Re: [TLS] ETSI releases standards for enterprise security and data centre management

Eric Rescorla <ekr@rtfm.com> Fri, 07 December 2018 17:42 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45C18130F0A for <tls@ietfa.amsl.com>; Fri, 7 Dec 2018 09:42:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.358
X-Spam-Level:
X-Spam-Status: No, score=-3.358 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wq2A_7bUJsxL for <tls@ietfa.amsl.com>; Fri, 7 Dec 2018 09:42:57 -0800 (PST)
Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C04E9130F3B for <tls@ietf.org>; Fri, 7 Dec 2018 09:42:56 -0800 (PST)
Received: by mail-lf1-x12e.google.com with SMTP id b20so3591314lfa.12 for <tls@ietf.org>; Fri, 07 Dec 2018 09:42:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=QtLRP8PvOOUrXKzZWzcup1GHcPqBRqgR/g03OvP+kT0=; b=jdmOhQZwkAaLh3/2VPpya+GtBTMg5jFCHBWVTUZsTN8uF/1m/ODoSeVbDJIB/tIuW6 ZAHqHa0qJGbxOiQoKUYsY2ljwy8kDVWPXzCnNhZVOYKcjPitGWsGS7P0WPj+q2qBzJWY RagsOA3l5OAxkfzhR6gPc+KvX3p2spUEACR7rhlrFunhOlhrmEnwCBHqeGZIx62/sbpH Dk6mAyT5YF8R+dxkOFrebDDWo/vhk8APATRA61uaihmowDwP7Dgud892tfCIUu0YyF3M 18RQFpcda10TVGMNuYCl6dXB+ulM8UKK060gPLC8yzqOaqLeT8bfAyAYZeDowNj8/9kc Rxrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=QtLRP8PvOOUrXKzZWzcup1GHcPqBRqgR/g03OvP+kT0=; b=nSmm1fkNuYwtO+AnRAra+o1pv1R8BgHG4JmXDkgo7HziW1XvlU0jCSF0p4uxozrroI mKtTVEGV/6K8NSF4iCE5D30HCGRbHDwSuU2l8TeHjPp2mBnNOzubrspP+17pDyOF0DXT uep7cPhCKiv17NVdxYz8LJl8H4qp4BDrc4AwIU9Ub8q7UCNcp8UHXGSCCoZMbj5Mg15L Uk4M+/jkgP9cO00wzK+WGu6W6923CDomaKknpFEJB8/uc+3z5+8HJFGaMOndiJ0laPvW kyP789+aTVtth4rRw0k8cexVZu9ejH+XUcJpke6v+DO71+h95U83X1t3M51scRNEid1z 1R+g==
X-Gm-Message-State: AA+aEWYL7i1j3q6vo/4lCfrqUJDfTuA1T1uXiBoJrYHfeqvDUa6vSqkK AvCwSpg9liyhv/dweL+Br9j6jd5EkqAKBovbTNcyaw==
X-Google-Smtp-Source: AFSGD/V3G39j4CgiS0BWuPbxjDglAyycsEusS7Wz8+pOqO4OUL/SmoyWoLzp6ApQBzNbu+9w1vOOLYjpYDfYuwudRt4=
X-Received: by 2002:a19:ca51:: with SMTP id h17mr1773898lfj.126.1544204574934; Fri, 07 Dec 2018 09:42:54 -0800 (PST)
MIME-Version: 1.0
References: <CADqLbzKd-AgDRv2suZ-0Nz4jNUqKg0RNT8sgQd-n793t+gEN3g@mail.gmail.com>
In-Reply-To: <CADqLbzKd-AgDRv2suZ-0Nz4jNUqKg0RNT8sgQd-n793t+gEN3g@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 7 Dec 2018 09:42:16 -0800
Message-ID: <CABcZeBMBWX6AjV36MsM+-4A9pHL3QFmHaycMu7EHRq5vGjrayQ@mail.gmail.com>
To: Dmitry Belyavsky <beldmit@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002674f0057c7225d7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Zv6Mjf-yuK6_L9LAypWjdL2GwxM>
Subject: Re: [TLS] ETSI releases standards for enterprise security and data centre management
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Dec 2018 17:42:59 -0000

The Security ADs sent the following liaison statement to ETSI on this topic:
https://datatracker.ietf.org/liaison/1616/

On Sat, Dec 1, 2018 at 1:11 AM Dmitry Belyavsky <beldmit@gmail.com>; wrote:

> Dear All,
>
> JFYI. Via Feisti Duck nerwsletter.
>
>
> https://www..etsi.org/news-events/news/1358-2018-11-press-etsi-releases-standards-for-enterprise-security-and-data-centre-management
> <https://www.etsi.org/news-events/news/1358-2018-11-press-etsi-releases-standards-for-enterprise-security-and-data-centre-management>
>
> The eTLS key exchange shall use exactly the same messages and procedures
> to establish a set of session keys as a
> TLS 1.3 ephemeral Diffie-Hellman key exchange, except for two differences
> [2].
> 1) the server shall use a static public/private key pair at Step 2 in
> clause 4.3.1; and
> 2) the server's certificate at Step 5 shall contain visibility information
> as defined in clause 4.3.3 to indicate to the
> client that eTLS is in use.
> NOTE: Neither the static public key nor the visibility information affects
> the operation of a TLS 1.3 compliant
> client, so an eTLS server is therefore fully interoperable with TLS 1.3
> compliant clients.
>
> --
> SY, Dmitry Belyavsky
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>