. > > So CBC WILL(!) exist regardless what you're specifying here. ;-) > > There also at least implementations in our Federal project, OpenSSL, Bouncy > > Castle and as I heard CyaSSL, too. > This has some interesting parallels with FIPS 140-2. Currently the only approved symmetric algorithms for FIPS 140-2 and TLS are AES-GCM, AES-CBC and DES3-CBC. If you can't deploy TLS 1.2 you're then stuck with CBC. Getting new algorithms approved by a standards body wont happen overnight and might not happen at all. Algorithms tests and implementation guidance, discussion periods etc will be needed all of which takes time. On top of that adding new algorithms to an existing module requires retesting, typically on every platform affected. That is expensive and laborious but wont dent larger corporations budgets much. What will hurt more is that getting a new validation done might take 9 months to a year after submission (more in some cases) to get final approval. What that means in practice is that when ciphersuites using new algorithms are approved for TLS expect a delay of 1-2 years before they can be deployed with FIPS 140-2 and they may not even get approved at all. By contrast Peter's ETM spec, as it doesn't need any new algorithms, could be deployed as soon as it is approved. I'm not saying that we don't approve new algorithms and ciphers suites. I'm saying we need ETM as well. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.co.uk/ Email: shenson@drh-consultancy.co.uk, PGP key: via homepage.
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- [TLS] Comments/Questions on draft-gutmann-tls-enc… Eric Rescorla
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Christian Kahlo
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Dr Stephen Henson
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bill Frantz
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Nikos Mavrogiannopoulos
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Nikos Mavrogiannopoulos
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Christian Kahlo
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Nikos Mavrogiannopoulos
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Christian Kahlo
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Eric Rescorla
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Alfredo Pironti
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Ralph Holz
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Adam Langley
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Michael D'Errico
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Yaron Sheffer
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Michael D'Errico
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Yaron Sheffer
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Mohamad Badra
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Michael D'Errico
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Paul Bakker
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Paul Bakker
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Alfredo Pironti
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Paul Bakker
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Yoav Nir