IETF Logo Mail Archive

Re: [TLS] Re-use and export of DH shares

Yoav Nir <ynir.ietf@gmail.com> Wed, 23 November 2016 08:53 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E67512966F for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 00:53:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GoLB3_6YnDD5 for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 00:53:54 -0800 (PST)
Received: from mail-wj0-x232.google.com (mail-wj0-x232.google.com [IPv6:2a00:1450:400c:c01::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70A901293E8 for <tls@ietf.org>; Wed, 23 Nov 2016 00:53:54 -0800 (PST)
Received: by mail-wj0-x232.google.com with SMTP id qp4so5200503wjc.3 for <tls@ietf.org>; Wed, 23 Nov 2016 00:53:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=9yZdSkEqFQklSviixsauHpgrE/EYcE3zlDbrP0smw2k=; b=iaEzCfYMB1QUlLKkeJ9fHm1rOZ/M5Lb90MngF39ZyXeHRKxfqhs//vDi5YsEk1GUdd 7ZlZoCM1Hn8PtsO7KYlJlhIoCAxeJZhaHCVaohoYLXChiYGj5jSseVoWeCjYYV8wYiTO J0lw4s+Hn5WDJQ5gtu/D4M5GAUAmGoHu2+yHSHDj+lTaerkMGGSR7mCfUEq72POzClaL CDw7hmWxk1ksCgCqv6C5Unb/6ICCwuqn6uka27/oN0NwTIsRRfGOYsgVxXY/whSYhHby kgF4fxDQz6CMpimvtm26MN3Vrxn5LIQlelN2zDxhxFHDu0C8Xzc12/IhQSgwRtY1NIQy GuXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=9yZdSkEqFQklSviixsauHpgrE/EYcE3zlDbrP0smw2k=; b=Ae791v7m3s4unKpV2bhGe3meWQEqdT3HIa+UT9loOwywPvUjJuYb71bQvOxilRenWI Jb0xIBz697sH0oL4pNvXzcPW8zYw7kV1UdXlzrIpcB5OXSQ976JRpTh5qCVyuPZV7/D7 72QhK2eXQ1tFQUf5MkxzhZaCjkq87cOcRBCpPhMHdKh4zkXwJrMOlcmwYo+j2RZIXdHt KYixvrBlBn9IF/LKPfLDrvOVzL/kBaKZ60ICo9R+kzcowsScOdGsaLuMMWbuaj+JxlQG Gsk7WVIgX6DgzrV4OYvrlEu22ScL+pPSB7ZsWZ5EikGncgbeHOhu1jMJ9lp+rnXkpbti KOjQ==
X-Gm-Message-State: AKaTC01AfaNBwxNF/3qi4lvFCqsqQjtj0dnKXlnc3Z0JFU3wFnpW2qbial4/q91JWUqcwA==
X-Received: by 10.194.145.70 with SMTP id ss6mr2439987wjb.158.1479891232745; Wed, 23 Nov 2016 00:53:52 -0800 (PST)
Received: from [172.24.250.223] (dyn32-131.checkpoint.com. [194.29.32.131]) by smtp.gmail.com with ESMTPSA id u18sm1580338wmd.1.2016.11.23.00.53.52 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Nov 2016 00:53:52 -0800 (PST)
From: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
Date: Wed, 23 Nov 2016 10:53:51 +0200
References: <4DF30312-1A1C-4F11-9424-0412E5A52E6B@gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
In-Reply-To: <4DF30312-1A1C-4F11-9424-0412E5A52E6B@gmail.com>
Message-Id: <ABE60031-F518-4B5F-81AA-A76AFEEAA41F@gmail.com>
X-Mailer: Apple Mail (2.3251)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/HgWDWoRqWPSgMHwfF3kMOMqisic>
Subject: Re: [TLS] Re-use and export of DH shares
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 08:53:58 -0000

And if it wasn’t clear, this *is* a WGLC comment on the TLS 1.3 draft based on discussion in Tuesday’s session in Seoul.

Yoav

> On 20 Nov 2016, at 12:21, Yoav Nir <ynir.ietf@gmail.com> wrote:
> 
> Hi.
> 
> I’ve created a PR for TLS 1.3
> https://github.com/tlswg/tls13-spec/pull/768
> 
> It adds a subsection to the Security Considerations section. It discusses key reuse (do it carefully or do it not).
> It has the "don't do this or this grape juice might ferment" weasel words suggested by someone at the meeting.
> 
> Yoav
>

v2.23.0 | Report a Bug | By Email