Re: [TLS] Working Group Last Call for draft-ietf-tls-pwd
Love Hörnquist Åstrand <lha@kth.se> Mon, 11 November 2013 10:53 UTC
Return-Path: <lha@kth.se>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B0C711E815A for <tls@ietfa.amsl.com>; Mon, 11 Nov 2013 02:53:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.197
X-Spam-Level:
X-Spam-Status: No, score=-1.197 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SARE_OBFU_ALL=0.751]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id heJwNQ3glg3W for <tls@ietfa.amsl.com>; Mon, 11 Nov 2013 02:53:08 -0800 (PST)
Received: from smtp-4.sys.kth.se (smtp-4.sys.kth.se [IPv6:2001:6b0:1:1300:250:56ff:fea6:2de3]) by ietfa.amsl.com (Postfix) with ESMTP id 3F97321E8091 for <tls@ietf.org>; Mon, 11 Nov 2013 02:53:08 -0800 (PST)
Received: from mailscan-1.sys.kth.se (mailscan-1.sys.kth.se [130.237.32.91]) by smtp-4.sys.kth.se (Postfix) with ESMTP id 737461FF0 for <tls@ietf.org>; Mon, 11 Nov 2013 11:53:07 +0100 (CET)
X-Virus-Scanned: by amavisd-new at kth.se
Received: from smtp-4.sys.kth.se ([130.237.48.193]) by mailscan-1.sys.kth.se (mailscan-1.sys.kth.se [130.237.32.91]) (amavisd-new, port 10024) with LMTP id m9U_r0vzT1yw for <tls@ietf.org>; Mon, 11 Nov 2013 11:53:02 +0100 (CET)
X-KTH-Auth: lha [80.216.20.112]
X-KTH-mail-from: lha@kth.se
X-KTH-rcpt-to: tls@ietf.org
Received: from [192.168.0.51] (c80-216-20-112.bredband.comhem.se [80.216.20.112]) by smtp-4.sys.kth.se (Postfix) with ESMTPSA id 0C41B1FD1 for <tls@ietf.org>; Mon, 11 Nov 2013 11:53:01 +0100 (CET)
From: Love Hörnquist Åstrand <lha@kth.se>
Content-Type: multipart/alternative; boundary="Apple-Mail=_41DEDA89-212D-49CF-83F3-C04912FB49B4"
Message-Id: <E4AD1150-692C-435F-924D-AF75DECE535D@kth.se>
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1906\))
Date: Mon, 11 Nov 2013 11:52:55 +0100
References: <9CD5611C-2742-435D-8832-9F85448591BA@qut.edu.au> <CEA27C78.1375B%uri@ll.mit.edu> <CAEKgtqk6D+q6-4Jb0afu2O9qRq=mE5_T_5UNrst2_BLmqVTFJw@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
In-Reply-To: <CAEKgtqk6D+q6-4Jb0afu2O9qRq=mE5_T_5UNrst2_BLmqVTFJw@mail.gmail.com>
X-Mailer: Apple Mail (2.1906)
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-pwd
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Nov 2013 10:53:13 -0000
[resend now that i’m subscribed to the mailinglist] AugPAKE is not defined for ECC, the draft just say that is possible to implement but not how. For example, is it safe for all kind of curves ? AugPAKE have not test vectors in the draft. (very important because of the next point). AugPAKE have no reference implementation that I’ve found. I have not seen a review of AugPAKE by IRTF CFRG. AugPAKE is currently encumbered by IPR issues for all protocols. Love 8 nov 2013 kl. 18:03 skrev SeongHan Shin <seonghan.shin@aist.go.jp>: > FYI, > AugPAKE is provably secure and can be used royal-free. > AugPAKE > https://tools.ietf.org/html/draft-shin-tls-augpake-01 > IPR Disclosures > https://datatracker.ietf.org/ipr/2037/ > > Regards, > Shin > > > > On Sat, Nov 9, 2013 at 1:35 AM, Blumenthal, Uri - 0558 - MITLL <uri@ll.mit.edu> wrote: > On 11/8/13 1:50 , "Douglas Stebila" <stebila@qut.edu.au> wrote: > > >I believe that where possible the IETF should aim to standardize > >cryptographic protocols that have provable security results. Such proofs > >of course don't guarantee the protocol is secure in all scenarios, but at > >least rule out some classes of attacks. In the field of password > >authenticated key exchange, there are many provably secure protocols, and > >so it would be preferable to see one such protocol adopted. > > I concur - except I believe that whenever possible the IETF should aim to > standardize cryptographic protocols that are unencumbered by license fees > and patents. If the choice arises between a protocol that carries both > (provable security and Intellectual Property) and a protocol that has > neither - I'd strongly prefer the latter. > > > > >On Nov 8, 2013, at 2:11 AM, Joseph Salowey (jsalowey) > ><jsalowey@cisco.com> wrote: > > > >> This is the beginning of the working group last call for > >>draft-ietf-tls-pwd-01. The underlying cryptographic protocol for > >>TLS-PWD has been reviewed by the IRTF CFRG group with satisfactory > >>results. The document needs particular attention paid to the > >>integration of this mechanism into the TLS protocol. Please send > >>comments to the TLS list by December 2, 2013. > >> > >> - Joe > >> (For the TLS chairs) > >> _______________________________________________ > >> TLS mailing list > >> TLS@ietf.org > >> https://www.ietf.org/mailman/listinfo/tls > > > >_______________________________________________ > >TLS mailing list > >TLS@ietf.org > >https://www.ietf.org/mailman/listinfo/tls > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > > > > -- > ------------------------------------------------------------------ > SeongHan Shin > Research Institute for Secure Systems (RISEC), > National Institute of Advanced Industrial Science and Technology (AIST), > Central 2, 1-1-1, Umezono, Tsukuba City, Ibaraki 305-8568 Japan > Tel : +81-29-861-2670/5284 > Fax : +81-29-861-5285 > E-mail : seonghan.shin@aist.go.jp > ------------------------------------------------------------------ > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] Working Group Last Call for draft-ietf-… Douglas Stebila
- [TLS] Working Group Last Call for draft-ietf-tls-… Joseph Salowey (jsalowey)
- Re: [TLS] Working Group Last Call for draft-ietf-… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] Working Group Last Call for draft-ietf-… SeongHan Shin
- Re: [TLS] Working Group Last Call for draft-ietf-… Love Hörnquist Åstrand
- Re: [TLS] Working Group Last Call for draft-ietf-… Love Hörnquist Åstrand
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Love Hörnquist Åstrand
- Re: [TLS] Working Group Last Call for draft-ietf-… SeongHan Shin
- Re: [TLS] Working Group Last Call for draft-ietf-… Ralf Skyper Kaiser
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Ralf Skyper Kaiser
- Re: [TLS] Working Group Last Call for draft-ietf-… oscar.koeroo
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Peter Sylvester
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Rene Struik
- Re: [TLS] Working Group Last Call for draft-ietf-… Watson Ladd
- Re: [TLS] Working Group Last Call for draft-ietf-… Robert Ransom
- Re: [TLS] Working Group Last Call for draft-ietf-… Robert Ransom
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… CodesInChaos
- Re: [TLS] Working Group Last Call for draft-ietf-… Rene Struik
- Re: [TLS] Working Group Last Call for draft-ietf-… Watson Ladd
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Watson Ladd
- Re: [TLS] Working Group Last Call for draft-ietf-… Mohamad Badra
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Mohamad Badra
- Re: [TLS] Working Group Last Call for draft-ietf-… Eric Rescorla
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Watson Ladd
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Bodo Moeller
- Re: [TLS] Working Group Last Call for draft-ietf-… Robert Ransom
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Mohamad Badra
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… SeongHan Shin
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… SeongHan Shin
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… SeongHan Shin
- Re: [TLS] Working Group Last Call for draft-ietf-… Watson Ladd
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… CodesInChaos
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Joseph Birr-Pixton
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Ralf Skyper Kaiser
- Re: [TLS] Working Group Last Call for draft-ietf-… Manuel Pégourié-Gonnard
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Trevor Perrin
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins
- Re: [TLS] Working Group Last Call for draft-ietf-… Ralf Skyper Kaiser
- Re: [TLS] Working Group Last Call for draft-ietf-… Dan Harkins