[TLS] Comment on draft-ietf-tls-dtls13
John Mattsson <john.mattsson@ericsson.com> Wed, 18 November 2020 08:14 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC7BC3A1650 for <tls@ietfa.amsl.com>; Wed, 18 Nov 2020 00:14:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1du14WG1cTbX for <tls@ietfa.amsl.com>; Wed, 18 Nov 2020 00:14:31 -0800 (PST)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2074.outbound.protection.outlook.com [40.107.22.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 809543A164C for <TLS@ietf.org>; Wed, 18 Nov 2020 00:14:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iUd2MnN0y+PfyyPL4sa3PYIfA/PA3QnF5oeaLQtechgZcqscTLr2IBPayWvNbT0dw6OyFcbt+bzVuxbkYQLiLeEMiKxeMcVUBPP9wELFL+QCNmuy4h+vlJnKL8T+KbaDR4AGdtw0/p9/qwlARwwmkKcEzMbGcD0rc7pNPE6b7I+aj/sM264GinAu6IIAJr7TRJKtZcPBEd8+pVsIsxKJ0LXPq5PJJNgvrnPYrKoAGO7wAlO3EmdUXESf8AfZ9r/o/XKCj3Hba2bJjo8dzEWpeP2HxditPWnq8ruD+/VttNgqWq8e33fgtcI5yF00BkUZY6LzhF8oPKRGffaMOyisYA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ipF2h6/l759A4v/SpkZr7d5yxnVSkj/KmWVpK3ckmGQ=; b=gZYkxx9fs4e9RXOB/bGqNrGCyms+Phk9YXCUB7jgv/ZP2z+a4hjBI7GZNVvX4dOFFszfViRbsLjM/QF1B7xSTKNCjk0euFAsoLccAVrPSmJYwO5notIG91JF/MXO5/XKLHapR294vPjXMN/0S/Fe4bk1g71N4o+V4uGxX2ItksOg5qJ54qHGRzBLWplXQSuQSOc6f7iiRO4nnbvKflu95V7WNszRDsTWZQv05nnGt7eL8lMb3P8zAn4i6zSCB+h3Typ/r84wfeaSY7vFMogNz8hn7tWUgU2qxBvLpos64uBt8yFTF67w+HLSez24yxUX9j2TDuuVTWYxJeALgOZKfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ipF2h6/l759A4v/SpkZr7d5yxnVSkj/KmWVpK3ckmGQ=; b=Wj44zm3T6xnSJvfzH0KtAI3Xk7JSNQ7rWAafoH0spfq8eSu+bzUGF3AT5e92OK1TIe7y3G9JrhOyDELCVi++oq5M91qOBQ/TMJUyBgL0p7IGdY3au4smYT61+eAEYsEqYoksPDhZ92ukN93CgOEtT6x1LcUWcNgKPhqoaJSWPcs=
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com (2603:10a6:20b:17::24) by AM7PR07MB6375.eurprd07.prod.outlook.com (2603:10a6:20b:138::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3589.16; Wed, 18 Nov 2020 08:14:25 +0000
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::951:a4c3:7f39:e39c]) by AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::951:a4c3:7f39:e39c%5]) with mapi id 15.20.3589.017; Wed, 18 Nov 2020 08:14:25 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: Comment on draft-ietf-tls-dtls13
Thread-Index: AQHWvYLUnENbu0oO+EmX0qVGzv5ngA==
Date: Wed, 18 Nov 2020 08:14:25 +0000
Message-ID: <7E31FEC3-9C0A-41B2-BEC5-40570F978346@ericsson.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.42.20101102
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e3f9ec6d-c1d7-451d-1c5f-08d88b99f6a0
x-ms-traffictypediagnostic: AM7PR07MB6375:
x-microsoft-antispam-prvs: <AM7PR07MB637535D663F89E9B0B44460789E10@AM7PR07MB6375.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kkWtQYgS6tD0qMikV+XIlFXho4H2vqhMpU1/ivj78puwGQkmt5Z4vQLCIZ5ueEGKwse8TT2rOaFWzMTWf70sJ3KiBNVu6B8WrctMfgO61k3WpdQFYbDltxum7jFajehWaN7AWD3Zm0Q+Xz7aT2u9LVvR25qYbyUCnAuzhOzlUaDc7ZjsFKER/kyGKlHOq5xsKfOT8F6f/hr1N6kFV2hl5uGpJdNBcND2xNeR7Tv70ChT2i++GCLJnvsJBQ0+/dX6iqsGLLrb0+cbTz3KY33PSc/BjH0oUDbf5pO4zkmIN/kfemc216GsBPerJ8oWJNX/NxsJ/uYjAw5GM4rTmBJMdQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB4584.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(376002)(39860400002)(366004)(346002)(6916009)(26005)(478600001)(66476007)(6506007)(91956017)(76116006)(86362001)(2906002)(6512007)(4744005)(36756003)(2616005)(33656002)(316002)(8936002)(83380400001)(71200400001)(66556008)(186003)(64756008)(8676002)(66446008)(6486002)(5660300002)(44832011)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: H3OxuEk2RIOZIlKfalxDw2J0WwXxweiGm+o7RbQuzold0s0pWQsuN99GXXbrPd9ytjv08BztPCWuXOwjFtOLohM7Updao8A0v0CDPo1JM+C+Dw6ZjcGKAdA/b59BCmysvlltwZMV24/PjBKIckH2Dkli2tImGf7yf3t9rmGYPT4w49fcafMS3ITI3tHd/VQ5m00vTOoDqyaX3YZcI6vwCBsyT4Arkyg0QvCFxvrVdQF4L95dDA24skJ1n1t0vjc2uszbRfUbIPtTl33Ic6jLKb6MGFyhW48MY4DkqIkUt+C25+sf6yTZSPvKdyjru0PZUzd07cOZ1f9BQpfvywqcX3X0Su59WSsJzM8u+jsu6zjPXhFu92pXm+YowWmmcgQtM0LNMDCBztu0vDkJwmUIOnTqwMpJvyWM6h2LlNEd4kEF5O7z20HCdwJUCsDcU/TiUVAbj6dRdpcpheVCkecH904urzPi9b8PlV9uXxfnp5CggguDDnN+5PmuQH3w4OE+TGKRZCpz4wtWXttJa45skFy9ab6cRz2buzE22llqWl/ukPtcrrZw1z2957iLwSwKfWcgqfgYQFRqrJ1E7rQPOu/H1wLw2KduyJaejn4vB0M24PKgcxA8w4hbmJ9wMQibJi8ur7n0e4H5+h8GJe0o3Q==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <DD5862572EE0A04480052F957002DE87@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM6PR07MB4584.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e3f9ec6d-c1d7-451d-1c5f-08d88b99f6a0
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Nov 2020 08:14:25.6020 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 5wS2fjJurID4wCHm/VWNc5lACxhGnGLBSe4mFqIkLFr8aFC4D73kb8VxJUGSAuh140DzaiL4t/ZBbXIM2HrtfuQlUzTQnPkxLr0xcrOG1aA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6375
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/YCurW-E5XsO78DyXjdMsPrFfvAo>
Subject: [TLS] Comment on draft-ietf-tls-dtls13
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2020 08:14:33 -0000
Hi, I fully support the statements "TLS_AES_128_CCM_8_SHA256 is not suitable for general use" and "MUST NOT be used without additional safeguards". CCM_8 has no place in general non-constrained DTLS usage. I do however not understand the logic behind the following classifications that have been done in recent TLS WG documents: CCM_8 MUST NOT be used without additional safeguards Group key authentication NOT RECOMMENDED psk_ke RECOMMENDED Of these three I would say that CCM_8 is by far the least worrisome security problem. Even in systems with 32 bit tags, the tag length is likely very far down on the list of most severe practical security problems. Non-PFS key exchange and symmetrical group keys on the other hand are very real practical security problems that are exploited daily. Cheers, John
- [TLS] Comment on draft-ietf-tls-dtls13 John Mattsson