Re: [TLS] AD review of draft-ietf-tls-ecdhe-psk-aead-02
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 02 May 2017 11:48 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 602F3131670 for <tls@ietfa.amsl.com>; Tue, 2 May 2017 04:48:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ttveCm6SDLc for <tls@ietfa.amsl.com>; Tue, 2 May 2017 04:48:27 -0700 (PDT)
Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54E9C13168E for <tls@ietf.org>; Tue, 2 May 2017 04:45:43 -0700 (PDT)
Received: by mail-qk0-x232.google.com with SMTP id q1so39600553qkd.2 for <tls@ietf.org>; Tue, 02 May 2017 04:45:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=QyloKHIm9W7c+kTZDvp5P6rpR0ysIPqNu/KMwuNBubo=; b=u0eLR8uG9xkExzzgldbC1a3IfEJyHq0V4wbU1I6ewplAwH1g7MFb1SQIbg1nF6k7k1 7WA33NLTwQyhgWhCTYFIamZWHX6lJGroO4soptgaT8CZtWRIJkOluc+77pDSy7UnRSsZ d98raWH4j/tY7k3dBeEMxRQUX6OAonsrQ/pfue0GZLcXDczl8L4fH1LsE3RQrdNX2gMZ MgruQkYQQCdVuXcrLEJ0MBX33IJ4do9TadC9umek+tUpFSnu006KEiY44OjNEb5wY3d3 6xgz1NcfpLFZl29mHg9megAvdEngJEnoi6Ck6zJEqZWtUB0neOJ0LGYYRu6Vt3Hgs03r kpSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=QyloKHIm9W7c+kTZDvp5P6rpR0ysIPqNu/KMwuNBubo=; b=D8Qe4/2LSpY97EQkAwS/UF5beFo0CmKX8OLu+vYMCGYDja9K9n/NOQfV/1w9wn+pNs 6eEwLi4utC31U5gY9NnHgHMcBWrCZBKSCq+wMzSVxwyhKOiMnc5N+GshKIErz+Dpnt6B ISlBXAO0dObce7DEFPlSUyJJyvWXFRXCGIBFIhESOujviOQ7X5KvtbhwS73XqvX2UecR ouOcVFH/iGVNULg76gTkDg1yVisGotDPFvwKaLrDBur8agzvhbZt799uYNID0XhKExaT bah/wVLOhBSBVMTVhxJEuymViUYDsqkF+VA/yxKIuin1PcXNFuzIgja6GQV6vmlRndMl S91Q==
X-Gm-Message-State: AN3rC/6YKznueyLtg+up8lg0+xGqDXa0wnl2eiMqueuaOMxKnWLyAdry agOL+WKjsRF9fA==
X-Received: by 10.55.74.215 with SMTP id x206mr24714635qka.57.1493725542574; Tue, 02 May 2017 04:45:42 -0700 (PDT)
Received: from [192.168.1.13] (209-6-124-204.c3-0.arl-ubr1.sbo-arl.ma.cable.rcn.com. [209.6.124.204]) by smtp.gmail.com with ESMTPSA id z63sm12984124qkc.6.2017.05.02.04.45.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 02 May 2017 04:45:41 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-F4A4366F-914D-4805-B812-5C254F68E276"
Mime-Version: 1.0 (1.0)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: iPhone Mail (14D27)
In-Reply-To: <CADZyTkkyVC3_YnrniVscQETwP6bgduCMHpSiVNnGPqzz9dtgUg@mail.gmail.com>
Date: Tue, 02 May 2017 07:45:40 -0400
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <05FBCFBA-93BE-4314-830D-65528F6BAED9@gmail.com>
References: <CAHbuEH51dg46EfS6PxiZC0BB8RG0-Vj-WXSPPTCqbZdiMLHZBA@mail.gmail.com> <CADZyTkkyVC3_YnrniVscQETwP6bgduCMHpSiVNnGPqzz9dtgUg@mail.gmail.com>
To: Daniel Migault <daniel.migault@ericsson.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/O-7odlwX6pxiFHn8AXFlJZ4lvd0>
Subject: Re: [TLS] AD review of draft-ietf-tls-ecdhe-psk-aead-02
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 May 2017 11:48:29 -0000
Hi Daniel, Thank you, please publish version 3 and I'll kick off last call. You could update the TLS version to 20 as well, but that's something that will get fixed with the RFC number while in the RFC editor queue. Best regards, Kathleen Sent from my iPhone > On May 1, 2017, at 9:46 PM, Daniel Migault <daniel.migault@ericsson.com> wrote: > > Hi Kathleen, > > Thank you for the review. I have proceeded to the update of my local copy. The text is: > > """ > The cipher suite numbers listed in the last column are numbers used > for cipher suite interoperability testing and it's suggested that IANA > use these values for assignment. > """ > > Other nits have been addressed as well. > > If that is fine, I can publish the version 03. > > Yours, > Daniel > > >> On Mon, May 1, 2017 at 2:23 PM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote: >> Hello, >> >> Thanks for your work on the draft draft-ietf-tls-ecdhe-psk-aead-02. >> >> In the IANA section, I think it would be a bit more clear to say in >> the last column rather than second column wince one might interpret >> this listing as having 3 columns. >> >> The cipher suite numbers listed in the second column are numbers used >> for cipher suite interoperability testing and it's suggested that >> IANA use these values for assignment. >> >> The registry has this reversed with the description as the second >> column, which is fine. I'm just pointing that out as it doesn't >> clarify the column for you. >> >> Nits: >> >> Security Considerations section: >> >> Use of Pre-Shared Keys of limited entropy may allow an active >> attacker attempts to connect to the server and tries different keys. >> s/tries/try/ >> >> Other >> example includes the use of a PSK chosen by a human and thus may be >> exposed to dictionary attacks. >> s/Other/Another/ >> >> >> -- >> >> Best regards, >> Kathleen >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >
- [TLS] AD review of draft-ietf-tls-ecdhe-psk-aead-… Kathleen Moriarty
- Re: [TLS] AD review of draft-ietf-tls-ecdhe-psk-a… Daniel Migault
- Re: [TLS] AD review of draft-ietf-tls-ecdhe-psk-a… Kathleen Moriarty
- Re: [TLS] AD review of draft-ietf-tls-ecdhe-psk-a… Daniel Migault