IETF Logo Mail Archive

Re: [TLS] Some comments about draft-badra-ecdhe-tls-psk-01

Mohamad Badra <badra@isima.fr> Tue, 29 January 2008 15:44 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JJsdH-0004mm-6z; Tue, 29 Jan 2008 10:44:19 -0500
Received: from tls by megatron.ietf.org with local (Exim 4.43) id 1JJsdF-0004mW-Iv for tls-confirm+ok@megatron.ietf.org; Tue, 29 Jan 2008 10:44:17 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JJsdF-0004mM-5x for tls@ietf.org; Tue, 29 Jan 2008 10:44:17 -0500
Received: from sp.isima.fr ([193.55.95.1]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1JJsdE-0006EM-Hy for tls@ietf.org; Tue, 29 Jan 2008 10:44:17 -0500
Received: from [127.0.0.1] (pc158.isima.fr [193.55.95.158]) by sp.isima.fr (8.13.8/8.13.8) with ESMTP id m0TGfGti499782; Tue, 29 Jan 2008 16:41:16 GMT
Message-ID: <479F49B4.7000704@isima.fr>
Date: Tue, 29 Jan 2008 16:43:48 +0100
From: Mohamad Badra <badra@isima.fr>
User-Agent: Thunderbird 1.5.0.14 (Windows/20071210)
MIME-Version: 1.0
To: Pasi.Eronen@nokia.com
Subject: Re: [TLS] Some comments about draft-badra-ecdhe-tls-psk-01
References: <B356D8F434D20B40A8CEDAEC305A1F240511959C@esebe105.NOE.Nokia.com> <87sl15pxnx.fsf@mocca.josefsson.org> <B356D8F434D20B40A8CEDAEC305A1F24052E8740@esebe105.NOE.Nokia.com>
In-Reply-To: <B356D8F434D20B40A8CEDAEC305A1F24052E8740@esebe105.NOE.Nokia.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (sp.isima.fr [193.55.95.1]); Tue, 29 Jan 2008 16:41:16 +0000 (WET)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bdc523f9a54890b8a30dd6fd53d5d024
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Dear Pasi,

> Overall comment: While the technical solution is reasonably defined 
> and scoped, do we have any evidence that someone cares about it?
> I.e., do we have information suggesting that if this was specified,
> it would actually be used in real world? If we don't, let's not 
> spend WG time on it...

A few of volunteers already reviewed the document. As you said early, 
the technical solution is reasonably defined and scoped and therefore I 
don't think that we need enough time to spend on it. The evidence that 
someone cares about it depends on the TLS-PSK itself: why someone care 
on RSA_PSK and DH_PSK but not on ECDHE_PSK? However, I do support any 
opinion poll on that through asking that someone: Do you support 
adopting that document?


> Some additional comments based on a quick read:
> 
> Abstract, "This document updates RFC 4785 and 4279..."; it 
> doesn't "update" either of them (in the sense the word "update" 
> is usually used when talking about relationships between RFCs);
> it just defines additional cipher suites.

OK, I will replace "update" with "extend".


> Section 2, "First, perform the Elliptic Curve Diffie-Hellman
> computation in the same way as for other Diffie-Hellman-based
> ciphersuites in [TLS1.0] or [TLS1.1]" Neither document contains
> information on how to perform ECDH computations.

This is a mistake, I will replace "[TLS1.0] or [TLS1.1]" with "RFC4492".


> Section 2, "Let Z be the value produced by this computation",
> Elliptic Curve Diffie-Hellman is somewhat different in this
> respect; text should be consistent with RFC 4492 Section 5.10.

What about replacing:

    The premaster secret is formed as follows. First, perform the
    Elliptic Curve Diffie-Hellman computation in the same way as for
    other Diffie-Hellman-based ciphersuites in [TLS1.0] or [TLS1.1]. Let
    Z be the value produced by this computation. Concatenate a uint16
    containing the length of Z (in octets), Z itself, a uint16
    containing the length of the PSK (in octets), and the PSK itself.

With:

    The premaster secret is formed as follows. First, perform the
    Elliptic Curve Diffie-Hellman computation in the same way as for
    other Diffie-Hellman-based ciphersuites defined in RFC4492 to
    generate the octet string [RFC4492]. Next, concatenate a uint16
    containing the length of the octet string (in octets), the octet
    strinf itself, a uint16 containing the length of the PSK (in octets),
    and the PSK itself.

> Typos/grammar:
> "These ciphersuites provides.."
> "It specifies as well one.."

OK.

> 
>>From idnits: Unused Reference: 'RFC2119' is defined on line 160, 
> but no explicit reference was found in the text

OK.

> 
> Best regards,
> Pasi 

Many thanks!
Best regards,
-- 
Mohamad Badra
CNRS - LIMOS Laboratory



_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email