IETF Logo Mail Archive

Re: [TLS] draft-ietf-tls-psk-new-mac-aes-gcm-01 : portfolio question

Mohamad Badra <badra@isima.fr> Wed, 27 August 2008 14:11 UTC

Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8BA1B28C295; Wed, 27 Aug 2008 07:11:57 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 09FFF28C28D for <tls@core3.amsl.com>; Wed, 27 Aug 2008 07:11:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.76
X-Spam-Level:
X-Spam-Status: No, score=-0.76 tagged_above=-999 required=5 tests=[BAYES_05=-1.11, HELO_EQ_FR=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Po7ssL0kdWBq for <tls@core3.amsl.com>; Wed, 27 Aug 2008 07:11:55 -0700 (PDT)
Received: from sp.isima.fr (sp.isima.fr [193.55.95.1]) by core3.amsl.com (Postfix) with ESMTP id 0B4D628C287 for <tls@ietf.org>; Wed, 27 Aug 2008 07:11:54 -0700 (PDT)
Received: from [127.0.0.1] (pc158.isima.fr [193.55.95.158]) by sp.isima.fr (8.13.8/8.13.8) with ESMTP id m7RFBSJL196698; Wed, 27 Aug 2008 16:11:29 +0100
Message-ID: <48B5604F.7080305@isima.fr>
Date: Wed, 27 Aug 2008 16:10:23 +0200
From: Mohamad Badra <badra@isima.fr>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <20080828013732.z4ahm31w8ws8c8c0@webmail.cs.auckland.ac.nz>
In-Reply-To: <20080828013732.z4ahm31w8ws8c8c0@webmail.cs.auckland.ac.nz>
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (sp.isima.fr [193.55.95.1]); Wed, 27 Aug 2008 16:11:29 +0100 (WEST)
Cc: tls@ietf.org
Subject: Re: [TLS] draft-ietf-tls-psk-new-mac-aes-gcm-01 : portfolio question
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org

Dear Peter,

>> 2. The document in question (draft-ietf-tls-psk-new-mac-aes-gcm-01)
>>   *is* an add-on document and none of these algorithms are mandatory
>>   to implement.
> 
> So if another standards group mandates GCM (as per this draft), which
> algorithms am I supposed to implement?  I can't see anything in the draft
> saying that the algorithms are all optional.

In the Security Considerations section:

    The security considerations in RFC 4279, RFC 4758, and [I-D.ietf-
    tls-rsa-aes-gcm] apply to this document as well.  In addition, as
    described in [I-D.ietf-tls-rsa-aes-gcm], these cipher suites may
    only be used with TLS 1.2 or greater.

I think "these cipher suites may only be used with TLS 1.2 or greater" 
is equivalent to "they are optional and are only to be used with TLS1.2 
or greater".

Best regards

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email