Re: [TLS] Confirming Consensus on supporting only AEAD ciphers
Fedor Brunner <fedor.brunner@azet.sk> Tue, 29 April 2014 08:45 UTC
Return-Path: <fedor.brunner@azet.sk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30B511A08B2 for <tls@ietfa.amsl.com>; Tue, 29 Apr 2014 01:45:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.746
X-Spam-Level:
X-Spam-Status: No, score=-0.746 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HELO_EQ_SK=1.35, HOST_EQ_SK=0.555, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8q5oWAn6BhE9 for <tls@ietfa.amsl.com>; Tue, 29 Apr 2014 01:45:11 -0700 (PDT)
Received: from smtp-01-out.s.azet.sk (smtp-07-out.s.azet.sk [91.235.53.32]) by ietfa.amsl.com (Postfix) with ESMTP id 1BE371A0775 for <tls@ietf.org>; Tue, 29 Apr 2014 01:45:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=azet.sk; s=azet; t=1398761108; bh=YrvZbEPiUrJL27N0RB1eSw6IgbA8DB++AJqvKzo2kSU=; h=Date:From:To:Subject:References:In-Reply-To:From; b=JXAXiCadQ5KthK3MzHuT9gSMt+YOKhs+h4I0mXMTyrTdwefs2xdY/G7I6HmFD7xGT 3XY3qCIT/SG6oywKJRLKq/Z7abdEoRq4BJviHamiJqk79eWjniUUT0pzThKFjBU37o Ha2RWQVMhHWRhQxY8tOPoocWjer1s4+gS16G10m8=
X-Virus-Scanned: by AntiSpam at azet.sk
Received: from [0.0.0.0] (h2072314.stratoserver.net [81.169.151.138]) (Authenticated sender: fedor.brunner@azet.sk) by smtp.azet.sk (Postfix) with ESMTPA id 6F18E67 for <tls@ietf.org>; Tue, 29 Apr 2014 10:44:58 +0200 (CEST)
X-SenderID: Sendmail Sender-ID Filter v1.0.0 smtp.azet.sk 6F18E67
Authentication-Results: smtp.azet.sk; sender-id=fail (NotPermitted) header.from=fedor.brunner@azet.sk; auth=pass (PLAIN); spf=fail (NotPermitted) smtp.mfrom=fedor.brunner@azet.sk
Message-ID: <535F6684.1040701@azet.sk>
Date: Tue, 29 Apr 2014 10:44:52 +0200
From: Fedor Brunner <fedor.brunner@azet.sk>
MIME-Version: 1.0
To: tls@ietf.org
References: <86E69268-DC0A-43E7-8CF5-0DAE39FD4FD5@cisco.com> <84C4848E-7843-4372-93AA-C1F017C3E088@cisco.com>
In-Reply-To: <84C4848E-7843-4372-93AA-C1F017C3E088@cisco.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/GpNVbugO-ZAI0MS_RcP36Lvcqow
Subject: Re: [TLS] Confirming Consensus on supporting only AEAD ciphers
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2014 08:45:13 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Mandatory Cipher Suite for TLS 1.2 was TLS_RSA_WITH_AES_128_CBC_SHA. What is the mandatory cipher in TLS 1.3 ? Maybe TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 using Curve25519 for ECDHE ? Fedor On 26.04.2014 17:24, Joseph Salowey (jsalowey) wrote: > The consensus from the IETF-89 meeting holds, TLS 1.3 will only use record layer protection of type AEAD. The Editor is requested to make the appropriate changes to the draft on github. > > Joe > [For the chairs] > On Mar 26, 2014, at 11:43 AM, Joseph Salowey (jsalowey) <jsalowey@cisco.com> wrote: > >> TLS has supported a number of different cipher types for protecting the record layer. In TLS 1.3 these include Stream Cipher, CBC Block Cipher and AEAD Cipher. The construction of the CBC mode within TLS has been shown to be flawed and stream ciphers are not generally applicable to DTLS. Using a single mechanism for cryptographic transforms would make security analysis easier. AEAD ciphers can be constructed from stream ciphers and block ciphers and are defined as protocol independent transforms. The consensus in the room at IETF-89 was to only support AEAD ciphers in TLS 1.3. If you have concerns about this decision please respond on the TLS list by April 11, 2014. >> >> Thanks, >> >> Joe >> [Speaking for the TLS chairs] >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJTX2aEXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4QkVFQ0NBRDcyNzU1RTk2RTQwMzlEQjc2 RTE3NDA5NTQwNTY2M0FEAAoJEG4XQJVAVmOtV7oP+wbNgDRmqa7UJ5D+8dM72sYX bQqK4slhy26evi23EmzWrfWI5pNPcceB4c7tUegZJQ3ZvGXIVRW7Sov79djar6uD MPABZWBry/qCN6PvdoUhSNFvokJzUSK/bm+oLCnyEts5WM0CGOTnITJ99i3QSvjW nzYfQkZCBD/vou4QGNNQfG9JzRU1A7o2stvFk0g+VK3a7ppjRyuHVTMo+vjsr8tl RSex8O0QYcpt+gvmOIU5fcgSB+3Es5VYJhU70EL+kArejCldDcvy3wkd6Er11wy7 wphKORvK2hvrqT2rVIWDwwouQqdxvgydzuQSSQr+VO1kM7Cs0CY9YWZUmuWcsH5I FVXQrnDZa3nN26dzcaYKX2M6Qfst0MVS4gEyka4jON0VfPeiabAVSXEMaMHJIEXd nhYc4iRcJGLlrFLPc3TkHlBj34nAYeRzr8kvoLw2MeXEws32qwH/BAgCv9kyQ3SL zfxuv5kKu6GRakHcZejK2dDwH0y+OBDLUghegRdfyrjs/Tx8wJ2bPpRRwWWIgHeA pvUSDZv+0E2iRO1Vd+Gpgw0mYF7J22nlRtm3ehGATsXWzqK+3LzWzHs9h/E+80sN p0kNWsnSUdfanR6X9OysPQLDnNZ905o/d2XbkAYlYZu+fJ4lUGy4Oa2ivh08yF+i X1KBUXBRSpfC6U6sw0Xf =2As+ -----END PGP SIGNATURE-----
- [TLS] Confirming Consensus on supporting only AEA… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Russ Housley
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Peter Gutmann
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Nikos Mavrogiannopoulos
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] Confirming Consensus on supporting only… Watson Ladd
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Fedor Brunner
- Re: [TLS] Confirming Consensus on supporting only… Peter Gutmann
- Re: [TLS] Confirming Consensus on supporting only… Watson Ladd
- Re: [TLS] Confirming Consensus on supporting only… Peter Bowen
- Re: [TLS] Confirming Consensus on supporting only… Michael D'Errico
- Re: [TLS] Confirming Consensus on supporting only… Martin Thomson
- Re: [TLS] Confirming Consensus on supporting only… Ralph Holz
- Re: [TLS] Confirming Consensus on supporting only… Michael D'Errico
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] Confirming Consensus on supporting only… Michael StJohns
- Re: [TLS] Confirming Consensus on supporting only… Martin Rex
- Re: [TLS] Confirming Consensus on supporting only… Michael StJohns
- Re: [TLS] Confirming Consensus on supporting only… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Fedor Brunner
- [TLS] (offline note) Re: Confirming Consensus on … Rene Struik
- Re: [TLS] (offline note) Re: Confirming Consensus… Joseph Salowey (jsalowey)
- Re: [TLS] Confirming Consensus on supporting only… Michael StJohns
- Re: [TLS] (offline note) Re: Confirming Consensus… Martin Rex
- Re: [TLS] (offline note) Re: Confirming Consensus… Michael StJohns
- Re: [TLS] (offline note) Re: Confirming Consensus… Michael StJohns
- Re: [TLS] (offline note) Re: Confirming Consensus… Manuel Pégourié-Gonnard
- Re: [TLS] (offline note) Re: Confirming Consensus… Michael StJohns
- Re: [TLS] Confirming Consensus on supporting only… Manuel Pégourié-Gonnard
- Re: [TLS] Confirming Consensus on supporting only… Eric Rescorla
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Martin Thomson
- [TLS] [PATCH] Clean up removal of all non-AEAD mo… Daniel Kahn Gillmor
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Eric Rescorla
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Daniel Kahn Gillmor
- Re: [TLS] [PATCH] Clean up removal of all non-AEA… Eric Rescorla