Re: [TLS] Confirming Consensus on supporting only AEAD ciphers

Fedor Brunner <fedor.brunner@azet.sk> Tue, 29 April 2014 08:45 UTC

Return-Path: <fedor.brunner@azet.sk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30B511A08B2 for <tls@ietfa.amsl.com>; Tue, 29 Apr 2014 01:45:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.746
X-Spam-Level:
X-Spam-Status: No, score=-0.746 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HELO_EQ_SK=1.35, HOST_EQ_SK=0.555, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8q5oWAn6BhE9 for <tls@ietfa.amsl.com>; Tue, 29 Apr 2014 01:45:11 -0700 (PDT)
Received: from smtp-01-out.s.azet.sk (smtp-07-out.s.azet.sk [91.235.53.32]) by ietfa.amsl.com (Postfix) with ESMTP id 1BE371A0775 for <tls@ietf.org>; Tue, 29 Apr 2014 01:45:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=azet.sk; s=azet; t=1398761108; bh=YrvZbEPiUrJL27N0RB1eSw6IgbA8DB++AJqvKzo2kSU=; h=Date:From:To:Subject:References:In-Reply-To:From; b=JXAXiCadQ5KthK3MzHuT9gSMt+YOKhs+h4I0mXMTyrTdwefs2xdY/G7I6HmFD7xGT 3XY3qCIT/SG6oywKJRLKq/Z7abdEoRq4BJviHamiJqk79eWjniUUT0pzThKFjBU37o Ha2RWQVMhHWRhQxY8tOPoocWjer1s4+gS16G10m8=
X-Virus-Scanned: by AntiSpam at azet.sk
Received: from [0.0.0.0] (h2072314.stratoserver.net [81.169.151.138]) (Authenticated sender: fedor.brunner@azet.sk) by smtp.azet.sk (Postfix) with ESMTPA id 6F18E67 for <tls@ietf.org>; Tue, 29 Apr 2014 10:44:58 +0200 (CEST)
X-SenderID: Sendmail Sender-ID Filter v1.0.0 smtp.azet.sk 6F18E67
Authentication-Results: smtp.azet.sk; sender-id=fail (NotPermitted) header.from=fedor.brunner@azet.sk; auth=pass (PLAIN); spf=fail (NotPermitted) smtp.mfrom=fedor.brunner@azet.sk
Message-ID: <535F6684.1040701@azet.sk>
Date: Tue, 29 Apr 2014 10:44:52 +0200
From: Fedor Brunner <fedor.brunner@azet.sk>
MIME-Version: 1.0
To: tls@ietf.org
References: <86E69268-DC0A-43E7-8CF5-0DAE39FD4FD5@cisco.com> <84C4848E-7843-4372-93AA-C1F017C3E088@cisco.com>
In-Reply-To: <84C4848E-7843-4372-93AA-C1F017C3E088@cisco.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/GpNVbugO-ZAI0MS_RcP36Lvcqow
Subject: Re: [TLS] Confirming Consensus on supporting only AEAD ciphers
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2014 08:45:13 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


The Mandatory Cipher Suite for TLS 1.2 was TLS_RSA_WITH_AES_128_CBC_SHA.
What is the mandatory cipher in TLS 1.3 ?

Maybe TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 using Curve25519 for
ECDHE ?

Fedor

On 26.04.2014 17:24, Joseph Salowey (jsalowey) wrote:
> The consensus from the IETF-89 meeting holds, TLS 1.3 will only use record layer protection of type
AEAD. The Editor is requested to make the appropriate changes to the
draft on github.
>
> Joe
> [For the chairs]
> On Mar 26, 2014, at 11:43 AM, Joseph Salowey (jsalowey)
<jsalowey@cisco.com> wrote:
>
>> TLS has supported a number of different cipher types for protecting
the record layer.   In TLS 1.3 these include Stream Cipher, CBC Block
Cipher and AEAD Cipher.  The construction of the CBC mode within TLS has
been shown to be flawed and stream ciphers are not generally applicable
to DTLS. Using a single mechanism for cryptographic transforms would
make security analysis easier.   AEAD ciphers can be constructed from
stream ciphers and block ciphers and are defined as protocol independent
transforms.  The consensus in the room at IETF-89 was to only support
AEAD ciphers in TLS 1.3. If you have concerns about this decision please
respond on the TLS list by April 11, 2014.
>>
>> Thanks,
>>
>> Joe
>> [Speaking for the TLS chairs]
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJTX2aEXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4QkVFQ0NBRDcyNzU1RTk2RTQwMzlEQjc2
RTE3NDA5NTQwNTY2M0FEAAoJEG4XQJVAVmOtV7oP+wbNgDRmqa7UJ5D+8dM72sYX
bQqK4slhy26evi23EmzWrfWI5pNPcceB4c7tUegZJQ3ZvGXIVRW7Sov79djar6uD
MPABZWBry/qCN6PvdoUhSNFvokJzUSK/bm+oLCnyEts5WM0CGOTnITJ99i3QSvjW
nzYfQkZCBD/vou4QGNNQfG9JzRU1A7o2stvFk0g+VK3a7ppjRyuHVTMo+vjsr8tl
RSex8O0QYcpt+gvmOIU5fcgSB+3Es5VYJhU70EL+kArejCldDcvy3wkd6Er11wy7
wphKORvK2hvrqT2rVIWDwwouQqdxvgydzuQSSQr+VO1kM7Cs0CY9YWZUmuWcsH5I
FVXQrnDZa3nN26dzcaYKX2M6Qfst0MVS4gEyka4jON0VfPeiabAVSXEMaMHJIEXd
nhYc4iRcJGLlrFLPc3TkHlBj34nAYeRzr8kvoLw2MeXEws32qwH/BAgCv9kyQ3SL
zfxuv5kKu6GRakHcZejK2dDwH0y+OBDLUghegRdfyrjs/Tx8wJ2bPpRRwWWIgHeA
pvUSDZv+0E2iRO1Vd+Gpgw0mYF7J22nlRtm3ehGATsXWzqK+3LzWzHs9h/E+80sN
p0kNWsnSUdfanR6X9OysPQLDnNZ905o/d2XbkAYlYZu+fJ4lUGy4Oa2ivh08yF+i
X1KBUXBRSpfC6U6sw0Xf
=2As+
-----END PGP SIGNATURE-----