IETF Logo Mail Archive

[TLS] ETSI releases standards for enterprise security and data centre management

Dmitry Belyavsky <beldmit@gmail.com> Sat, 01 December 2018 09:10 UTC

Return-Path: <beldmit@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 556C3126CB6 for <tls@ietfa.amsl.com>; Sat, 1 Dec 2018 01:10:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Vms4rwBXqxe for <tls@ietfa.amsl.com>; Sat, 1 Dec 2018 01:10:50 -0800 (PST)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3E3A12426E for <tls@ietf.org>; Sat, 1 Dec 2018 01:10:49 -0800 (PST)
Received: by mail-ed1-x52f.google.com with SMTP id b14so6763953edt.6 for <tls@ietf.org>; Sat, 01 Dec 2018 01:10:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=K8w8gwhm3a1IWEhtog1991pXqgPEL4J61wJrjM8avi8=; b=f2yuv9yjlpb8MPKhtdSiZon9+Qw84kwoGpONrnN/zOTMgrOOH+7v3Kki91tyWwKnNZ cn3zG2DIJVvUvUbMaC8vHiMx5/MrkyoeC9Ba93mJ3XtXnXYQ7QEZkH4jdU9HZDR3p5Rz gMq5DkMCRO3hk+JmuroI1kChRIh+JrOa9LFvFbqhLD+URD9PKlcjSbwx40fdQB4aFTbz 8Ern7oGbYUJhBCurZtNvCDJ/c488Fe1B8QckzeMcRK4DN4JciU6DpAz7H0S10XVmF4ML RHbO4Trch5AtydM+htHdsy0Dh7t6PEYM6k5yTzsPodn7Z1ztaeZ+pLTBBYobEx9nUHis K3IQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=K8w8gwhm3a1IWEhtog1991pXqgPEL4J61wJrjM8avi8=; b=IPM5+X56eKed+fFcFR8uv9+c7Bwo5pb5HUA2pT3ZculnETifewq0XRGrqqZVA/ai7j D8LUrpeQgAns90Nb9C1ZbmRU/Si4BXa/FoD0jqaUcjhIUfyigmlMPMP7TfpjNJypXSVz g4Wxga5JIuV2C2fC9jfMHOxWNL2lonPmreHZ2Eepq0EN1/XGRnJz3qNyoL69qaBgJsLQ R6FM23vXUbRyyuAcHCAWotXQ4lNTC5HrlKP3UYQMJtlJm0QjxQh1434Xt13KKP7aEfxt H4WGLTV1A0QpC7Oy9uxpW5C2ZiGohGtXzHkHFqtjE9KhJ7+sXQTUdXBZkAXAvR4kh4Kt /s8A==
X-Gm-Message-State: AA+aEWbtU5+6aerX+Vww92ZJ2jGdvBLvjstEvxkSy6rHK9AnB6CGtEMw Yoa41uXn8/x8G0TdJjKWzB1oB7vSzt4n4Qhy+To9UIFEdX0=
X-Google-Smtp-Source: AFSGD/U1Zh+BGFbmQrAE57WqQ/82IZKUhtZ4z+KMsqOPcAC9UsyCSvQmXhB0FsDJnSAODHLKqjHdIsD7LfW54rJ45AE=
X-Received: by 2002:a50:bdc8:: with SMTP id z8mr7989282edh.46.1543655448159; Sat, 01 Dec 2018 01:10:48 -0800 (PST)
MIME-Version: 1.0
From: Dmitry Belyavsky <beldmit@gmail.com>
Date: Sat, 01 Dec 2018 12:10:36 +0300
Message-ID: <CADqLbzKd-AgDRv2suZ-0Nz4jNUqKg0RNT8sgQd-n793t+gEN3g@mail.gmail.com>
To: Cryptography List <cryptography@metzdowd.com>, TLS Mailing List <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a4add5057bf24acb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Z6BD_z1Gytht4cwSo-PcQZ7VAVU>
Subject: [TLS] ETSI releases standards for enterprise security and data centre management
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Dec 2018 09:10:52 -0000

Dear All,

JFYI. Via Feisti Duck nerwsletter.

https://www.etsi.org/news-events/news/1358-2018-11-press-etsi-releases-standards-for-enterprise-security-and-data-centre-management

The eTLS key exchange shall use exactly the same messages and procedures to
establish a set of session keys as a
TLS 1.3 ephemeral Diffie-Hellman key exchange, except for two differences
[2].
1) the server shall use a static public/private key pair at Step 2 in
clause 4.3.1; and
2) the server's certificate at Step 5 shall contain visibility information
as defined in clause 4.3.3 to indicate to the
client that eTLS is in use.
NOTE: Neither the static public key nor the visibility information affects
the operation of a TLS 1.3 compliant
client, so an eTLS server is therefore fully interoperable with TLS 1.3
compliant clients.

-- 
SY, Dmitry Belyavsky

v2.23.0 | Report a Bug | By Email