Re: [TLS] DHE key derivation
Michael D'Errico <mike-list@pobox.com> Fri, 27 September 2013 16:05 UTC
Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5910121F9D0E for <tls@ietfa.amsl.com>; Fri, 27 Sep 2013 09:05:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.574
X-Spam-Level:
X-Spam-Status: No, score=-2.574 tagged_above=-999 required=5 tests=[AWL=0.025, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lhRltl-WErLO for <tls@ietfa.amsl.com>; Fri, 27 Sep 2013 09:05:44 -0700 (PDT)
Received: from sasl.smtp.pobox.com (a-pb-sasl-quonix.pobox.com [208.72.237.25]) by ietfa.amsl.com (Postfix) with ESMTP id 8D36721F8A38 for <tls@ietf.org>; Fri, 27 Sep 2013 09:05:44 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id DC0CFDD26; Fri, 27 Sep 2013 12:05:43 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=5k49+22qL4DC 9o3z7MFqqztu2mo=; b=INzU0OS+LGCDc5/pY3UMuYIE2B7myi4YekCtdUWmONMj WQ0M+YafvTMW381Li4wHFe0JUI2Hoq9cIYkyzflqSCadzVJ8qk/8RBkcDM4kWbNM 1NHMkuefb8epllgMIy6tR8194DHKylk4s95cTfkL5xHfFh1Jyulz8qhfq8+Kh+U=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=i9FCee JgQjPwMTVL8tieSsE2aAV4kzyBgkvG+2R9HcB9L/lU0igSWfPTyAFVdzn0jfzNb5 Nct/rKiG7kHA+HtbozenBujRKf3j8CW63zSuhjI26Xkbpzxk/TaIevaLJkYWzxhK Mdu1JoPXgM7IJ9iltOUBVUm/JQcEGHR9bhTCA=
Received: from a-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id A3F11DD22; Fri, 27 Sep 2013 12:05:19 -0400 (EDT)
Received: from iMac.local (unknown [24.234.153.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPSA id 0D1C1DD12; Fri, 27 Sep 2013 12:04:57 -0400 (EDT)
Message-ID: <5245ACA8.3020504@pobox.com>
Date: Fri, 27 Sep 2013 09:04:56 -0700
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: mrex@sap.com
References: <20130927153439.54C8A1A9B4@ld9781.wdf.sap.corp>
In-Reply-To: <20130927153439.54C8A1A9B4@ld9781.wdf.sap.corp>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Pobox-Relay-ID: 8E96F5EA-278E-11E3-95F6-CE710E5B5709-38729857!a-pb-sasl-quonix.pobox.com
Cc: tls@ietf.org
Subject: Re: [TLS] DHE key derivation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2013 16:05:49 -0000
Martin Rex wrote: >> It is not recommended to use the same RSA key for both signing and >> key encipherment. > > Isn't that (using the same RSA key for both signing and key encipherment) > what pretty much all TLS Servers do when they support both, > traditional RSA ciphersuites plus DHE_RSA and/or ECDHE_RSA? I believe that many servers do use the same key for both, though they don't have to. This practice is likely due to cost (buy one certificate instead of two) and software limitations. Mike
- [TLS] New Algorithm identifier for EDH > 1024 bit… Phillip Hallam-Baker
- Re: [TLS] New Algorithm identifier for EDH > 1024… Wan-Teh Chang
- Re: [TLS] New Algorithm identifier for EDH > 1024… Yngve N. Pettersen
- Re: [TLS] New Algorithm identifier for EDH > 1024… Yaron Sheffer
- Re: [TLS] New Algorithm identifier for EDH > 1024… Peter Gutmann
- Re: [TLS] New Algorithm identifier for EDH > 1024… Yoav Nir
- [TLS] DHE key derivation Yaron Sheffer
- Re: [TLS] DHE key derivation Michael D'Errico
- Re: [TLS] DHE key derivation Martin Rex
- Re: [TLS] DHE key derivation Daniel Kahn Gillmor
- Re: [TLS] DHE key derivation Michael D'Errico
- Re: [TLS] DHE key derivation Michael D'Errico
- Re: [TLS] DHE key derivation Michael D'Errico
- Re: [TLS] DHE key derivation Daniel Kahn Gillmor
- Re: [TLS] DHE key derivation Hanno Böck
- Re: [TLS] DHE key derivation Hanno Böck
- Re: [TLS] DHE key derivation Yaron Sheffer
- Re: [TLS] DHE key derivation Yoav Nir
- [TLS] Private Key Security [Was Re: DHE key deriv… Michael StJohns
- Re: [TLS] Private Key Security [Was Re: DHE key d… Martin Rex
- Re: [TLS] New Algorithm identifier for EDH > 1024… Martin Rex
- Re: [TLS] New Algorithm identifier for EDH > 1024… Daniel Kahn Gillmor