Re: [TLS] Rethink TLS 1.3

Henrick Hellström <henrick@streamsec.se> Sun, 23 November 2014 01:21 UTC

Return-Path: <henrick@streamsec.se>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F18C01A1A32 for <tls@ietfa.amsl.com>; Sat, 22 Nov 2014 17:21:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.05
X-Spam-Level: *
X-Spam-Status: No, score=1.05 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, MANGLED_BACK=2.3, MIME_8BIT_HEADER=0.3] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rzSEYYslKcSl for <tls@ietfa.amsl.com>; Sat, 22 Nov 2014 17:21:32 -0800 (PST)
Received: from vsp8.ballou.se (vsp8.ballou.se [91.189.40.104]) by ietfa.amsl.com (Postfix) with SMTP id 9FF6C1A1A27 for <tls@ietf.org>; Sat, 22 Nov 2014 17:21:30 -0800 (PST)
Received: from nmail1.ballou.se (unknown [10.0.0.116]) by vsp8.ballou.se (Halon Mail Gateway) with ESMTP for <tls@ietf.org>; Sun, 23 Nov 2014 02:21:27 +0100 (CET)
Received: from [192.168.0.195] (c-21cfe555.06-134-73746f39.cust.bredbandsbolaget.se [85.229.207.33]) (Authenticated sender: henrick@streamsec.se) by nmail1.ballou.se (Postfix) with ESMTPSA id D49041DE89 for <tls@ietf.org>; Sun, 23 Nov 2014 02:21:27 +0100 (CET)
Message-ID: <54713697.2050904@streamsec.se>
Date: Sun, 23 Nov 2014 02:21:27 +0100
From: =?UTF-8?B?SGVucmljayBIZWxsc3Ryw7Zt?= <henrick@streamsec.se>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: tls@ietf.org
References: <CACsn0ckmYrx+S--pP6P7VgjsmqQsoYnp+m-9hTPT-OJ9waUtkA@mail.gmail.com> <5470742A.8020002@streamsec.se> <CACsn0cnKqkHxw0Hudw0OGM1mVxZKJhj04ig2G3KtURtWhYTacw@mail.gmail.com> <20141123014620.006dfe36@pc>
In-Reply-To: <20141123014620.006dfe36@pc>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/f8wrZsFIFe0aOmomTf4Wsn8o4BA
Subject: Re: [TLS] Rethink TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: henrick@streamsec.se
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Nov 2014 01:21:34 -0000

On 2014-11-23 01:46, Hanno Böck wrote:
> On Sat, 22 Nov 2014 14:15:30 -0800
> Watson Ladd <watsonbladd@gmail.com> wrote:
>
>> It's clear what the security claims of TLS are be: a TLS connection
>> between two parties ensures that data sent between them isn't
>> intercepted or manipulated, and that they are who they claim to be.
>
> I think it's really a bit more tricky than that.
>
> Adding to these one should probably add some confidentiality claims.
> However what are the confidentiality claims of TLS? I don't really know.

IND-CCA2 would cover a lot, in terms of both confidentiality and 
integrity, even under partial chosen plain text or chosen cipher text.