IETF Logo Mail Archive

Re: [TLS] Consensus call for keys used in handshake and data messages

Björn Tackmann <btackmann@eng.ucsd.edu> Tue, 14 June 2016 20:45 UTC

Return-Path: <btackmann@eng.ucsd.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FAD212D9A8 for <tls@ietfa.amsl.com>; Tue, 14 Jun 2016 13:45:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eng.ucsd.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4GYD3I7vXMYk for <tls@ietfa.amsl.com>; Tue, 14 Jun 2016 13:45:21 -0700 (PDT)
Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4002C12D8D0 for <tls@ietf.org>; Tue, 14 Jun 2016 13:45:21 -0700 (PDT)
Received: by mail-wm0-x22e.google.com with SMTP id n184so137828951wmn.1 for <tls@ietf.org>; Tue, 14 Jun 2016 13:45:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eng.ucsd.edu; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :references:in-reply-to:to; bh=G2qRiLGht/KeyE/BJBM60VPFi3fQY3WMfmOacmWQ9MA=; b=aU98wsE8dqF+L4440+4tdtisf4GA44oP7GqfcZxbGy64lJBQVpekIU0KxlnVAY4lcQ 7gZayMd2IMuVLTA0XBcPAK7i+ibku8Bia0nKufeNPky7Ek0R+iSNK/0lJP8/6HKdssle O0K7fYisCdL9cpWIrxlUODnNrE8uJ5IUyfwsQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:references:in-reply-to:to; bh=G2qRiLGht/KeyE/BJBM60VPFi3fQY3WMfmOacmWQ9MA=; b=TOAKAGdGiZ87GdvML8ztLfnZ7I11/K+sU32krGrEtZGXBo71z6mCuXpAr4pyOUr8O0 H3aBM1yBn+qLAtFS3JLGDcIvQFanfWhZY2Fcw2Ds6D2XMH3/B3CGhcwmm0EOAvDYRE6z 0+8u2/S614xa/azarFwDa5S+04YFrTUso+sLEyGT445c5CZnAAKK6piLP/e1zY937vSE AmefFiqVzm4hfQgHKDlxDEjLTFkkmUSFjnEULT2y0npcS8D6A3oBKMnE31M1csZrwHcL GgPEdIhOU7Ar4aTyQ/tgE/zu9H3IfwKBS5VsFnsZ8gC+OGQrjJNu9TwRtQzD9vA54LT8 j2LA==
X-Gm-Message-State: ALyK8tJ4Nyem2+ynAybujmexOL/GJTvbqa0+KQfcV2ICgsbO9b7935gukrnRXfdN6nfJpucB
X-Received: by 10.194.75.196 with SMTP id e4mr7717284wjw.44.1465937119695; Tue, 14 Jun 2016 13:45:19 -0700 (PDT)
Received: from [192.168.0.14] ([31.10.154.188]) by smtp.gmail.com with ESMTPSA id s10sm34820406wjt.29.2016.06.14.13.45.18 for <tls@ietf.org> (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 14 Jun 2016 13:45:19 -0700 (PDT)
From: Björn Tackmann <btackmann@eng.ucsd.edu>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
Message-Id: <F9768F5A-F286-478C-A430-B56E9748A848@eng.ucsd.edu>
Date: Tue, 14 Jun 2016 22:45:17 +0200
References: <20160614111828.18296913.41202.73993@ll.mit.edu>
In-Reply-To: <20160614111828.18296913.41202.73993@ll.mit.edu>
To: tls@ietf.org
X-Mailer: iPhone Mail (13F69)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ChGs3O926mhlN9epMI3H9V7VcqY>
Subject: Re: [TLS] Consensus call for keys used in handshake and data messages
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2016 20:45:24 -0000

Just to be clear: the "+1" I sent earlier meant "I agree with Karthik" -- so it means solution (2).

> On Jun 14, 2016, at 1:18 PM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> wrote:
> 
> Key reuse often ends up causing problems. IMHO a more sound approach is (2). IMHO it isn't prohibitively expensive either.
> 
> Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
>   Original Message  
> From: Björn Tackmann
> Sent: Tuesday, June 14, 2016 05:23
> To: tls@ietf.org
> Subject: Re: [TLS] Consensus call for keys used in handshake and data    messages
> 
> +1
> 
> 
>> On Jun 14, 2016, at 7:08 AM, Karthikeyan Bhargavan <karthik.bhargavan@gmail.com> wrote:
>> 
>> I prefer (2)
>> 
>>> On 13 Jun 2016, at 22:27, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
>>> 
>>> On Mon 2016-06-13 15:00:03 -0400, Joseph Salowey wrote:
>>>> 1. Use the same key for handshake and application traffic (as in the
>>>> current draft-13)
>>>> 
>>>> or
>>>> 
>>>> 2. Restore a public content type and different keys
>>> 
>>> Given this choice, i prefer (1).
>>> 
>>> --dkg
>>> 
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>> 
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email