Re: [TLS] early IANA code point assignment request for draft-ietf-tls-ecdhe-psk-aead

Daniel Migault <> Tue, 08 November 2016 03:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 10613129482 for <>; Mon, 7 Nov 2016 19:16:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aZY5cp0B_N_V for <>; Mon, 7 Nov 2016 19:16:14 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4001:c0b::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8857412948F for <>; Mon, 7 Nov 2016 19:16:14 -0800 (PST)
Received: by with SMTP id u205so176192080itc.0 for <>; Mon, 07 Nov 2016 19:16:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=JbRUWzCy+k1/3RZKTHbd52gvaIRvt1Zo4ZjJw+1RRsE=; b=MEQ67R1XTS0LQmioI6/UfUsKBeLJTThYmahKF58SaDdcNrDb1Zpc9QX1ULd9vDeHcb irYuj9ZEuQd/qVBcTPwf6Bj+NrOBtDyp91Fg1KTTQhSzmF2tBAOa5xqxy5GfYJOm71NJ ZLkQrnNvSO6khMuPxGX4PcStkMj/kIoHBFxQSEj4Vp2XyHbDOSLhf/TjGQ7gGkn6BNSq wzdXZVYLsDvIsDhn2ksdYArgLMNnMioo2viIbJ7CWdKV7UX1m76EOkrc4zEw5BYv+74F YxX90KVGo/C8eVzaUWoAyFCAYcgaaPcjfpw19x6IEEYApFNVTfqmLsZngJzJsEm6RQ99 8xfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=JbRUWzCy+k1/3RZKTHbd52gvaIRvt1Zo4ZjJw+1RRsE=; b=k1KIoJnhYCGP4gyEfPuTdRR1d60bfpdoH3kXppe/WQUE+qPy80DLlwJypaiug3L1Qo 0Mt7uYco5lu6kuUiClR3alf3Tu0WkZkm/EMHcaumlhQxu67owpyynwRt+JySBD8HDUDE U63shSwyYQQyrlZk02yJiFSQRccGagvlW1kLvQadkIIXdaCWi9N2aaZHo0gEOIiSqWLZ /UKKuFNUPdo6mZp301WWCU7DglSatSjfhNhKRBkP/p+Hd76Arp9FknQcZBsbLk/o+n7M hYzOy/+tGQDBxSkfV58Ml4jStcuUzevewZEpnMDMkchmLEOx6/iG+wrRIHADfMKlKi41 F2rA==
X-Gm-Message-State: ABUngvdtP/d8IlKGbXtdC0inkl0kHnlPXjuz+gjOdoeT/0qNiXF2Jiqxh9V6j58GDy5V1GBbhcqhukLkWnMlOA==
X-Received: by with SMTP id c186mr10504837iof.35.1478574973949; Mon, 07 Nov 2016 19:16:13 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Mon, 7 Nov 2016 19:16:13 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <>
From: Daniel Migault <>
Date: Mon, 7 Nov 2016 22:16:13 -0500
X-Google-Sender-Auth: Glg5ZmPi1T7V8vf2ye7_qKPHB7Q
Message-ID: <>
To: Ilari Liusvaara <>
Content-Type: multipart/alternative; boundary=001a1148483018b4fe0540c190c2
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] early IANA code point assignment request for draft-ietf-tls-ecdhe-psk-aead
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 08 Nov 2016 03:16:16 -0000


The current draft is only considering TLS1.2. TLS1.3 is only mentioned for
advocating AEAD.

Do you think we should add text that details how to proceed with TLS1.3 ?
If so what do you think of the following text ?

Comments are welcome!


   The assigned code points are only expected to be used for TLS1.2.
   TLS1.3 does not follow the same name convention.  Instead TLS1.3
   cipher suites are designated according to the AEAD suite as well as
   the hash function used.  The current combination of AEAD algorithms
   and Hash fucntion are already defined in TLS.1.3 so there is no need
   to add additional cipher suites for TLS1.3.

   Instead, in order to used the following ECDHE_PSK authentication
   method.  TLS1.3 uses a combination of the "key_share" and
   "psk_key_exchange_modes" extentions. "psk_key_exchange_modes"
   extension sets its mode to psk_dhe_ke.  The "key_share" extention
   contains a KeyShareEntry structure that carries the ECDHE parameters.

On Tue, Oct 18, 2016 at 12:31 PM, Ilari Liusvaara <>

> On Tue, Oct 18, 2016 at 04:22:59PM +0000, Xiaoyin Liu wrote:
> > Why does this draft normatively depend on TLS 1.3, even if the
> > cipher suites defined in this draft use the old syntax, which
> > TLS 1.3 no longer uses?
> I don't see any reason why it would normatively depend.
> If it claims to be so, IMO that is a mistake and such reference should
> be dropped (TLS 1.3 won't be able to use these anyway), or made in-
> formative, in case the text wants to make a passing reference to TLS
> 1.3.
> -Ilari
> _______________________________________________
> TLS mailing list