IETF Logo Mail Archive

Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material

Martin Rex <Martin.Rex@sap.com> Tue, 21 July 2009 15:33 UTC

Return-Path: <Martin.Rex@sap.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 349DF28C2F8; Tue, 21 Jul 2009 08:33:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.933
X-Spam-Level:
X-Spam-Status: No, score=-3.933 tagged_above=-999 required=5 tests=[AWL=2.316, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hnxv-bO7Wxe2; Tue, 21 Jul 2009 08:33:17 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.171]) by core3.amsl.com (Postfix) with ESMTP id 3378028C2EF; Tue, 21 Jul 2009 08:33:17 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id n6LFWVZK023590 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 21 Jul 2009 17:32:31 +0200 (MEST)
From: Martin Rex <Martin.Rex@sap.com>
Message-Id: <200907211532.n6LFWUxp015495@fs4113.wdf.sap.corp>
To: nmav@gnutls.org
Date: Tue, 21 Jul 2009 17:32:30 +0200
In-Reply-To: <c331d99a0907210748o1c342a7at1cbd34b587da304c@mail.gmail.com> from "Nikos Mavrogiannopoulos" at Jul 21, 9 05:48:53 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Scanner: Virus Scanner virwal08
X-SAP: out
Cc: ietf@ietf.org, rms@gnu.org, tls@ietf.org
Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2009 15:33:18 -0000

Nikos Mavrogiannopoulos wrote:
> 
> I'd propose to add this text to the standard:
> This protocol MUST NOT be used with RFC4492, RFC5289 and
> draft-rescorla-tls-suiteb.

How much longer are we going to beat that dead horse?

I'm not aware of information that the Certicom patents apply to
TLS extractors.

I'm not even aware of information that Certicom claims that the
patent applies to TLS extractors when ECC crypto is used.

The information that I've seen is that the Certicom patent claim
"covers" TLS extractors when TLS is used with ECC crypto, and
they acutally imply that their patents claims "cover" pretty much all
standards around TLS when TLS is used with ECC crypto.

TLS extractors is essentially the TLS PRF exposed with an API,
so really, for IP lawyers, TLS with extractors has the exact same
attack surface as TLS without TLS extractors.


-Martin

v2.23.0 | Report a Bug | By Email