Re: [TLS] Encrypt-then-MAC again (was Re: padding bug)

Eric Rescorla <ekr@rtfm.com> Thu, 28 November 2013 15:03 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00A401AD9B8 for <tls@ietfa.amsl.com>; Thu, 28 Nov 2013 07:03:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Hto0T-Unrjq for <tls@ietfa.amsl.com>; Thu, 28 Nov 2013 07:03:31 -0800 (PST)
Received: from mail-wg0-f43.google.com (mail-wg0-f43.google.com [74.125.82.43]) by ietfa.amsl.com (Postfix) with ESMTP id 38D0B1AD7BF for <tls@ietf.org>; Thu, 28 Nov 2013 07:03:31 -0800 (PST)
Received: by mail-wg0-f43.google.com with SMTP id k14so5750325wgh.22 for <tls@ietf.org>; Thu, 28 Nov 2013 07:03:29 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=R3hABBIyTSs5irmQ9BKxkQz6zgLVf/7QO23q6mtoVpY=; b=F/mgoLtdAUX8BfEJR8CCkWwCssJZmOSqSUp7Tpx+6JUOoGwRWHqmGr93g/FlskqboG NvgDNhBkYS+l9gnaVNmWWVmsP+c592r/3jDpmrhLIyI/YWD73dK+h+fdTR4mj8BoYb3B 9ll3HKBg1+RbQvHqkLTAcJpSewdOSQmdq774tNX4DCFMAHknWeG5R/LvRx6XEFLx0X1M aQS7vCaLAiRNYb4lx5l02Tk886P1uAMywVrn4vTiyVWYh2mWUCqdaA08XItJpe17fyUP 2/qW+5thULoe4I5kWPsjE6iCtx/cHBpYrH2PIOmevN6A7MJD8RAVLVq7VQVe7n6N/xDX dABQ==
X-Gm-Message-State: ALoCoQnl//TFvqph2pBqOj7tNB0QV1uKYQFeXyDmbhLI+Vgs8IHhn9BvaBRkc4EAWCShsZ2xR8Mg
X-Received: by 10.194.47.161 with SMTP id e1mr2452493wjn.66.1385651009707; Thu, 28 Nov 2013 07:03:29 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.152.137 with HTTP; Thu, 28 Nov 2013 07:02:49 -0800 (PST)
X-Originating-IP: [74.95.2.168]
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C7365420C29@uxcn10-6.UoA.auckland.ac.nz>
References: <9A043F3CF02CD34C8E74AC1594475C7365420C29@uxcn10-6.UoA.auckland.ac.nz>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 28 Nov 2013 07:02:49 -0800
Message-ID: <CABcZeBP77fwR8Rwv9me4PuGza7ec9cU-JbsMUOxHbpV0ULYOqA@mail.gmail.com>
To: Peter Gutmann <p.gutmann@auckland.ac.nz>
Content-Type: text/plain; charset=ISO-8859-1
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Encrypt-then-MAC again (was Re: padding bug)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Nov 2013 15:03:33 -0000

On Thu, Nov 28, 2013 at 3:32 AM, Peter Gutmann <p.gutmann@auckland.ac.nz> wrote:
> Michael D'Errico <mike-list@pobox.com> writes:
>
>>In trying to figure out what's stalling the encrypt-then-mac draft
>
> What's stalling the draft is that the WG chairs refuse to accept it, and
> nothing else.

Peter,

This topic was discussed at the TLS WG meeting in Vancouver
(since you declined to attend, Joe Salowey provided a brief
description of the two options). Your proposed approach
had no support in the room. You can find the minutes here:

http://tools.ietf.org/wg/tls/minutes?item=minutes-88-tls.html

So, while there has been some support on the list, I don't
believe that this supports the claim that there is rough
consensus for this draft.

With that said, if you're unhappy with the performance of the
chairs, you should reach out to the Security ADs
(sec-ads@tools.ietf.org)

Best.
-Ekr
[Speaking as Chair]