IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-02.txt

Manuel Pégourié-Gonnard <mpg@polarssl.org> Fri, 24 October 2014 16:53 UTC

Return-Path: <mpg@polarssl.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63A371A88F4 for <tls@ietfa.amsl.com>; Fri, 24 Oct 2014 09:53:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.397
X-Spam-Level:
X-Spam-Status: No, score=0.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_EQ_NL=1.545, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 507rtpgz5eTp for <tls@ietfa.amsl.com>; Fri, 24 Oct 2014 09:53:42 -0700 (PDT)
Received: from vps2.offspark.com (vps2.brainspark.nl [141.138.204.106]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A8DD1A87CC for <tls@ietf.org>; Fri, 24 Oct 2014 09:51:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=polarssl.org; s=exim; h=Subject:Content-Transfer-Encoding:Content-Type:In-Reply-To:References:To:MIME-Version:From:Date:Message-ID; bh=ZFdGCU9+PBMa2Y6qhJzO9NElcwqsCIek16KswhhMaJI=; b=i5UN+A7oqwHaIty3GSuDnE95T4jYV+wUbXdq5swPGfq6mwwT7/FD8RVGiOaNUFfFlcx0OcP+uvA4ReqfvYyEH+jiFN1OkfsWpOHClQcBZZJUldo5WFdxVOyuPNkJSCNHlUzdOiT8hz76/jVVfKUPYBOOqKDAqFy95GAdlvXEwng=;
Received: from mna75-11-88-161-199-191.fbx.proxad.net ([88.161.199.191] helo=[192.168.0.12]) by vps2.offspark.com with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mpg@polarssl.org>) id 1Xhi5f-0002bc-7f; Fri, 24 Oct 2014 18:51:51 +0200
Message-ID: <544A83AB.80901@polarssl.org>
Date: Fri, 24 Oct 2014 18:51:55 +0200
From: Manuel Pégourié-Gonnard <mpg@polarssl.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, "dkg@fifthhorseman.net" <dkg@fifthhorseman.net>, "tls@ietf.org" <tls@ietf.org>
References: <9A043F3CF02CD34C8E74AC1594475C739B9D7684@uxcn10-5.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C739B9D7684@uxcn10-5.UoA.auckland.ac.nz>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 88.161.199.191
X-SA-Exim-Mail-From: mpg@polarssl.org
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on vps2.offspark.com)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/X4wzdSC4yhYTRf-77ZQHY0SieQE
Subject: Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Oct 2014 16:53:44 -0000

On 24/10/2014 13:32, Peter Gutmann wrote:
> Shorter groups are still required for embedded devices. You're not "blessing"
> them, you're just giving people the option to use them.

People already have the option to use arbitrary groups, and it itsn't going away
with this draft. This draft is about improving security, I don't think it makes
sense to standardise shorter groups in this context.

Manuel.

PS: besides, I agree that constrained devices had better use ECC anyway.

v2.39.1 | Report a Bug | By Email | System Status