[TLS] draft-mcgrew-aes-ccm
Eric Rescorla <ekr@rtfm.com> Wed, 28 July 2010 09:31 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9780828C154 for <tls@core3.amsl.com>; Wed, 28 Jul 2010 02:31:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.976
X-Spam-Level:
X-Spam-Status: No, score=-1.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QPzD3zzVBFJo for <tls@core3.amsl.com>; Wed, 28 Jul 2010 02:31:17 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by core3.amsl.com (Postfix) with ESMTP id D6FF03A6A47 for <tls@ietf.org>; Wed, 28 Jul 2010 02:30:25 -0700 (PDT)
Received: by gwaa18 with SMTP id a18so968393gwa.31 for <tls@ietf.org>; Wed, 28 Jul 2010 02:30:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.90.78.8 with SMTP id a8mr7804525agb.139.1280309434107; Wed, 28 Jul 2010 02:30:34 -0700 (PDT)
Received: by 10.90.214.10 with HTTP; Wed, 28 Jul 2010 02:30:34 -0700 (PDT)
Date: Wed, 28 Jul 2010 11:30:34 +0200
Message-ID: <AANLkTimBA0Y1e71ry1BDU-BwU5zk3u-nnNiLFuJ5eNzb@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
To: tls@ietf.org
Content-Type: multipart/alternative; boundary="00163628377405c806048c6f45e9"
Subject: [TLS] draft-mcgrew-aes-ccm
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jul 2010 09:31:18 -0000
This document seems to be two proposals in one: - AES-CCM cipher suites - A particular set of restrictions on ECC use. It's not clear to me how those fit together. General TLS practice is, I think, to separate Key Exchange and symmetric crypto and to favor RSA for key exchange. I.e. if we think CCM is interesting, it should probably not be standardized just for ECC. IMO it's a bad idea to restrict the use of certs to those signed with ECDSA *in the cipher suite*. TLS 1.2 provides flexibility for this algorithm for a reason. -Ekr
- [TLS] draft-mcgrew-aes-ccm Eric Rescorla