Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Dean Anderson <dean@av8.com> Wed, 25 June 2008 18:54 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D65E03A6AD1; Wed, 25 Jun 2008 11:54:02 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E6F123A69F5; Wed, 25 Jun 2008 11:54:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L+JCG0FDW61l; Wed, 25 Jun 2008 11:54:00 -0700 (PDT)
Received: from cirrus.av8.net (cirrus.av8.net [130.105.36.66]) by core3.amsl.com (Postfix) with ESMTP id C59AC3A6A32; Wed, 25 Jun 2008 11:53:59 -0700 (PDT)
Received: from citation2.av8.net (citation2.av8.net [130.105.12.10]) (authenticated bits=0) by cirrus.av8.net (8.12.11/8.12.11) with ESMTP id m5PIrcbY011357 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 25 Jun 2008 14:53:38 -0400
Date: Wed, 25 Jun 2008 14:53:37 -0400
From: Dean Anderson <dean@av8.com>
X-X-Sender: dean@citation2.av8.net
To: The IESG <iesg-secretary@ietf.org>
In-Reply-To: <20080623173648.CD55D3A6A2B@core3.amsl.com>
Message-ID: <Pine.LNX.4.44.0806251433160.17162-100000@citation2.av8.net>
MIME-Version: 1.0
Cc: rms@gnu.org, tls chair <tls-chairs@tools.ietf.org>, Internet Architecture Board <iab@iab.org>, tls mailing list <tls@ietf.org>, IETF-Announce <ietf-announce@ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
Gentle people, I can find no patent disclosures on this document listed on the IETF IPR search page at https://datatracker.ietf.org/ipr/search/ using draft-ietf-tls-ecc-new-mac as the I-D Filename. Elliptic curve cryptography is a heavilly patented area, and it seems impossible that this draft does not involve an existing patent. I also seemed to have missed the discussion of non-patented alternatives, as required by RFC3979. Surely the IESG would not approve a document AGAIN that did not disclose its patent status in violation of RFC3979 et al!?! I have to object to the approval of this draft on those grounds. I am very concerned that the IESG would not be more circumspect and careful in light of the previous TLS-Authz scandal. See http://www.av8.net/IETF-watch/People/Housley/index.html http://www.av8.net/IETF-watch/People/TimPolk/index.html for more information about TLS-Authz. --Dean On Mon, 23 Jun 2008, The IESG wrote: > The IESG has approved the following document: > > - 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois > Counter Mode ' > <draft-ietf-tls-ecc-new-mac-07.txt> as an Informational RFC > > This document is the product of the Transport Layer Security Working > Group. > > The IESG contact persons are Pasi Eronen and Tim Polk. > > A URL of this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-tls-ecc-new-mac-07.txt > > Technical Summary > > This document describes new ECC cipher suites for TLS which > specify stronger MAC algorithms. Eight use HMAC with SHA-256 or > SHA-384 and eight use AES in Galois Counter Mode (GCM). > > Working Group Summary > > This document is a product of the Transport Layer Security (TLS) > Working Group. The document represents the consensus of the TLS > working group. > > Document Quality > > There has been significant review of the document by members of > the TLS working group on the document and changes were made to > improve the document based on these reviews. > > Personnel > > The Document Shepherd for this document is Joseph Salowey, and the > responsible Area Director is Pasi Eronen. > > RFC Editor Note > > In document title, expand "GCM" to "Galois Counter Mode (GCM)" > > Abstract: > OLD: > However, all those cipher suites use SHA-1 as their MAC > algorithm. This document describes sixteen new cipher suites > for TLS which specify stronger digest algorithms. > NEW: > However, all those cipher suites use HMAC-SHA1 as their MAC > algorithm. This document describes sixteen new cipher suites > for TLS which specify stronger MAC algorithms. > > Section 3.1 > OLD: > These eight cipher suites are the same as the corresponding > cipher suites in RFC 4492 (with names ending in "_SHA" in place > of "_SHA256" or "_SHA384"), except for the hash and PRF > algorithms. > NEW: > These eight cipher suites are the same as the corresponding > cipher suites in RFC 4492 (with names ending in "_SHA" in place > of "_SHA256" or "_SHA384"), except for the MAC and PRF > algorithms. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Document Action: 'TLS Elliptic Curve Cipher… The IESG
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Rob Dugal
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Pasi.Eronen
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Russ Housley
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Russ Housley
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Whyte, William
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Peter Gutmann
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Blumenthal, Uri
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Russ Housley
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Mike
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Martin Rex
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Matthew Campagna
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Mark Tillinghast
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Pasi.Eronen
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Pasi.Eronen
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… tom.petch
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Paul Hoffman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Simon Josefsson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Paul Hoffman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Simon Josefsson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Martin Rex
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson