IETF Logo Mail Archive

Re: [TLS] [Gen-art] Genart telechat review of draft-ietf-tls-ecdhe-psk-aead-04

Dan Romascanu <dromasca@gmail.com> Wed, 24 May 2017 22:05 UTC

Return-Path: <dromasca@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E5DA1287A7; Wed, 24 May 2017 15:05:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HE_5z2MVLzqk; Wed, 24 May 2017 15:05:55 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66825126CF9; Wed, 24 May 2017 15:05:55 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id k74so165410023qke.1; Wed, 24 May 2017 15:05:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=V3bEJVmTghW+X6rgS+l/oQtoc9hbwKmIv0x1WHMkA9g=; b=f0XEM30GQLjMHLS1ZhBcVI2KA/sEiIQbxkfLWpxGQ0Sbj7kzxAOzWKNLyMyO9MKgQ9 llwrg0X52bwC8uKIbedyqWAnn3DS3ZagRzvSmBtKSfPRA93GaTUsmsxTKq+l1/4vSah+ sJahUIC1bQpQkhiLUqne5P3scVKwuMagUcpI2/2touj7BJHzf2nd5+RMyKne6RFBL/Hv L/Xzg8aP1W+h52hR9tWstpwyrtEjbiwi9hu0heFgE0jtQ7p8fKIbdKsLW/yHRcMuni+h J8dXzJNq/63TZkpBZPhB64RdNfOufJa/OVsVwZqk5z/04R4YLhrYfrNs/S9mf8lRa3oM YzJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=V3bEJVmTghW+X6rgS+l/oQtoc9hbwKmIv0x1WHMkA9g=; b=JdrtUcoWlhRr8hKRgOhK6uFu28Bj3M3Tu2BsExabQVIgi0Jq9josV5sji5qZXg6cUe eCP0aA1p+vp5mygPkeHST2H6eGDdSTqqgTcSXs2Fu/OhTC6js7sphMDL1FqNWeOHuKB0 gPXIf5PxjTPOsrb49ilrYtf9GavVEgZm9lSE1mdUup+nkQUoVkf1zXdmKoMgaCKHSBxW +xAIYDIXLM+9rDbJMJFDCuGjUt8LSEGJUlH3CVSDRWAdmnCYE2q3Qph1tl4l/nWazWeg bU9D7Byh8LvJmQhNZuXhNoAnNkvPHfSqcIZJ+RkT7iOGw7a/MjXCqLZTPZKDFSLpOINC FbyQ==
X-Gm-Message-State: AODbwcAJIkCX+wMquHgcfzTWrXnE9kisFqsDcoKtOGAv8pEYQJzrrUlY d8b7xlkNz7McFueZx2BQcQzRcrk7PyOO
X-Received: by 10.55.157.74 with SMTP id g71mr36468864qke.92.1495663554495; Wed, 24 May 2017 15:05:54 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.31.101 with HTTP; Wed, 24 May 2017 15:05:53 -0700 (PDT)
In-Reply-To: <CAOgPGoAJnvX3-ZWL73Og0qPnKwozf5yB772ZBs3oyxAG_Z6HiQ@mail.gmail.com>
References: <149523380739.28567.9584998643479497589@ietfa.amsl.com> <34EDA6D1-71BA-4E4C-BB9F-5E8FD05786D9@cooperw.in> <CAOgPGoAJnvX3-ZWL73Og0qPnKwozf5yB772ZBs3oyxAG_Z6HiQ@mail.gmail.com>
From: Dan Romascanu <dromasca@gmail.com>
Date: Thu, 25 May 2017 01:05:53 +0300
Message-ID: <CAFgnS4WhkXWpTs4h4TUzw9vbpif428-njgXMmEzer1oE5Q-YUw@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
Cc: Alissa Cooper <alissa@cooperw.in>, "gen-art >> General area reviewing team" <gen-art@ietf.org>, draft-ietf-tls-ecdhe-psk-aead.all@ietf.org, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0556ecde8d8f05504c4e81"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/PAuwi6rrMnC3BLNHeJq6ZQ87GwY>
Subject: Re: [TLS] [Gen-art] Genart telechat review of draft-ietf-tls-ecdhe-psk-aead-04
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2017 22:05:58 -0000

Hi Joe,

Looks OK, but don't you need to also drop 'as well as version 1.3 of TLS'
from the first paragraph in the Introduction?

Regards,

Dan

On Thu, May 25, 2017 at 12:29 AM, Joseph Salowey <joe@salowey.net> wrote:

> Hi Dan and Alissa,
>
> There has been some churn in the text of the document due to my oversight
> when sending the document to the IESG.   The proposed new text provided
> below show should also resolve your comment.  Please let me know if you see
> any issues with this approach.
>
> Thanks,
>
> Joe
>
> Replacing section 4:
>
>
>    The cipher suites defined in this document MUST NOT be negotiated for
>    any version of (D)TLS other than TLS 1.2.  Servers MUST NOT select
>    one of these cipher suites when selecting TLS version other than TLS
>    1.2.  A client MUST treat the selection of these cipher suites in
>    combination with a different version of TLS as an error and generate
>    a fatal 'illegal_parameter' TLS alert.
>
>    Cipher suites TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384,
>    TLS_AES_128_CCM_8_SHA256 and TLS_AES_128_CCM_SHA256 are used to
>    support equivalent functionality in TLS 1.3 [I-D.ietf-tls-tls13].
>
>
>
>
> On Wed, May 24, 2017 at 8:15 AM, Alissa Cooper <alissa@cooperw.in> wrote:
>
>> Dan, thank you for your reviews of this document and thanks to the
>> authors for providing clarifications. I have balloted No Objection.
>>
>> Alissa
>>
>> > On May 19, 2017, at 6:43 PM, Dan Romascanu <dromasca@gmail.com> wrote:
>> >
>> > Reviewer: Dan Romascanu
>> > Review result: Ready
>> >
>> > I am the assigned Gen-ART reviewer for this draft. The General Area
>> > Review Team (Gen-ART) reviews all IETF documents being processed
>> > by the IESG for the IETF Chair. Please wait for direction from your
>> > document shepherd or AD before posting a new version of the draft.
>> >
>> > For more information, please see the FAQ at
>> >
>> > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
>> >
>> > Document: draft-ietf-tls-ecdhe-psk-aead-??
>> > Reviewer: Dan Romascanu
>> > Review Date: 2017-05-19
>> > IETF LC End Date: 2017-05-18
>> > IESG Telechat date: 2017-05-25
>> >
>> > Summary:
>> >
>> > This is a straight-forward and clear document that defines several new
>> > cipher suites for the Transport Layer Security (TLS) protocol version
>> > 1.2 and higher, based on the Ephemeral Elliptic Curve Diffie-Hellman
>> > with Pre-Shared Key (ECDHE_PSK) key exchange together with the
>> > Authenticated Encryption with Associated Data (AEAD) algorithms
>> > AES-GCM and AES-CCM. The document is well written and I appreciate the
>> > effort to clarify in the Introduction the context, what was missing,
>> > and why the document is necessary. One issue raised in my initial
>> > review for draft-03 was addressed, discussed and draft-04 includes
>> > useful clarification text.
>> >
>> > The document is Ready
>> >
>> > Major issues:
>> >
>> > Minor issues:
>> >
>> > Nits/editorial comments:
>> >
>> >
>> > _______________________________________________
>> > Gen-art mailing list
>> > Gen-art@ietf.org
>> > https://www.ietf.org/mailman/listinfo/gen-art
>>
>>
>

v2.23.0 | Report a Bug | By Email