Re: [TLS] Explicit use of client and server random values

John Foley <foleyj@cisco.com> Thu, 17 December 2015 15:13 UTC

Return-Path: <foleyj@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F03731B2E97 for <tls@ietfa.amsl.com>; Thu, 17 Dec 2015 07:13:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F1qfI02ujcvr for <tls@ietfa.amsl.com>; Thu, 17 Dec 2015 07:13:18 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 876EB1B2E94 for <tls@ietf.org>; Thu, 17 Dec 2015 07:13:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=945; q=dns/txt; s=iport; t=1450365198; x=1451574798; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=c89mwiW8h7IdQ3DJdB88O0Z0XJNDeWqPT8djPelDzlE=; b=G9BFDa9cF7IByUPgiCVCOz6samzlGx7BSMSQhS8yQxTG58DshszRQLgT nmLMI+TlHPtmYklUMd81WjeNyJvKr74B5XxjqTcrwzzdEjtVbmjhdrl// E+030EhKtHVmuy5CFnZZTWDqRLt1BajrUO/0wHKw+80yMS++ZBXWeyk39 g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0D9AQBP0HJW/4MNJK1egzpSvl4BDYFiI?= =?us-ascii?q?YVsAoE2OBQBAQEBAQEBgQqENQEBBDhAARALGAkWDwkDAgECAUUGDQgBAYgrDr0?= =?us-ascii?q?rAQEBAQEBAQEBAQEBAQEBAQEBARYEi1SCcYFRhH4BBI4tiFCFOYgPgVyHSosVi?= =?us-ascii?q?GIgAQFChCKFUAEBAQ?=
X-IronPort-AV: E=Sophos;i="5.20,441,1444694400"; d="scan'208";a="219145613"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 17 Dec 2015 15:13:17 +0000
Received: from [64.102.56.172] (dhcp-64-102-56-172.cisco.com [64.102.56.172]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id tBHFDHhP002112; Thu, 17 Dec 2015 15:13:17 GMT
To: Dave Garrett <davemgarrett@gmail.com>
References: <56718D7A.4000302@cisco.com> <201512161530.06122.davemgarrett@gmail.com> <5671D454.6000506@cisco.com> <201512161628.02986.davemgarrett@gmail.com>
From: John Foley <foleyj@cisco.com>
Message-ID: <5672D12D.4010003@cisco.com>
Date: Thu, 17 Dec 2015 10:13:49 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <201512161628.02986.davemgarrett@gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/lgJ3Ak6tCh6yt6ZKnZOu7yl-zNw>
Cc: tls@ietf.org
Subject: Re: [TLS] Explicit use of client and server random values
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Dec 2015 15:13:20 -0000

On 12/16/2015 04:28 PM, Dave Garrett wrote:
> On Wednesday, December 16, 2015 04:15:00 pm John Foley wrote:
>> Thanks for answering my questions.  Have you considered adding KAT
>> values for the key derivation steps?  This would be helpful to
>> implementors.  RFC5869 already has KAT values for HKDF-Extract and
>> HKDF-Expand.  But the TLS 1.3 spec has added HKDF-Expland-Label.
>> Additionally, It would be useful to show intermediate KAT values for
>> xSS, xES, mSS, and mES.
> I suggest filing an issue or submitting a PR with a starting point set of changes and discussing it with ekr.
>

I've submitted https://github.com/tlswg/tls13-spec/issues/378.  If you 
give me a few days, I'll update this issue with KAT values per revision 
10.  Since it sounds like there are changes forthcoming in this section 
of the draft, I'll hold off on the PR until later. Hopefully someone 
else will volunteer to verify my KAT values.