Re: [TLS] ECDHE_PSK as WG item?

[Eric Rescorla <ekr@networkresonance.com>]

At Mon, 7 Jan 2008 09:25:20 +0200,
<Pasi.Eronen@nokia.com> wrote:
> 
> <wg chair hat on>
> 
> Mohammad Badra has requested that the TLS WG adopt
> draft-badra-ecdhe-tls-psk as a WG item. This draft was presented 
> in Vancouver, but few comments have been received so far.
> 
> Please use this thread to comment; not only the technical
> details, but whether you think this is useful; should it be
> done as WG item or individual document; and whether you're
> willing to work on this document.

I think it's generally useful to have a reasonably orthogonal
suite of cipher suites, so it would be good to have PSK usable
with ECDH. I'm willing to commit to reviewing this draft.

-Ekr

_______________________________________________
TLS mailing list
TLS@ietf.org
http://www.ietf.org/mailman/listinfo/tls
From tls-bounces@ietf.org  Fri Feb  1 07:55:44 2008
Return-Path: <tls-bounces@ietf.org>
X-Original-To: ietfarch-tls-archive@core3.amsl.com
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 04CE028C1D5;
	Fri,  1 Feb 2008 07:55:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.938
X-Spam-Level: 
X-Spam-Status: No, score=0.938 tagged_above=-999 required=5 tests=[AWL=1.433,
	BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553,
	RDNS_NONE=0.1]
Received: from core3.amsl.com ([127.0.0.1])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id bdlamrquSfGQ; Fri,  1 Feb 2008 07:55:43 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 09C623A697B;
	Fri,  1 Feb 2008 07:55:43 -0800 (PST)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id A530F3A697B
	for <tls@core3.amsl.com>; Fri,  1 Feb 2008 07:55:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Z7E0mONIvelp for <tls@core3.amsl.com>;
	Fri,  1 Feb 2008 07:55:40 -0800 (PST)
Received: from romeo.rtfm.com (unknown [74.95.2.173])
	by core3.amsl.com (Postfix) with ESMTP id C4E7E3A68F6
	for <tls@ietf.org>; Fri,  1 Feb 2008 07:55:40 -0800 (PST)
Received: from romeo.rtfm.com (localhost.rtfm.com [127.0.0.1])
	by romeo.rtfm.com (Postfix) with ESMTP id DBC3A50846;
	Fri,  1 Feb 2008 07:58:55 -0800 (PST)
Date: Fri, 01 Feb 2008 07:58:55 -0800
From: Eric Rescorla <ekr@networkresonance.com>
To: <Pasi.Eronen@nokia.com>
In-Reply-To: <B356D8F434D20B40A8CEDAEC305A1F240533CCA1@esebe105.NOE.Nokia.com>
References: <B356D8F434D20B40A8CEDAEC305A1F240533CC73@esebe105.NOE.Nokia.com>
	<B356D8F434D20B40A8CEDAEC305A1F240533CCA1@esebe105.NOE.Nokia.com>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Message-Id: <20080201155855.DBC3A50846@romeo.rtfm.com>
Cc: tls@ietf.org
Subject: Re: [TLS] Last look at TLS 1.2
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
	group of the IETF." <tls.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/tls>,
	<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/tls>,
	<mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org

OK, I've now fixed this stuff in my local copy. I propose we wait
and see if anyone else has anything by like Monday and otherwise
I'll roll -10 and we can submit to Tim. WFY?

-Ekr


At Fri, 1 Feb 2008 12:34:33 +0200,
<Pasi.Eronen@nokia.com> wrote:
> 
> Three nits from my personal review:
> 
> Section 4.7: the example at the end of section isn't any more 
> fully correct with the changed definition of digitally-signed 
> (since the "digitally-signed" construct now includes the hashing 
> step). Suggested rephrasing:

Well, you could double hash, but i take your point.


>    In the following example
> 
>       stream-ciphered struct {
>           uint8 field1;
>           uint8 field2;
>           digitally-signed struct { 
>              opaque field3<0..255>;
>              uint16 field4;
>           };
>       } UserType;
> 
>    the contents of the inner struct (field3 and field4) are used 
>    as input for the signature/hash algorithm, and then the entire
>    structure is encrypted with a stream cipher. [...]
> 
> 
> 7.4.3/A.4.2, ServerKeyExchange definition: the second "case dhe_dss"
> should be "case dh_dss".

Fixed.


> 7.4.3 and A.4.2, KeyExchangeAlgorithm lists dh_anon twice

Doh! I added those cause I thought I had missed them and
my eyes have gone numb.


> Also couple of typos (could be fixed later, too):
> 
> 7.4.3/A.4.2: extra blank lines in definition of ServerKeyExchange.

You mean:

    };

} ServerKeyExchange;

Fixed.


> A.4.2: should delete descriptions of dh_p/dh_g/dh_Ys, since
>   the appendix is supposed to contain only the struct definitions

Agreed. I'm finding it a real pain to keep these harmonized.
Next time I do one of these I'm going to have some auto-appendicizer :)

> 7.4.7/A.4.3, weird indentation (and extra blank lines) in definition
>   of ClientKeyExchange.
The extra blank line was intentional for readability, but now that
you seay it, sure.


> 4.6.1, the example struct has weird indentation around the 
>   orange/banana cases.
These are fixed.

> 4.7, "pplus" -> "plus"
> 7.4.7.1, "premaster_secert" -> "premaster_secret"
> References: [IDEA] is not cited anywhere, can be removed 

Fixed.
_______________________________________________
TLS mailing list
TLS@ietf.org
http://www.ietf.org/mailman/listinfo/tls
From tls-bounces@ietf.org  Fri Feb  1 08:20:38 2008
Return-Path: <tls-bounces@ietf.org>
X-Original-To: ietfarch-tls-archive@core3.amsl.com
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 141C028C231;
	Fri,  1 Feb 2008 08:20:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.274
X-Spam-Level: 
X-Spam-Status: No, score=-6.274 tagged_above=-999 required=5 tests=[AWL=0.325,
	BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from core3.amsl.com ([127.0.0.1])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id C+zykzpl7ujW; Fri,  1 Feb 2008 08:20:32 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 402CA3A6888;
	Fri,  1 Feb 2008 08:20:32 -0800 (PST)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 0F83D3A6888
	for <tls@core3.amsl.com>; Fri,  1 Feb 2008 08:20:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id E1uejXedQB5n for <tls@core3.amsl.com>;
	Fri,  1 Feb 2008 08:20:30 -0800 (PST)
Received: from ll.mit.edu (LLMAIL1.LL.MIT.EDU [129.55.12.41])
	by core3.amsl.com (Postfix) with ESMTP id CB57F3A67B1
	for <tls@ietf.org>; Fri,  1 Feb 2008 08:20:29 -0800 (PST)
Received: (from smtp@localhost) by ll.mit.edu (8.12.10/8.8.8) id m11GM2D4014903
	for <tls@ietf.org>; Fri, 1 Feb 2008 11:22:02 -0500 (EST)
Received: from vpn-239-131.llan.ll.mit.edu(              ),
	claiming to be "[192.168.1.5]"
	via SMTP by llpost, id smtpdAAAWqaaDA; Fri Feb  1 11:19:48 2008
Mime-Version: 1.0 (Apple Message framework v753)
In-Reply-To: <82bq71n2sh.fsf@mid.bfk.de>
References: <479F502B.2020202@isima.fr>
	<4EBCDD76-AAA8-41C4-A0F8-D67FD4F02DEF@checkpoint.com>
	<82bq71n2sh.fsf@mid.bfk.de>
Message-Id: <BD560B6D-0931-477D-947F-AF99034528EA@ll.mit.edu>
From: Uri Blumenthal <uri@ll.mit.edu>
Date: Fri, 1 Feb 2008 11:19:45 -0500
To: tls mailing list <tls@ietf.org>
X-Mailer: Apple Mail (2.753)
Subject: Re: [TLS] shared secrets from passwords
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
	group of the IETF." <tls.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/tls>,
	<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/tls>,
	<mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1052598293=="
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org


--===============1052598293==
Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-1-237286034; protocol="application/pkcs7-signature"


--Apple-Mail-1-237286034
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed

On Jan 31, 2008, at 3:44 PM, Florian Weimer wrote:

> * Yoav Nir:
>
>> The idea is that this shared secret has the properties that (a) it
>> can't be used for anything other than IKEv2 so storing it is
>> presumably OK (why?), and (b) it looks random. The RFC goes on to
>> state this:
>>
>>                                As noted above, deriving the shared
>>   secret from a password is not secure.  This construction is used
>>   because it is anticipated that people will do it anyway.
>
> [RFC 4306]
>
> In retrospect, this is a bit off--it's insecure in what context?

Depends on the usage. If one uses password-derived shared secret to   
authenticate key agreement (using it in HMAC-like construct or  
otherwise in place of a "good" shared secret), or worse - as keying  
material - then it's insecure because an attacker can perform off- 
line brute-forcing on the observed exchange targeting the weak link -  
the password itself. However there are ways (Encrypted Key Exchange  
is the best example) to authenticate DH using password-derived shared  
secret with sufficient security.

Also, the more complex the password is (length, distance from  
dictionary-found words, use of full-spectrum alphabet) - the more  
computing resources the attacker would need to have a reasonable  
chance of success.
--Apple-Mail-1-237286034
Content-Transfer-Encoding: base64
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Disposition: attachment;
	filename=smime.p7s

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIILGTCCBN0w
ggPFoAMCAQICEHGS++YZX6xNEoV0cTSiGKcwDQYJKoZIhvcNAQEFBQAwezELMAkGA1UEBhMCR0Ix
GzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwR
Q29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0w
NDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQx
FzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsx
ITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMtVVROLVVTRVJGaXJz
dC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3BYHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIx
B8dOtINknS4p1aJkxIW9hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8
om+rWV6lL8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLmSGHG
TPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM1tZUOt4KpLoDd7Nl
yP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws6wIDAQABo4IBJzCCASMwHwYDVR0j
BBgwFoAUoBEKIz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFImCZ33EnSZwAEu0UEh83j2uBG59
MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
BgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5j
b21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwu
Y29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDARBglghkgBhvhCAQEEBAMCAQYw
DQYJKoZIhvcNAQEFBQADggEBAJ2Vyzy4fqUJxB6/C8LHdo45PJTGEKpPDMngq4RdiVTgZTvzbRx8
NywlVF+WIfw3hJGdFdwUT4HPVB1rbEVgxy35l1FM+WbKPKCCjKbI8OLp1Er57D9Wyd12jMOCAU9s
APMeGmF0BEcDqcZAV5G8ZSLFJ2dPV9tkWtmNH7qGL/QGrpxp7en0zykX2OBKnxogL5dMUbtGB8SK
N04g4wkxaMeexIud6H4RvDJoEJYRmETYKlFgTYjrdDrfQwYyyDlWjDoRUtNBpEMD9O3vMyfbOeAU
TibJ2PU54om4k123KSZB6rObroP8d3XK6Mq1/uJlSmM+RMTQw16Hc6mYHK9/FX8wggY0MIIFHKAD
AgECAhBU8Pt6hYiovWLuDN/hnUHtMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNU
IE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMtVVRO
LVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsMB4XDTA3MTEyOTAwMDAw
MFoXDTA4MTEyODIzNTk1OVowgdgxNTAzBgNVBAsTLENvbW9kbyBUcnVzdCBOZXR3b3JrIC0gUEVS
U09OQSBOT1QgVkFMSURBVEVEMUYwRAYDVQQLEz1UZXJtcyBhbmQgQ29uZGl0aW9ucyBvZiB1c2U6
IGh0dHA6Ly93d3cuY29tb2RvLm5ldC9yZXBvc2l0b3J5MR8wHQYDVQQLExYoYykyMDAzIENvbW9k
byBMaW1pdGVkMRcwFQYDVQQDEw5VcmkgQmx1bWVudGhhbDEdMBsGCSqGSIb3DQEJARYOdXJpQGxs
Lm1pdC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQUFBZ02bxO0jIlhcmuj+9
GqV68LfR+1O9e3Q50ctpmZZeph4GljbFbFZkXoFCg+cmeC+QzFrRtM9PHwtRfWnOx4Pr6aJqlfdh
lUksmBXqv3zmM/2bzJMrkoRrxUUvW/twsqbsJNtLrJMILpWxUPxDaV2C8l81W+YoHuwvdUs3e8kc
AiXByHN+jCY0/Qt+opqUqTq5a5z/k3AnOcTBOVMB39VaXBH9lmrGWWFmIkuVTa6sYKETrFEBdZMA
KQg7mZ9rVkbrI3960IfqbhfTeOh6AVA0AgRIF6btZBebJ5J3BKsdL7KAdOCIymXBa1RMpKXOHqAI
Hri2MPiwqqjGgstBAgMBAAGjggIgMIICHDAfBgNVHSMEGDAWgBSJgmd9xJ0mcABLtFBIfN49rgRu
fTAdBgNVHQ4EFgQUlgUdkoPgrkBRB4Uw06GycAPIMm4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
/wQCMAAwIAYDVR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEBAwUCMBEGCWCGSAGG+EIBAQQEAwIF
IDBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgEBATArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3Vy
ZS5jb21vZG8ubmV0L0NQUzCBpQYDVR0fBIGdMIGaMEygSqBIhkZodHRwOi8vY3JsLmNvbW9kb2Nh
LmNvbS9VVE4tVVNFUkZpcnN0LUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kRW1haWwuY3JsMEqgSKBG
hkRodHRwOi8vY3JsLmNvbW9kby5uZXQvVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50aWNhdGlv
bmFuZEVtYWlsLmNybDB8BggrBgEFBQcBAQRwMG4wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuY29t
b2RvY2EuY29tL1VUTkFBQUNsaWVudENBLmNydDA0BggrBgEFBQcwAoYoaHR0cDovL2NydC5jb21v
ZG8ubmV0L1VUTkFBQUNsaWVudENBLmNydDAZBgNVHREEEjAQgQ51cmlAbGwubWl0LmVkdTANBgkq
hkiG9w0BAQUFAAOCAQEAYtq4yyWbsLSQrLkGDW26FOdvjgdiHqFDKJ1eFyvC3nAoetmKA4zlgIRm
3hBCQZeMu5uom4ra2MzLRXwDc1dpsqUC7o5Yw47zOuDNYoVj+fuwQLqThdzWy9k1iZ2kw0qCNc3c
4MaUf9gW53XvOI4/+QGtVZ614KdlD6PqeZQodkdXiQsP9VJUBrOiRrc8AO6JAvj0kGKIvQe251bB
MK0Vu/1VwqqmH+UmzJu48nGLMA6ajr4+mIXm8MMVrJd2+VCzepssrfOOI87CwAJwlVhJPHcvpIfy
k2RZ/BNcjj9Wz15Ky5BGznloeihiJp0poFmLj4NX5k3CiAk6abk71CD1wTGCA/wwggP4AgEBMIHD
MIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4w
HAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRy
dXN0LmNvbTE2MDQGA1UEAxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5k
IEVtYWlsAhBU8Pt6hYiovWLuDN/hnUHtMAkGBSsOAwIaBQCgggINMBgGCSqGSIb3DQEJAzELBgkq
hkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA4MDIwMTE2MTk0NVowIwYJKoZIhvcNAQkEMRYEFLnd
chf7C7uUC/EHyyqUUDNn5P4vMIHUBgkrBgEEAYI3EAQxgcYwgcMwga4xCzAJBgNVBAYTAlVTMQsw
CQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJV
U1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3dy51c2VydHJ1c3QuY29tMTYwNAYDVQQDEy1V
VE4tVVNFUkZpcnN0LUNsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgRW1haWwCEFTw+3qFiKi9Yu4M
3+GdQe0wgdYGCyqGSIb3DQEJEAILMYHGoIHDMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQx
FzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsx
ITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMtVVROLVVTRVJGaXJz
dC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsAhBU8Pt6hYiovWLuDN/hnUHtMA0GCSqG
SIb3DQEBAQUABIIBAKeOeD68Zm8GY6fWAVmg5/jGkJpnXyaldbTfyASmShoIiZu40AmSP9ILcR0o
uzksK5Z6UnRwm48nsjprJn56Tx+tCysnwm/zGyCAuDVW2DH2PENqxjpq2lcW8SfONKytLSMcyA4g
zm4c7p8XAvlulK1po8KlZEsdSdQF9FBKtnyC234OyD2mraxlBRAG9+DQ0ePvLTKCzSD/wAuSoc6o
abKEQPalHXftTXRT3cM8gT7B7ewPYj6QA9UKKlHnNaK+GdOF4DZ5AnK/X71gqVexTREQiEi+UWd2
6ekj+iGK9RtYdq1vU34TYnk6pUQdwLTgQ2QnIXpUFvZynh2IxFESAscAAAAAAAA=

--Apple-Mail-1-237286034--

--===============1052598293==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
TLS mailing list
TLS@ietf.org
http://www.ietf.org/mailman/listinfo/tls

--===============1052598293==--
From tls-bounces@ietf.org  Sun Feb  3 23:45:34 2008
Return-Path: <tls-bounces@ietf.org>
X-Original-To: ietfarch-tls-archive@core3.amsl.com
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 749CF3A6DC0;
	Sun,  3 Feb 2008 23:45:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000,
	BAYES_00=-2.599]
Received: from core3.amsl.com ([127.0.0.1])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id aPdW4PMfCB1U; Sun,  3 Feb 2008 23:45:33 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 962EE3A6C17;
	Sun,  3 Feb 2008 23:45:33 -0800 (PST)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 389263A6C17
	for <tls@core3.amsl.com>; Sun,  3 Feb 2008 23:45:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id m8G1-xkw4NQF for <tls@core3.amsl.com>;
	Sun,  3 Feb 2008 23:45:31 -0800 (PST)
Received: from mgw-mx09.nokia.com (smtp.nokia.com [192.100.105.134])
	by core3.amsl.com (Postfix) with ESMTP id 784263A6BBD
	for <tls@ietf.org>; Sun,  3 Feb 2008 23:45:31 -0800 (PST)
Received: from esebh108.NOE.Nokia.com (esebh108.ntc.nokia.com [172.21.143.145])
	by mgw-mx09.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id
	m147lVJh029074 for <tls@ietf.org>; Mon, 4 Feb 2008 01:48:18 -0600
Received: from esebh104.NOE.Nokia.com ([172.21.143.34]) by
	esebh108.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); 
	Mon, 4 Feb 2008 09:47:00 +0200
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by
	esebh104.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); 
	Mon, 4 Feb 2008 09:47:01 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 4 Feb 2008 09:46:59 +0200
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F240533D3B5@esebe105.NOE.Nokia.com>
In-Reply-To: <B356D8F434D20B40A8CEDAEC305A1F24051748FC@esebe105.NOE.Nokia.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [TLS] SIV as WG item?
Thread-Index: AchThpBHd7u1gk3KRp+pxriEF89HdATe20aA
References: <B356D8F434D20B40A8CEDAEC305A1F24051748FC@esebe105.NOE.Nokia.com>
From: <Pasi.Eronen@nokia.com>
To: <tls@ietf.org>
X-OriginalArrivalTime: 04 Feb 2008 07:47:01.0219 (UTC)
	FILETIME=[2074F330:01C86702]
X-Nokia-AV: Clean
Subject: Re: [TLS] SIV as WG item?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
	group of the IETF." <tls.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/tls>,
	<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/tls>,
	<mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org

<wg chair hat on>

Only one slightly positive comment has been received so far, 
and nobody has indicated willingness to work on this document 
in TLS WG. Thus, we do not, at this time, have sufficient
support for adopting this document as TLS WG item.

Note that this decision is solely about adopting this document 
as TLS WG item. We are not deciding whether this document can 
be published as RFC, or deciding whether SIV mode in general 
is a good idea. If the authors believe it worthwhile, this 
decision does not prevent them from continuing the work.

Best regards,
Pasi
_______________________________________________
TLS mailing list
TLS@ietf.org
http://www.ietf.org/mailman/listinfo/tls