Re: [TLS] Consensus Call for acceptance of draft-gillmor-tls-negotiated-dl-dhe-02
Alfredo Pironti <alfredo@pironti.eu> Mon, 23 June 2014 08:31 UTC
Return-Path: <alfredo@pironti.eu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 246E61A041D for <tls@ietfa.amsl.com>; Mon, 23 Jun 2014 01:31:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZS6pf0puQAdg for <tls@ietfa.amsl.com>; Mon, 23 Jun 2014 01:31:24 -0700 (PDT)
Received: from mail-ve0-x22d.google.com (mail-ve0-x22d.google.com [IPv6:2607:f8b0:400c:c01::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EE641AD62A for <tls@ietf.org>; Mon, 23 Jun 2014 01:31:23 -0700 (PDT)
Received: by mail-ve0-f173.google.com with SMTP id db11so5795254veb.32 for <tls@ietf.org>; Mon, 23 Jun 2014 01:31:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pironti.eu; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=mnO5AwsJ31npu9Y4DbyqubcZG/9NKuZ/n/xGR4knpMw=; b=dFMKYBRbeyBs3wwPA41/NkjHukwf10Ocy9yjrgfvpjOlLysJHSWK2bzfxXDSSBph46 rCIYyipkesvEx+fHVeJbNQL5x2nV6o4X9KsjRiChhHEcq+FVEPzYf4x+a4kfMpw3oUjs soOgMdfmMXNVK4hC+vzfHDa0fdFSMaFNMCLIQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=mnO5AwsJ31npu9Y4DbyqubcZG/9NKuZ/n/xGR4knpMw=; b=SyBqZYKLc7R5WZPX0Qc9t9glWopqhprgNOuDhYyQd5LGBKbZzyRnXO8s8UuMIJ081b HdF76Booa8SRMwb3fzbF3RB8kH/Q6ZxzDRKnzwwdTuiauTKYBrk4UHvHQf8NGUTMJ/z/ XGnpygC7TVuBL7KbTc25bGqIjiYsbIZyTLkaJJUG5NU8+wca/+gR7hs2SWgclEfYUN9v RXhZ/uZTEMWZtZ8jeHwX1IIHaWq/ipOM/3uRSndWPSWR8iBVqTxyN6Gb1qLglYKJi8/o FvKgT8WKXnrSXsCPP6qdonhg2iF50ZTEOZWDTNmOAkwpNr56xbono3PTY7RAqRQXqZ5D YjTg==
X-Gm-Message-State: ALoCoQk02ZZWQQFvFy40za5AiNWeN5JSeoUrrTrvKty2SjojlUI+tqvHPxzFQ/2RMl1WxrfclxjC
MIME-Version: 1.0
X-Received: by 10.58.236.170 with SMTP id uv10mr5508855vec.31.1403512283122; Mon, 23 Jun 2014 01:31:23 -0700 (PDT)
Received: by 10.52.139.78 with HTTP; Mon, 23 Jun 2014 01:31:23 -0700 (PDT)
X-Originating-IP: [128.93.62.11]
In-Reply-To: <C5353235-60DA-4193-BEE5-38FBD0D531AE@cisco.com>
References: <C5353235-60DA-4193-BEE5-38FBD0D531AE@cisco.com>
Date: Mon, 23 Jun 2014 10:31:23 +0200
Message-ID: <CALR0ui+iANHjWL-TodQ7zeugKBLbQfCLXWy2mgZUAbMd7HEXeA@mail.gmail.com>
From: Alfredo Pironti <alfredo@pironti.eu>
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Content-Type: multipart/alternative; boundary="047d7bdc1a9c12eacb04fc7cab20"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/L-qpeSWwtHxbtYiAd2PrMzjLiJ8
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call for acceptance of draft-gillmor-tls-negotiated-dl-dhe-02
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jun 2014 08:31:26 -0000
I favor the draft. In sec. 3.1 however, I would rather define a new Server Key Exchange message type, where only dh_Ys is sent (and signed). For complying implementations, this should be a small change to implement, but it completely eliminates ambiguous messages and signatures thereof. We could push even further, and force the server to use the same messages as the client: Key Exchange + Certificate Verify (to defeat cross protocol attacks); but I understand this is a long shot for a draft which is meant to be minimal and quick to implement. Best, Alfredo On Mon, Jun 23, 2014 at 7:27 AM, Joseph Salowey (jsalowey) < jsalowey@cisco.com> wrote: > WG Members, > > The chairs would like to get the sense of the WG on adopting > as a WG document: > > http://tools.ietf.org/html/draft-gillmor-tls-negotiated-dl-dhe-02 > > Please make any comments in favor of or against adoption by > Friday July 4. Note: the chairs are aware that there has been > some discussion of the specific groups in this document. > Adopting this document does not commit the WG to these > groups as some or all of these groups may be changed prior > to publication. > > Thanks > > Joe > (for the chairs) > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Consensus Call for acceptance of draft-gill… Joseph Salowey (jsalowey)
- Re: [TLS] Consensus Call for acceptance of draft-… Alfredo Pironti
- Re: [TLS] Consensus Call for acceptance of draft-… Nikos Mavrogiannopoulos
- Re: [TLS] Consensus Call for acceptance of draft-… Tapio Sokura
- Re: [TLS] Consensus Call for acceptance of draft-… Watson Ladd
- Re: [TLS] Consensus Call for acceptance of draft-… Nikos Mavrogiannopoulos
- Re: [TLS] Consensus Call for acceptance of draft-… Hubert Kario