Return-Path: X-Original-To: tls@ietfa.amsl.com Delivered-To: tls@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A764312B017 for ; Sun, 10 Jul 2016 00:37:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.006 X-Spam-Level: X-Spam-Status: No, score=-4.006 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q2gsEJtLoS7q for ; Sun, 10 Jul 2016 00:37:20 -0700 (PDT) Received: from nm30-vm0.bullet.mail.bf1.yahoo.com (nm30-vm0.bullet.mail.bf1.yahoo.com [98.139.213.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4E34128874 for ; Sun, 10 Jul 2016 00:37:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1468136238; bh=WkjlTUS1QEUEXSEcea+NqPeXbUtxUET3X3vq5yZoQRE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From:Subject; b=d/LdH6kyYpqzb/MtxfgbPPYJ+TKD/YFsmUaxum7kBMsDsTWYrh7eIlcmOK1XE4DXhrL8/FNuuDtuXjWoTLOQwNs90PQrDbKvFRGmGQp5PXJXruGb1uOJQIJa4iDVD4FWJbZgmFWPzSDQa7ijwiwaiZLO3SpoCt6bwlCmh1HQE0/4ka3Fj+S0gz4arGLyblszhXkL3Ds0K5/PA2BaPTX+A9L6iV4C+geCJedLXVwiyvNqX3VgzjzymyP5e7pfQmLZDHyjxlzgVqdak8Bpnz1NQra8CcpA6P1NX5L7PQMpoODYhFr74lHdbVRDLiuaS7XfL36VQKCWUWTa2aUfGU1WfQ== Received: from [98.139.170.180] by nm30.bullet.mail.bf1.yahoo.com with NNFMP; 10 Jul 2016 07:37:18 -0000 Received: from [98.139.212.198] by tm23.bullet.mail.bf1.yahoo.com with NNFMP; 10 Jul 2016 07:37:18 -0000 Received: from [127.0.0.1] by omp1007.mail.bf1.yahoo.com with NNFMP; 10 Jul 2016 07:37:18 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 923014.83837.bm@omp1007.mail.bf1.yahoo.com X-YMail-OSG: So6biaMVM1ltKE9vW8OPaEC7TgbVZ0hgmPWbEJLElY_k2Cct0OjfASZ4oRweU2G XSyx39OrEHoFiMBTy_PnYQx2Nnk_iREyfE3KkcatqG_GIoGcSEo0_yfDXPjebg7GCXGme6ClRHp8 2v7XKAjGcs_wPvLTBzUxHhYe_eHAyqeSaeL7CoXKAK1itS_L8M4DwQ0ftPhJFYLBecTzSa_JSNNE fg0GK_Zx0ydROkzGhpAvPVNn4tlWZ.mvYTCbr6brAxEds9TheG.ts_A3ynOsAd0.PqELHaB7MviV q.ABK96bUWBMKCDeXmO.i464sJk6i25UXhLA8k1yRlRn16ZYXTKLs_G.6ByuQjcctiGic6PgC2aP Z7DjxOhEoBNI.MwMDgJbqTqmnD3bPxuCO_5nst9BLj4shd2w_AQwOneVQa9_rswxuMd2pHB7aZ9u ueC9XSPE2EIBlRiaTl6VbalifNjaEma4SRPUOPURa1VsbjaJ9H0WRHp._cIDEDEifTmppOk7v_Ev veOMGMwxHuUS9Feaik_dQBvC2wgeDVNgw7URMXxxWYbQgX89G Received: from jws106135.mail.bf1.yahoo.com by sendmailws106.mail.bf1.yahoo.com; Sun, 10 Jul 2016 07:37:18 +0000; 1468136238.474 Date: Sun, 10 Jul 2016 07:36:59 +0000 (UTC) From: To: "draft-ietf-tls-ecdhe-psk-aead@tools.ietf.org" , "draft-ietf-dice-profile@tools.ietf.org" Message-ID: <880079020.470300.1468136219291.JavaMail.yahoo@mail.yahoo.com> In-Reply-To: <20160527171935.11166.82258.idtracker@ietfa.amsl.com> References: <20160527171935.11166.82258.idtracker@ietfa.amsl.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_470299_894945123.1468136219286" Archived-At: Cc: "tls@ietf.org" Subject: Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt X-BeenThere: tls@ietf.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: g_e_montenegro@yahoo.com List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Jul 2016 07:37:22 -0000 ------=_Part_470299_894945123.1468136219286 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi, I'm curious as to the relationship between this TLS WG draft and the DICE p= rofile for IoT (currently in Auth48):https://tools.ietf.org/html/draft-ietf= -dice-profile The dice profile uses two TLS ciphershuites TLS_PSK_WITH_AES_128_CCM_8 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0(defined in https://tools.ietf.org/html/rfc6655) TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 =C2=A0=C2=A0=C2=A0=C2=A0(defined in http= s://tools.ietf.org/html/rfc7251) Notice that the DICE profile defines nothing (it has no IANA considerations= ). Instead, it reuses definitions established previously per the references= above. This draft-ietf-tls-ecdhe-psk-aeak =C2=A0claims to also define IoT-friendly= ciphersuites, for example,=C2=A0TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256=20 However, it does not reference the DICE profile draft.=C2=A0 What is the difference between these? thanks, Gabriel=C2=A0=20 On Friday, May 27, 2016 10:19 AM, "internet-drafts@ietf.org" wrote: =20 =20 =20 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the Transport Layer Security of the IETF. =C2=A0 =C2=A0 =C2=A0 =C2=A0 Title=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 : ECDHE= _PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (T= LS) =C2=A0 =C2=A0 =C2=A0 =C2=A0 Authors=C2=A0 =C2=A0 =C2=A0 =C2=A0 : John Matts= son =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 Daniel Migault =C2=A0=C2=A0=C2=A0 Filename=C2=A0 =C2=A0 =C2=A0 =C2=A0 : draft-ietf-tls-ecd= he-psk-aead-00.txt =C2=A0=C2=A0=C2=A0 Pages=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 : 7 =C2=A0=C2=A0=C2=A0 Date=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 : 2016-05-= 27 Abstract: =C2=A0 This document defines several new cipher suites for the Transport =C2=A0 Layer Security (TLS) protocol.=C2=A0 The cipher suites are all based= on =C2=A0 the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key =C2=A0 (ECDHE_PSK) key exchange together with the Authenticated Encryption =C2=A0 with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.=C2=A0 PS= K =C2=A0 provides light and efficient authentication, ECDHE provides perfect =C2=A0 forward secrecy, and AES-GCM and AES-CCM provides encryption and =C2=A0 integrity protection. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-00 Please note that it may take a couple of minutes from the time of submissio= n until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls =20 ------=_Part_470299_894945123.1468136219286 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi,

I'm curious as to the relationship between this TLS WG draft and th= e DICE profile for IoT (currently in Auth48):

The dice profile uses t= wo TLS ciphershuites

TLS_PSK_WITH_AES_128_CCM_8     &nbs=
p;       (defined in https://tools.ietf.org/html/rfc6655)

TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8    &n=
bsp;(defined in https://tools.ietf.org/html/rfc7=
251)

Notice that the DICE= profile defines nothing (it has no IANA considerations). Instead, it reuse= s definitions established previously per the references above.

This draft-ietf-tls-ecd= he-psk-aeak  claims to also define IoT-friendly ciphersuites, for exam= ple, TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256

However, it does not reference the= DICE profile draft. 

What is the difference between these?

thanks,

Gabriel 


On Friday, May 27, 2016 10:19 AM, "internet-drafts@ietf.org" <internet= -drafts@ietf.org> wrote:



A New Internet-Dra= ft is available from the on-line Internet-Drafts directories.
This draft= is a work item of the Transport Layer Security of the IETF.

  =       Title          : ECDHE_PSK w= ith AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS)        Authors        : John Mat= tsson
                  &nb= sp;       Daniel Migault
    Filename = ;       : draft-ietf-tls-ecdhe-psk-aead-00.txt
 &nbs= p;  Pages          : 7
   = Date            : 2016-05-27

Abstract= :
  This document defines several new cipher suites for the Transp= ort
  Layer Security (TLS) protocol.  The cipher suites are a= ll based on
  the Ephemeral Elliptic Curve Diffie-Hellman with Pre= -Shared Key
  (ECDHE_PSK) key exchange together with the Authentic= ated Encryption
  with Associated Data (AEAD) algorithms AES-GCM a= nd AES-CCM.  PSK
  provides light and efficient authenticatio= n, ECDHE provides perfect
  forward secrecy, and AES-GCM and AES-C= CM provides encryption and
  integrity protection.


The = IETF datatracker status page for this draft is:
https= ://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/

There= 's also a htmlized version available at:
https://tools.i= etf.org/html/draft-ietf-tls-ecdhe-psk-aead-00


Please note th= at it may take a couple of minutes from the time of submission
until the= htmlized version and diff are available at tools.ietf.org.

Internet= -Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-draft= s/

_______________________________________________
TLS mailin= g list
T= LS@ietf.org
https://www.ietf.org/mailman/listinfo/tls


------=_Part_470299_894945123.1468136219286--