Re: [TLS] Issue 15: Mandate protection against CBC mode timing attack
"Ben Laurie" <benl@google.com> Sun, 03 June 2007 17:23 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HutnW-0003Vg-Dm; Sun, 03 Jun 2007 13:23:22 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HutnU-0003VY-Hf for tls@ietf.org; Sun, 03 Jun 2007 13:23:20 -0400
Received: from smtp-out.google.com ([216.239.33.17]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HutnT-0004E7-1W for tls@ietf.org; Sun, 03 Jun 2007 13:23:20 -0400
Received: from spaceape13.eur.corp.google.com (spaceape13.eur.corp.google.com [172.28.16.147]) by smtp-out.google.com with ESMTP id l53HNDfW032727 for <tls@ietf.org>; Sun, 3 Jun 2007 18:23:13 +0100
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=received:message-id:date:from:to:subject:cc:in-reply-to: mime-version:content-type:content-transfer-encoding: content-disposition:references; b=vPpBpJ3guyUP5dkCuafrrkBSuFh+vJaWrNN213gWzXkU2xms65iT3+PUtlK9HACmT bWP0Ed/UEqcJwqktKMQWA==
Received: from wa-out-1112.google.com (wahv33.prod.google.com [10.114.248.33]) by spaceape13.eur.corp.google.com with ESMTP id l53HMo5E031560 for <tls@ietf.org>; Sun, 3 Jun 2007 18:23:10 +0100
Received: by wa-out-1112.google.com with SMTP id v33so2870999wah for <tls@ietf.org>; Sun, 03 Jun 2007 10:23:10 -0700 (PDT)
Received: by 10.114.254.1 with SMTP id b1mr4010845wai.1180891389706; Sun, 03 Jun 2007 10:23:09 -0700 (PDT)
Received: by 10.114.254.10 with HTTP; Sun, 3 Jun 2007 10:23:09 -0700 (PDT)
Message-ID: <1b587cab0706031023n2085a090sa005aad0353515c4@mail.gmail.com>
Date: Sun, 03 Jun 2007 10:23:09 -0700
From: Ben Laurie <benl@google.com>
To: Eric Rescorla <ekr@networkresonance.com>
Subject: Re: [TLS] Issue 15: Mandate protection against CBC mode timing attack
In-Reply-To: <20070603145222.40A7833C4B@delta.rtfm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <20070603145222.40A7833C4B@delta.rtfm.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d6b246023072368de71562c0ab503126
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
On 6/3/07, Eric Rescorla <ekr@networkresonance.com> wrote: > http://www3.tools.ietf.org/wg/tls/trac/ticket/15 > > NIST's comments suggest that the defense suggested in 6.2.3.2 > should be mandatory. My argument is that hardware systems may > operate in fixed time or otherwise be safe and so we shouldn't > mandate any particular defense. Perhaps we should mandate it for implementations that are vulnerable? > > Proposed resolution: leave as-is. > > > _______________________________________________ > TLS mailing list > TLS@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/tls > _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Issue 15: Mandate protection against CBC mo… Eric Rescorla
- Re: [TLS] Issue 15: Mandate protection against CB… Ben Laurie
- Re: [TLS] Issue 15: Mandate protection against CB… Bodo Moeller