Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as WG item
Simon Josefsson <simon@josefsson.org> Tue, 06 May 2008 12:27 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A64AD3A6E29; Tue, 6 May 2008 05:27:53 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BB0E83A6DD2 for <tls@core3.amsl.com>; Tue, 6 May 2008 05:27:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tP0jIp9o5ML9 for <tls@core3.amsl.com>; Tue, 6 May 2008 05:27:52 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id C01AE3A6DCF for <tls@ietf.org>; Tue, 6 May 2008 05:27:50 -0700 (PDT)
Received: from yxa.extundo.com ([83.241.177.38] helo=mocca.josefsson.org) by yxa-v.extundo.com with esmtpsa (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <simon@josefsson.org>) id 1JtMGl-0001up-Ks; Tue, 06 May 2008 14:27:44 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Pasi.Eronen@nokia.com
References: <1696498986EFEC4D9153717DA325CB727BC503@vaebe104.NOE.Nokia.com> <48173B41.5000401@bolyard.com> <20080429152618.B25AD5081A@romeo.rtfm.com> <48174BB8.7080009@pobox.com> <20080429202042.3E54E5081A@romeo.rtfm.com> <4817BC5E.5000209@pobox.com> <20080430003846.0FA015081A@romeo.rtfm.com> <57263.137.194.192.227.1209578312.squirrel@www.isima.fr> <1696498986EFEC4D9153717DA325CB72809B90@vaebe104.NOE.Nokia.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:080506:tls@ietf.org::DZyDn7X8SuAku4uM:0uCm
X-Hashcash: 1:22:080506:pasi.eronen@nokia.com::wEwSDvlViMJUu+dw:g6NP
Date: Tue, 06 May 2008 14:27:43 +0200
In-Reply-To: <1696498986EFEC4D9153717DA325CB72809B90@vaebe104.NOE.Nokia.com> (Pasi Eronen's message of "Fri, 2 May 2008 12:09:23 +0300")
Message-ID: <87bq3j62io.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux)
MIME-Version: 1.0
Cc: tls@ietf.org
Subject: Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as WG item
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
<Pasi.Eronen@nokia.com> writes: > badra@isima.fr wrote: > >> Dear Pasi and Eric, >> >> I would like to inform you and the WG that I submitted a document >> (draft-badra-tls-psk-new-mac-aes-gcm), which specifies combinations >> of AES_GCM and PSK, and dsecribes a set of ciphersuites with >> stronger digest algorithms. >> >> http://www.ietf.org/internet-drafts/draft-badra-tls-psk-new-mac-aes-gcm-02.txt >> >> Since the document is based and heavily borrows from >> draft-ietf-tls-ecc-new-mac and draft-ietf-tls-rsa-aes-gcm, I would >> like to request that the TLS WG adopts this document as a WG item. > > Comments from TLS WG members? (E.g., volunteers who promise to > contribute text during the document's development) The document seems basically done to me, so I'm not sure anyone can provide much additional text to it. However, for the record, I have and will continue to review the document. Badra, there is a problem in the current document. It is the same problem I pointed out for TLS-RSA-AES-GCM: The Galois Counter mode can fail to decrypt, and the document needs to describe how that should be handled by implementations. I suggest to adopt the same fix made in http://www.ietf.org/internet-drafts/draft-ietf-tls-rsa-aes-gcm-03.txt specifically, to add: Implementations MUST send TLS Alert bad_record_mac for all types of failures encountered in processing the AES-GCM algorithm. Thanks, Simon _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] TLS document status update Nelson B Bolyard
- [TLS] TLS document status update Pasi.Eronen
- Re: [TLS] TLS document status update Eric Rescorla
- Re: [TLS] TLS document status update Mike
- Re: [TLS] TLS document status update Nikos Mavrogiannopoulos
- Re: [TLS] TLS document status update Eric Rescorla
- Re: [TLS] TLS document status update Mike
- Re: [TLS] TLS document status update Eric Rescorla
- Re: [TLS] TLS document status update Martin Rex
- Re: [TLS] TLS document status update Mike
- Re: [TLS] TLS document status update Mike
- Re: [TLS] TLS document status update Eric Rescorla
- Re: [TLS] TLS document status update Eric Rescorla
- Re: [TLS] TLS document status update Nelson B Bolyard
- Re: [TLS] TLS document status update Eric Rescorla
- Re: [TLS] TLS document status update Pasi.Eronen
- [TLS] Re: TLS document status update badra
- [TLS] draft-badra-tls-psk-new-mac-aes-gcm as WG i… Pasi.Eronen
- Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as… badra
- Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as… Joseph Salowey (jsalowey)
- Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as … Simon Josefsson
- [TLS] Re: draft-badra-tls-psk-new-mac-aes-gcm as… badra
- Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm a… Simon Josefsson
- Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as… badra