Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IETF 78
David McGrew <mcgrew@cisco.com> Wed, 21 July 2010 12:43 UTC
Return-Path: <mcgrew@cisco.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 85C3D3A6B54 for <tls@core3.amsl.com>; Wed, 21 Jul 2010 05:43:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PtNs7-6eh-4q for <tls@core3.amsl.com>; Wed, 21 Jul 2010 05:43:42 -0700 (PDT)
Received: from sj-iport-1.cisco.com (sj-iport-1.cisco.com [171.71.176.70]) by core3.amsl.com (Postfix) with ESMTP id 86DC63A6B06 for <tls@ietf.org>; Wed, 21 Jul 2010 05:43:42 -0700 (PDT)
Authentication-Results: sj-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAG6IRkyrRN+K/2dsb2JhbACfb3GlG5sAhTIEhACEWQ
Received: from sj-core-4.cisco.com ([171.68.223.138]) by sj-iport-1.cisco.com with ESMTP; 21 Jul 2010 12:43:59 +0000
Received: from stealth-10-32-254-212.cisco.com (stealth-10-32-254-212.cisco.com [10.32.254.212]) by sj-core-4.cisco.com (8.13.8/8.14.3) with ESMTP id o6LChwlv025779; Wed, 21 Jul 2010 12:43:58 GMT
Message-Id: <25503E4F-8719-4BBD-946B-34A8B41C3546@cisco.com>
From: David McGrew <mcgrew@cisco.com>
To: Nikos Mavrogiannopoulos <nmav@gnutls.org>
In-Reply-To: <4C4611F8.9030400@gnutls.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Wed, 21 Jul 2010 05:43:57 -0700
References: <C9990CC0-A4D7-4519-9DEA-E415F11EBCEB@cisco.com> <001b01cb253a$242ad9b0$6c808d10$@briansmith.org> <43895D94-BB8B-4151-8E4E-C7148B35D361@cisco.com> <004b01cb276a$ac2a2190$047e64b0$@briansmith.org> <152DF6E4-BC01-453B-BCE4-0324F9B97D81@cisco.com> <4C4611F8.9030400@gnutls.org>
X-Mailer: Apple Mail (2.936)
Cc: "robert.cragie@gridmerge.com Cragie" <robert.cragie@gridmerge.com>, tls@ietf.org
Subject: Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IETF 78
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2010 12:43:44 -0000
Hi Nikos, On Jul 20, 2010, at 2:15 PM, Nikos Mavrogiannopoulos wrote: > David McGrew wrote: > >>> And, IMO, every implementation should >>> support the un-truncated form, so it should be impossible for the >>> client to >>> offer the truncated forms without also offering the un-truncated >>> form. >>> Specifying the truncation in an extension that the server is free to >>> ignore >>> would provide for that. >> >> I respectfully disagree. Users of low-power radio devices have >> already >> decided that it is acceptable to use 8 octets or fewer for >> authentication, and IMO TLS should accept and incorporate that >> policy. >> (802.15.4 link crypto allows zero to 8 octets of authentication >> strength.) > > Different fields of technology have different needs. Could you > elaborate > on why TLS should accept and incorporate the policy for low-power > radio > devices? Will low-power radio devices use TLS to communicate? yes, that is the plan of record. SE2.0 is IP-based (see http://www.zigbee.org/Markets/ZigBeeSmartEnergy/Version20Documents.aspx) and has voted to use TLS to protect communication above the link layer, though TLS ciphers and options need to be carefully considered in order to be suitable for the constrained environment. This is a very positive thing. Instead of inventing a completely new protocol, or creating a non-interoperable variant (like WTLS), the low-power wireless community is looking at ways of using standard TLS. regards, David > > > regards, > Nikos
- [TLS] AES-CCM ECC Cipher Suites for TLS @ IETF 78 David McGrew
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Brian Smith
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Juho Vähä-Herttua
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… David McGrew
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Juho Vähä-Herttua
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Brian Smith
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… David McGrew
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Nikos Mavrogiannopoulos
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… David McGrew
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Nikos Mavrogiannopoulos
- Re: [TLS] AES-CCM ECC Cipher Suites for TLS @ IET… Brian Smith