IETF Logo Mail Archive

Re: [TLS] Last Call: draft-rescorla-tls-suiteb (Suite B Cipher Suites for TLS) to Informational RFC

Brian Minard <bminard@certicom.com> Thu, 02 October 2008 12:01 UTC

Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EC9BC3A6B51; Thu, 2 Oct 2008 05:01:56 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 48F413A6B51 for <tls@core3.amsl.com>; Thu, 2 Oct 2008 05:01:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEzrvNNJed-o for <tls@core3.amsl.com>; Thu, 2 Oct 2008 05:01:54 -0700 (PDT)
Received: from cx295.800onemail.com (cx295.800onemail.com [209.171.54.152]) by core3.amsl.com (Postfix) with ESMTP id F11523A6970 for <tls@ietf.org>; Thu, 2 Oct 2008 05:01:52 -0700 (PDT)
Received: from ex13-n02.exchserver.com ([192.168.162.157]) by cx295.800onemail.com (8.13.1/8.13.1) with ESMTP id m92C0ker001254; Thu, 2 Oct 2008 08:00:58 -0400
Received: from EX40.exchserver.com ([192.168.162.206]) by ex13-n02.exchserver.com ([192.168.162.161]) with mapi; Thu, 2 Oct 2008 08:00:46 -0400
From: Brian Minard <bminard@certicom.com>
To: "tls@ietf.org" <tls@ietf.org>
Date: Thu, 02 Oct 2008 08:00:45 -0400
Thread-Topic: Last Call: draft-rescorla-tls-suiteb (Suite B Cipher Suites for TLS) to Informational RFC
Thread-Index: AckfI8e7tXOIPeZURMeKc/BjmT0uMgAuWnYwASpFOGA=
Message-ID: <C49217E2D694874EB820EA90DCE67619011DDDB124@EX40.exchserver.com>
References: <20080925153010.0F6763A6836@core3.amsl.com> <3905AF882ABFDC428C7C99A85B60F92F011177BD27@EX40.exchserver.com>
In-Reply-To: <3905AF882ABFDC428C7C99A85B60F92F011177BD27@EX40.exchserver.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
X-CRXEFW-Info: Please contact Ceryx for more information
X-CRXEFW-Virus: Clean
X-CRXEFW-From: bminard@certicom.com
Subject: Re: [TLS] Last Call: draft-rescorla-tls-suiteb (Suite B Cipher Suites for TLS) to Informational RFC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org

Here are a couple of clarifications we'd like to see in the draft.

>From section 4:
   Server and client certificates used to establish a Suite B-compliant
   connection MUST be signed with ECDSA.  For certificates used at the
   128-bit security level, the subject public key MUST use the P-256
   curve, and the digital signature MUST be calculated using the P-256
   curve and the SHA-256 hash algorithm.  For certificates used at the
   192-bit security level, the subject public key MUST use the P-384
   curve, and the digital signature MUST be calculated using the P-384
   curve and the SHA-384 hash algorithm.

Does this only apply to the client/server certificates or every
certificate in the client/server chain?

Can some guidance be added on certificate key usages and TLS 1.2 for
Suite B
(http://www.nsa.gov/ia/industry/Suite_B_Certificate_and_CRL_Profile_200
80528.pdf)?
This document clearly requires two different certificates and
references NIST SP 800-56A (section 5.6.4.2) as the reason for this.

I am wondering if you can confirm that the comment requiring two server
certificates is directed at servers supporting both ECDH_ECDSA and
ECDHE_ECDSA key exchange methods (i.e., completely different cipher
suites). For example, if I deploy a server supporting only one of these
key exchange methods, that server would only need one certificate.

-----Original Message-----
From: ietf-announce-bounces@ietf.org [mailto:ietf-announce-
bounces@ietf.org] On Behalf Of The IESG
Sent: Thursday, September 25, 2008 11:30 AM
To: IETF-Announce
Subject: Last Call: draft-rescorla-tls-suiteb (Suite B Cipher Suites
for TLS) to Informational RFC
>
The IESG has received a request from an individual submitter to
consider
the following document:
>
- 'Suite B Cipher Suites for TLS '
   <draft-rescorla-tls-suiteb-06.txtas an Informational RFC
>
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action.  Please send substantive comments to
the
ietf@ietf.org mailing lists by 2008-10-23. Exceptionally,
comments may be sent to iesg@ietf.org instead. In either case, please
retain the beginning of the Subject line to allow automated sorting.
>
The file can be obtained via
http://www.ietf.org/internet-drafts/draft-rescorla-tls-suiteb-06.txt
>
>
IESG discussion can be tracked via
>
https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag
=15530&rfc_flag=0
>
_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email