Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 01 June 2015 17:28 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 526751B2F70 for <tls@ietfa.amsl.com>; Mon, 1 Jun 2015 10:28:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHz6Brb1gFRg for <tls@ietfa.amsl.com>; Mon, 1 Jun 2015 10:28:49 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id DD33F1B2F6C for <tls@ietf.org>; Mon, 1 Jun 2015 10:28:48 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 10322F984; Mon, 1 Jun 2015 13:28:44 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 052BC1FF76; Mon, 1 Jun 2015 13:28:23 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Aaron Zauner <azet@azet.org>, Eric Rescorla <ekr@rtfm.com>
In-Reply-To: <556C51FC.807@azet.org>
References: <556C4ACD.9040002@azet.org> <CABcZeBNsYmto4F-J0mFoxcq-qfL=NJrvDu67fyY9bpBmRp16mQ@mail.gmail.com> <556C51FC.807@azet.org>
User-Agent: Notmuch/0.20 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)
Date: Mon, 01 Jun 2015 13:28:22 -0400
Message-ID: <87pp5fe3t5.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/ix4HaPW2FjitlbIJnzIphbOVPU4>
Cc: Phillip Rogaway <rogaway@cs.ucdavis.edu>, TLS Mailing List <tls@ietf.org>, Charanjit Jutla <csjutla@us.ibm.com>
Subject: Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 17:28:50 -0000
On Mon 2015-06-01 08:37:16 -0400, Aaron Zauner wrote: > Firstly, as far as I know it's also quite difficult to get ECDSA > certificates in the wild. Has this changed significantly over the past > couple of months? I've heard this claim in the past, but i'm not sure what it is based on. AFAICT, there are several public CAs who are happy to issue ECDSA certificates if you ask them for them. In November 2014, i managed to get one from Comodo (or a Comodo reseller, i can't keep all the "imprints" and "branding" straight) and it took about 20 minutes from start to finish. Can you describe how you have tried to get an ECDSA cert, and how those attempts failed? --dkg
- [TLS] AES-OCB in TLS [New Version Notification fo… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Eric Rescorla
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Eric Rescorla
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Ilari Liusvaara
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Hubert Kario
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Jeffrey Walton
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Peter Bowen
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Russ Housley
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Jeffrey Walton
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Yaron Sheffer
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Jeffrey Walton
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Daniel Kahn Gillmor
- [TLS] EDDSA/Curve25519 identifiers: Was Re: AES-O… Michael StJohns
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Michael Hamburg
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Daniel Kahn Gillmor
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Rob Stradling
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Michael Hamburg
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Gunnar Wolf
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Peter Gutmann
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Simon Josefsson
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Simon Josefsson
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Salz, Rich
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Peter Bowen
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Michael StJohns
- Re: [TLS] EDDSA/Curve25519 identifiers: Was Re: A… Nico Williams
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Aaron Zauner
- Re: [TLS] AES-OCB in TLS [New Version Notificatio… Matt Caswell