[TLS] RE: New version of draft-ietf-tlRE: New version of draft-ietf-tls-ecdhe-psk aftRE: New version of draft-ietf-tls-ecdhe-psk after the WGLC
badra@isima.fr Wed, 01 October 2008 12:50 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8F0693A6BF1; Wed, 1 Oct 2008 05:50:35 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6B4F03A6BA8 for <tls@core3.amsl.com>; Wed, 1 Oct 2008 05:50:34 -0700 (PDT)
X-Quarantine-ID: <bziE8xl5e9Nl>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER, Non-encoded 8-bit data (char C2 hex): Subject: ...-ietf-tl?=\n =?utf-8?Q?RE:\302\240[TLS]\302\240New\302\240ve[...]
X-Spam-Flag: NO
X-Spam-Score: -0.653
X-Spam-Level:
X-Spam-Status: No, score=-0.653 tagged_above=-999 required=5 tests=[AWL=-0.442, BAYES_00=-2.599, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, SARE_SUB_ENC_UTF8=0.152, SUBJ_ILLEGAL_CHARS=1.586]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bziE8xl5e9Nl for <tls@core3.amsl.com>; Wed, 1 Oct 2008 05:50:33 -0700 (PDT)
Received: from sp.isima.fr (sp.isima.fr [193.55.95.1]) by core3.amsl.com (Postfix) with ESMTP id 5F4463A6A2D for <tls@ietf.org>; Wed, 1 Oct 2008 05:50:33 -0700 (PDT)
Received: from www.isima.fr (www-data@www.isima.fr [193.55.95.79]) by sp.isima.fr (8.13.8/8.13.8) with SMTP id m91DowIh934000; Wed, 1 Oct 2008 14:50:58 +0100
Received: from 88.164.98.77 (SquirrelMail authenticated user badra) by www.isima.fr with HTTP; Wed, 1 Oct 2008 14:49:47 +0200 (CEST)
Message-ID: <55138.88.164.98.77.1222865387.squirrel@www.isima.fr>
In-Reply-To: <1696498986EFEC4D9153717DA325CB7201C31635@vaebe104.NOE.Nokia.com>
References: <48E0AD6A.3070705@isima.fr> <1696498986EFEC4D9153717DA325CB7201C31635@vaebe104.NOE.Nokia.com>
Date: Wed, 01 Oct 2008 14:49:47 +0200
From: badra@isima.fr
To: Pasi.Eronen@nokia.com
User-Agent: SquirrelMail/1.4.2
MIME-Version: 1.0
X-Priority: 3
Importance: Normal
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (sp.isima.fr [193.55.95.1]); Wed, 01 Oct 2008 14:50:59 +0100 (WEST)
Cc: tls@ietf.org
Subject: [TLS] RE: New version of draft-ietf-tlRE: New version of draft-ietf-tls-ecdhe-psk aftRE: New version of draft-ietf-tls-ecdhe-psk after the WGLC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
Dear Pasi, > The contents of the draft have changed quite a bit since version -02 > (which was posted just before the Dublin meeting), and I have some > comments about the changes: In fact, we discussed adding SHA256 and SHA348 to the document to avoid publishing several seperated documents; and if I recall well, your recommendation was to do that in one single document. If the group doesn't agree with this change, I will post the old version. > It's a bit surprising that e.g. TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, > when negotiated in TLS 1.2, would use the TLS PRF with SHA-1 as the > hash function. Note that e.g. TLS_DHE_PSK_WITH_AES_128_CBC_SHA (from > RFC 4279) would in this situation use the TLS PRF with SHA-256. In this case, I would know where I can read that cipher suites described in RFC 4492, when negotiated in TLS 1.2, will use the TLS PRF with SHA-256. Do you refer to Section 5 of TLS 1.2? The same for TLS_DHE_PSK_WITH_AES_128_CBC_SHA. > > My suggestion would be to say that all these cipher suites can be > negotiated with any TLS version; when used with TLS <1.2, they use > the PRF from that version; when used with TLS >=1.2, they use the > TLS PRF with SHA-256 or SHA-384. (In other words: they'd work the > same way as the cipher suites in RFC 4492/4279/4785.) > > This change would probably allow us to remove the SHA-1 suites > completely. With regard to version 2 of the document, only SHA-1 suites are described. So why we need to do this step? > Also, while I can understand combining AES-128 with > SHA-256, and AES-256 with SHA-384, I'm not sure why we need to > combine NULL encryption with three different MACs... > In the case we are going to remove the SHA-1 suites with NULL encryption, only 2 combinations will be available (if we keep the logic of moving away from SHA-1 and towards stronger hash algorithms, as RFC 5288 and 5289 do). Best regards, Badra _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] New version of draft-ietf-tls-ecdhe-psk aft… Mohamad Badra
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Pasi.Eronen
- [TLS] RE: New version of draft-ietf-tlRE: New v… badra
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Mohamad Badra
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Mohamad Badra
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Pasi.Eronen
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Mohamad Badra
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Mark Tillinghast
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Alfred Hönes
- Re: [TLS] New version of draft-ietf-tls-ecdhe-psk… Mark Tillinghast