Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]
Russ Housley <housley@vigilsec.com> Mon, 01 June 2015 16:30 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F1BA1B2CE3 for <tls@ietfa.amsl.com>; Mon, 1 Jun 2015 09:30:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Aw2udW0kvFfK for <tls@ietfa.amsl.com>; Mon, 1 Jun 2015 09:30:01 -0700 (PDT)
Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 69A521B2CE2 for <tls@ietf.org>; Mon, 1 Jun 2015 09:30:01 -0700 (PDT)
Received: from localhost (unknown [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id C3AB59A404B; Mon, 1 Jun 2015 12:29:50 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id 9U8Qoe8UFaia; Mon, 1 Jun 2015 12:28:30 -0400 (EDT)
Received: from [192.168.2.100] (pool-108-51-128-219.washdc.fios.verizon.net [108.51.128.219]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 26DA89A404C; Mon, 1 Jun 2015 12:29:30 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset="us-ascii"
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <20150601125302.GA19269@LK-Perkele-VII>
Date: Mon, 01 Jun 2015 12:29:19 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <E0C6092D-EFC0-43F9-8807-5D8CE8FF00B8@vigilsec.com>
References: <556C4ACD.9040002@azet.org> <CABcZeBNsYmto4F-J0mFoxcq-qfL=NJrvDu67fyY9bpBmRp16mQ@mail.gmail.com> <556C51FC.807@azet.org> <20150601125302.GA19269@LK-Perkele-VII>
To: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
X-Mailer: Apple Mail (2.1085)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/IeTC0rjypeZrMzPFJry1r1wMsrE>
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 16:30:04 -0000
Ilari: > I think the current plan with EdDSA and related certficates are to reuse > ECDSA codepoints, relying on extension (defined by RFC5246) to negotiate. When we were doing to work for RSA PKCS #1 v1.5, OAEP, and PSS, it was unclear whether using the same key pair with all of these schemes would lead to trouble. For this reason, the certificate can allow the key pair to be used for just on or all of them. The same question needs to be asked here. I hope a more definitive answer becomes available this time. Russ
- [TLS] AES-OCB in TLS [New Version Notification fo… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Eric Rescorla
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Eric Rescorla
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Ilari Liusvaara
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Hubert Kario
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Jeffrey Walton
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Peter Bowen
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Russ Housley
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Jeffrey Walton
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Yaron Sheffer
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Jeffrey Walton
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Daniel Kahn Gillmor
- [TLS] EDDSA/Curve25519 identifiers: Was Re: AES-O… Michael StJohns
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Michael Hamburg
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Daniel Kahn Gillmor
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Rob Stradling
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Michael Hamburg
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Gunnar Wolf
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Peter Gutmann
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Simon Josefsson
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Simon Josefsson
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Salz, Rich
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Peter Bowen
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Michael StJohns
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Nico Williams
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Matt Caswell