Re: [TLS] New Version Notification for draft-mattsson-tls-ecdhe-psk-aead-02.txt

John Mattsson <> Sat, 25 July 2015 09:28 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A742B1A01EC for <>; Sat, 25 Jul 2015 02:28:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id s4FWJGI-ThzN for <>; Sat, 25 Jul 2015 02:28:15 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 611401A1B86 for <>; Sat, 25 Jul 2015 02:28:15 -0700 (PDT)
X-AuditID: c1b4fb30-f79706d000007227-a3-55b356ad4cf4
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id FA.25.29223.DA653B55; Sat, 25 Jul 2015 11:28:13 +0200 (CEST)
Received: from ([]) by ([]) with mapi id 14.03.0210.002; Sat, 25 Jul 2015 11:28:12 +0200
From: John Mattsson <>
To: "" <>
Thread-Topic: New Version Notification for draft-mattsson-tls-ecdhe-psk-aead-02.txt
Thread-Index: AQHQxrT1jraT/AGJ3EGwUDbzhcU+0Z3r6wkA
Date: Sat, 25 Jul 2015 09:28:12 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrBLMWRmVeSWpSXmKPExsUyM+Jvje7asM2hBi1zFCw+ne9idGD0WLLk J1MAYxSXTUpqTmZZapG+XQJXxqu+n6wFSyQrdnWsYGlgvCDRxcjJISFgInH44DNWCFtM4sK9 9WxdjFwcQgJHGSWe3T0DlhASWMQo0XBTBMRmEzCQmLunAaiIg0NEQFHi0+dskLCwQIjE4eVH mEFsEYFQiSk/G1khbCOJm5/+M4LYLAKqEqtWTmAHsXkFzCVmf73LBDHeXuLqlvlgNqeAg8Tc iadZQGxGoHu+n1oDFmcWEJe49QSiRkJAQGLJnvPMELaoxMvH/8B2iQroSUy/uA0qriSx6PZn JpAzmQU0Jdbv0ocYYy2xeNJhqJGKElO6H0KdIyhxcuYTlgmM4rOQbJuF0D0LSfcsJN2zkHQv YGRdxShanFqclJtuZKSXWpSZXFycn6eXl1qyiREYVQe3/DbYwfjyueMhRgEORiUe3geqm0OF WBPLiitzDzFKc7AoifPO2JwXKiSQnliSmp2aWpBaFF9UmpNafIiRiYNTqoHRh/H571jlnGZ2 A9vHfVvf/WbrO3SjI3bdSpbtJ37FV/1ZbLwq4DVr9u6u8n7mR9tbJJ9bXg7NOem6+tUB+yx+ v4Yil2Vmp98s8Aw5G7LFWF65Othb2YL7OUdYvHjf3I22rVemL/LqftfkMDu/wPjypHvzdb+4 rNS5d99KrExgr9jLjNmLHwspsRRnJBpqMRcVJwIAK8H0cYsCAAA=
Archived-At: <>
Subject: Re: [TLS] New Version Notification for draft-mattsson-tls-ecdhe-psk-aead-02.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 25 Jul 2015 09:28:17 -0000

Thanks for the good comments during the meeting. This new version should
take care of them all:

- Updated the PRF and ECC curves for the AES-256 cipher suites.
- Included SHA_256 and SHA_384 in the cipher suite names.
- Made it clear which security considerations that apply. For the PSK
aspects, I made a short summary.

I also made the following changes:

- Fixed a wrong reference to the ECC TLS RFC.
- Added missing reference to AEAD_AES_128_CCM_8
- Divided the references into Normative and Informal

How do we proceed with this now? From my point of view the draft is more
or less done, and I do not see much work needed from the tls wg.

(As a note, this draft would not have been needed with an a la carte


On 25/07/15 10:36, "" <>

>A new version of I-D, draft-mattsson-tls-ecdhe-psk-aead-02.txt
>has been successfully submitted by John Mattsson and posted to the
>IETF repository.
>Name:		draft-mattsson-tls-ecdhe-psk-aead
>Revision:	02
>Title:		ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport
>Layer Security (TLS)
>Document date:	2015-07-24
>Group:		Individual Submission
>Pages:		6
>   This memo defines several new cipher suites for the Transport Layer
>   Security (TLS) protocol.  The cipher suites are all based on the
>   Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
>   (ECDHE_PSK) key exchange together with the Authenticated Encryption
>   with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK
>   provides light and efficient authentication, ECDHE provides perfect
>   forward secrecy, and AES-GCM and AES-CCM provides encryption and
>   integrity protection.
>Please note that it may take a couple of minutes from the time of
>until the htmlized version and diff are available at
>The IETF Secretariat