Re: [TLS] Encrypt-then-MAC again (was Re: padding bug)
Eric Rescorla <ekr@rtfm.com> Thu, 28 November 2013 15:03 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00A401AD9B8 for <tls@ietfa.amsl.com>; Thu, 28 Nov 2013 07:03:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Hto0T-Unrjq for <tls@ietfa.amsl.com>; Thu, 28 Nov 2013 07:03:31 -0800 (PST)
Received: from mail-wg0-f43.google.com (mail-wg0-f43.google.com [74.125.82.43]) by ietfa.amsl.com (Postfix) with ESMTP id 38D0B1AD7BF for <tls@ietf.org>; Thu, 28 Nov 2013 07:03:31 -0800 (PST)
Received: by mail-wg0-f43.google.com with SMTP id k14so5750325wgh.22 for <tls@ietf.org>; Thu, 28 Nov 2013 07:03:29 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=R3hABBIyTSs5irmQ9BKxkQz6zgLVf/7QO23q6mtoVpY=; b=F/mgoLtdAUX8BfEJR8CCkWwCssJZmOSqSUp7Tpx+6JUOoGwRWHqmGr93g/FlskqboG NvgDNhBkYS+l9gnaVNmWWVmsP+c592r/3jDpmrhLIyI/YWD73dK+h+fdTR4mj8BoYb3B 9ll3HKBg1+RbQvHqkLTAcJpSewdOSQmdq774tNX4DCFMAHknWeG5R/LvRx6XEFLx0X1M aQS7vCaLAiRNYb4lx5l02Tk886P1uAMywVrn4vTiyVWYh2mWUCqdaA08XItJpe17fyUP 2/qW+5thULoe4I5kWPsjE6iCtx/cHBpYrH2PIOmevN6A7MJD8RAVLVq7VQVe7n6N/xDX dABQ==
X-Gm-Message-State: ALoCoQnl//TFvqph2pBqOj7tNB0QV1uKYQFeXyDmbhLI+Vgs8IHhn9BvaBRkc4EAWCShsZ2xR8Mg
X-Received: by 10.194.47.161 with SMTP id e1mr2452493wjn.66.1385651009707; Thu, 28 Nov 2013 07:03:29 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.152.137 with HTTP; Thu, 28 Nov 2013 07:02:49 -0800 (PST)
X-Originating-IP: [74.95.2.168]
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C7365420C29@uxcn10-6.UoA.auckland.ac.nz>
References: <9A043F3CF02CD34C8E74AC1594475C7365420C29@uxcn10-6.UoA.auckland.ac.nz>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 28 Nov 2013 07:02:49 -0800
Message-ID: <CABcZeBP77fwR8Rwv9me4PuGza7ec9cU-JbsMUOxHbpV0ULYOqA@mail.gmail.com>
To: Peter Gutmann <p.gutmann@auckland.ac.nz>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Encrypt-then-MAC again (was Re: padding bug)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Nov 2013 15:03:33 -0000
On Thu, Nov 28, 2013 at 3:32 AM, Peter Gutmann <p.gutmann@auckland.ac.nz> wrote: > Michael D'Errico <mike-list@pobox.com> writes: > >>In trying to figure out what's stalling the encrypt-then-mac draft > > What's stalling the draft is that the WG chairs refuse to accept it, and > nothing else. Peter, This topic was discussed at the TLS WG meeting in Vancouver (since you declined to attend, Joe Salowey provided a brief description of the two options). Your proposed approach had no support in the room. You can find the minutes here: http://tools.ietf.org/wg/tls/minutes?item=minutes-88-tls.html So, while there has been some support on the list, I don't believe that this supports the claim that there is rough consensus for this draft. With that said, if you're unhappy with the performance of the chairs, you should reach out to the Security ADs (sec-ads@tools.ietf.org) Best. -Ekr [Speaking as Chair]
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Peter Gutmann
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Eric Rescorla
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Watson Ladd
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Juho Vähä-Herttua
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Bodo Moeller
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Nikos Mavrogiannopoulos
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Bodo Moeller
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Juho Vähä-Herttua
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Robert Ransom
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Nikos Mavrogiannopoulos
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Watson Ladd
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Juho Vähä-Herttua
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Taylor Hornby
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Nikos Mavrogiannopoulos
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Watson Ladd
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Nikos Mavrogiannopoulos
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Alfredo Pironti
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Paterson, Kenny
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Alfredo Pironti
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Watson Ladd
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Alfredo Pironti
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Wan-Teh Chang
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Paterson, Kenny
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Nikos Mavrogiannopoulos
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Paterson, Kenny
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Watson Ladd
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Martin Rex
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Peter Gutmann
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Peter Gutmann
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Peter Gutmann
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Peter Gutmann
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Trevor Perrin
- Re: [TLS] Encrypt-then-MAC again (was Re: padding… Watson Ladd