[TLS] Proposed AUTH48 change to draft-ietf-tls-rfc4492bis

Sean Turner <sean@sn3rd.com> Sun, 10 December 2017 18:18 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5F69128B93 for <tls@ietfa.amsl.com>; Sun, 10 Dec 2017 10:18:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h2QDDkfZzwEm for <tls@ietfa.amsl.com>; Sun, 10 Dec 2017 10:18:58 -0800 (PST)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46E0A124D68 for <tls@ietf.org>; Sun, 10 Dec 2017 10:18:58 -0800 (PST)
Received: by mail-qt0-x22b.google.com with SMTP id r39so32782382qtr.13 for <tls@ietf.org>; Sun, 10 Dec 2017 10:18:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=JgW/609uy92CHQ1HOM7Zbnm1eILHgO2mdpBXmboypMs=; b=aPyrq5Ih73XSEhXeWHKValz/5HlxyVd2Re2irCqrlXN5jzeuCSYywf15Jb/2GHoufm dK31NAnX837g1Xzt4kA8MVbq82lmSYhVBYiUFwSiTzdAseRx/upNmZFK4StsyZR0T7fT BIw3lzMucbBy5C7afGRqlylIeUInju0xYQTi4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=JgW/609uy92CHQ1HOM7Zbnm1eILHgO2mdpBXmboypMs=; b=qM8pvZQnV/CsJIO2BtmqrvbdGpnT7iN5NMj8XSSYIx/IRgHBbPBb01oE7UXKfdmO7Y uRJgKiWJY6Ke05jAhVpFDP3ATC713gax5csH0DpJEREXb8JVDhTka048EahrmaAslsR9 sPIl1AwM/GPJ7ZqDMkzXEp93KpA+idP9lG4fe5AYZoIx7o5+I+BcAEWHE0MffSdFHqbk v3pMNhjqRfHiBNQH0XoN0c1jufwUNl4NFNBxUYEQJZHCd4/98SjTFhKQNjnqZhQoVXTv 6ZZ5QgQcDRp44a3iq8bjkm4VFXh62CIgViP8q4UBOc11+A5yj3uHaae9M3/cL9acT4gt ebCg==
X-Gm-Message-State: AKGB3mL0f+Idzb7ZXnosC0mBdVtIqRqx+8vqu8noDS3A7e1cMYpFzB7k pXaFpw+ae/GZw1CzVij9mJztWqw94LI=
X-Google-Smtp-Source: AGs4zMY+RcEt/E0nwb5tmm114tJwLD+UYL+F/7i25FBRODiikaX4Q6LC9Eq/XuU/Bu9RcGOflFW3zw==
X-Received: by 10.200.54.93 with SMTP id n29mr25217932qtb.179.1512929937283; Sun, 10 Dec 2017 10:18:57 -0800 (PST)
Received: from [172.16.0.18] ([96.231.220.27]) by smtp.gmail.com with ESMTPSA id r55sm3302445qta.57.2017.12.10.10.18.56 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 10 Dec 2017 10:18:56 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Message-Id: <34DE1644-4197-4171-A12E-44260BBEAF74@sn3rd.com>
Date: Sun, 10 Dec 2017 13:18:55 -0500
To: "<tls@ietf.org>" <tls@ietf.org>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/CjeV2iAXEBplZakrf8KSNV5K0_A>
Subject: [TLS] Proposed AUTH48 change to draft-ietf-tls-rfc4492bis
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Dec 2017 18:19:00 -0000

A while back Martin Rex noted an editorial error in draft-ietf-tls-rfc4492bis, which is patiently waiting in the RFC editor’s queue.  He noted:

   The last of the "must implement 1 of these 4" list of cipher suites at
   the end of section 6 is not contained in the table at the beginning of
   section 6 above it (instead, it appears in rfc5289 only).

To address this error it has been proposed that the following change be made to the list at the end of s6:

-  o  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+  o  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

Please let us know by December 18th whether you object to this change (and why).

Cheers,

spt