IETF Logo Mail Archive

Re: [TLS] Should CCM_8 CSs be Recommended?

Russ Housley <housley@vigilsec.com> Wed, 04 October 2017 13:29 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 306C0132031 for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 06:29:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.499
X-Spam-Level:
X-Spam-Status: No, score=-0.499 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6WxCow_xjDH6 for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 06:29:33 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD65C126DFE for <tls@ietf.org>; Wed, 4 Oct 2017 06:29:33 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 1D01B3002AD for <tls@ietf.org>; Wed, 4 Oct 2017 09:29:33 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 77zGzCuJIdbi for <tls@ietf.org>; Wed, 4 Oct 2017 09:29:31 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id 9994530058D; Wed, 4 Oct 2017 09:29:31 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <A0249DE0-2F0C-44EE-B13A-A5AFEF26A82C@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_81FFC99B-EAAC-45D8-8BDF-EE56E8FD7116"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 04 Oct 2017 09:29:30 -0400
In-Reply-To: <AACDE608-F8EE-4C5C-82C2-03AAF1C32BDA@gmail.com>
Cc: IETF TLS <tls@ietf.org>
To: Yoav Nir <ynir.ietf@gmail.com>
References: <CA26DC83-9524-4CDA-910A-7FDCBF73F849@sn3rd.com> <CABcZeBM=BnwGKydcWaaCTgqCvJA6Yc-ejz-q_BtsvCNO1JHWSg@mail.gmail.com> <AACDE608-F8EE-4C5C-82C2-03AAF1C32BDA@gmail.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lzJnXaiYwX-B6hGKm3lV88UShg8>
Subject: Re: [TLS] Should CCM_8 CSs be Recommended?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2017 13:29:35 -0000

> On Oct 4, 2017, at 3:30 AM, Yoav Nir <ynir.ietf@gmail.com> wrote:
> 
>    (IoT) - This requirement is for interoperability with IoT.  Only
>    128-bit keys are at the given level.
If the IoT environment is willing to accept lower integrity protection in order to save a few bits on the wire/ether, I do not see why the specification also forces them from using a larger key size.

Russ

v2.23.0 | Report a Bug | By Email