IETF Logo Mail Archive

Re: [TLS] WG interest in draft-chudov-cryptopro-cptls-02.txt

Dmitry Belyavsky <beldmit@cryptocom.ru> Tue, 29 November 2005 14:39 UTC

Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eh6do-0003dN-F7; Tue, 29 Nov 2005 09:39:32 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eh6dm-0003dH-In for tls@megatron.ietf.org; Tue, 29 Nov 2005 09:39:30 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA12884 for <tls@ietf.org>; Tue, 29 Nov 2005 09:38:46 -0500 (EST)
Received: from cryptocom.ipmce.ru ([194.85.185.72] helo=mx.cryptocom.ru) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Eh6xr-0005jd-DP for tls@ietf.org; Tue, 29 Nov 2005 10:00:16 -0500
Received: by mx.cryptocom.ru (Postfix, from userid 500) id AF399F6EB; Tue, 29 Nov 2005 17:39:04 +0300 (MSK)
Received: from manul.lan.cryptocom.ru (manul.lan.cryptocom.ru [10.51.17.211]) by mx.cryptocom.ru (Postfix) with ESMTP id 28513F6D3; Tue, 29 Nov 2005 17:39:04 +0300 (MSK)
Date: Tue, 29 Nov 2005 17:40:25 +0300
From: Dmitry Belyavsky <beldmit@cryptocom.ru>
X-X-Sender: beldmit@manul.lan.cryptocom.ru
To: Russ Housley <housley@vigilsec.com>
Subject: Re: [TLS] WG interest in draft-chudov-cryptopro-cptls-02.txt
In-Reply-To: <7.0.0.10.2.20051128144717.02c1fc78@vigilsec.com>
Message-ID: <Pine.LNX.4.62.0511291734070.23219@manul.lan.cryptocom.ru>
References: <20051128190250.C9E7622244D@laser.networkresonance.com> <7.0.0.10.2.20051128144717.02c1fc78@vigilsec.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
Cc: "tls@ietf.org" <tls@ietf.org>
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Sender: tls-bounces@lists.ietf.org
Errors-To: tls-bounces@lists.ietf.org

Greetings!

On Mon, 28 Nov 2005, Russ Housley wrote:

> As written, the document needs the PRF agility that was discussed for TLS 1.2.
> So, I would think that this document would be a good candidate for a
> ciphersuite using the non-mandatory-to-implement PRF.  Having one in and while
> developing TLS 1.2 sounds very desirable to me.

What can you say about section 3.3 of draft-chudov-cryptopro-cptls-02.txt?
It describes a non-reasoned aberration from RFC 2246:

====================
   For all four cipher suites, the use of MAC is slighttly different
   from the one, described in section 6.2.3.1 of [TLS].  In [TLS], MAC
   is calculated from the following data:

     MACed_data[seq_num] = seq_num +
                           TLSCompressed.type +
                           TLSCompressed.version +
                           TLSCompressed.length +
                           TLSCompressed.fragment;

   These cipher suites use the same input for first record, but for each
   next record the input from all previous records is concatenated:

     MACed_data[0] + ... + MACed_data[n]
====================


-- 
SY, Dmitry Belyavsky (ICQ UIN 11116575)


_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email