IETF Logo Mail Archive

Re: [TLS] Consensus call for keys used in handshake and data messages

Karthikeyan Bhargavan <karthik.bhargavan@gmail.com> Tue, 14 June 2016 05:08 UTC

Return-Path: <karthik.bhargavan@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF6B412D59F for <tls@ietfa.amsl.com>; Mon, 13 Jun 2016 22:08:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E7pv5xaltywF for <tls@ietfa.amsl.com>; Mon, 13 Jun 2016 22:08:05 -0700 (PDT)
Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3216912D5F9 for <tls@ietf.org>; Mon, 13 Jun 2016 22:08:04 -0700 (PDT)
Received: by mail-wm0-x229.google.com with SMTP id m124so105458792wme.1 for <tls@ietf.org>; Mon, 13 Jun 2016 22:08:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=yyPGeVBY/83tY2I4xsdYCgYXvAHtBMdV0mhu4c8o0AQ=; b=keyhN1tFOwFacpQpYZTM6qCCyWQonvs0FaG6Gw0oI+uvr8cxxeuBuE4koYrsLYtrA+ U/LznXFTicH0humv84zLjFXfMEXZXxjJre/3DM0ZNi+bW7A/jn2bTwqgAvfVid+SGm81 W/ctMZ/xYQevQkaQ6uiu7fHc92BYgzbhkCkiIy5xQ48nOGEosGjbOyiU5Go1BZP1e838 LIT4iozgYbHzDdmtA6vMRea7hZcsf2SSZOZZeqQAXK4UAf2hnE39buCml61H3EwtR3pi F+9BoRlA0Sdt0WFtuBLV+H8WT32P8WS2P21/s64oZWPde2vNlMFUUziteEK958WAngDa n6qw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=yyPGeVBY/83tY2I4xsdYCgYXvAHtBMdV0mhu4c8o0AQ=; b=m1wPMwmVxDMbV5543JD746LLkvuQfyv23/SW20kV8YzI6dFDkBtNaEnvAoI/QvVaGl BtoztxqIdreBr7cZ4PPu8pLBg/msTRSRC6nTjxsRYATnEjw/BVo+l31SeKgF1MbJNyIz caOEuwlZY1weXJC91T4KZgC12V0ohIWucxrJycrnn/GNd5s4ZJpu0IjuNS3q6eP2tUsb T/13Cwq02Z8wbcVwwqPk+kWeuTINpeZK6fFiYBjDskc1b0wXL4LHpYwzB0QUHygP1X01 hfUBbhP4UP/ILBlW0h/1qUxwtQoW4jlwh+mUXGTBPQOBoE/1DAuFPaM9BLblsAwB2Vqa KmXQ==
X-Gm-Message-State: ALyK8tL/vne/wKU55CU5EiP0RYTApkyLCOZz7bNPQX+/7zTS6DDg4F+B+vmXUom0o9KUSA==
X-Received: by 10.28.132.201 with SMTP id g192mr4325472wmd.87.1465880882656; Mon, 13 Jun 2016 22:08:02 -0700 (PDT)
Received: from [192.168.0.51] (89-156-8-219.rev.numericable.fr. [89.156.8.219]) by smtp.gmail.com with ESMTPSA id kd7sm30848669wjc.33.2016.06.13.22.08.01 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 13 Jun 2016 22:08:01 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Karthikeyan Bhargavan <karthik.bhargavan@gmail.com>
In-Reply-To: <8760tc3kd0.fsf@alice.fifthhorseman.net>
Date: Tue, 14 Jun 2016 07:08:11 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <3B833484-DFD8-419A-877C-C1F259AC4528@gmail.com>
References: <CAOgPGoDRZdJN7DY10tDoEEidVkxeKabCcW_U3vQqaaH6x162gw@mail.gmail.com> <8760tc3kd0.fsf@alice.fifthhorseman.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uXJUoFuucZPXmVJnqkfGv-1DQow>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus call for keys used in handshake and data messages
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2016 05:08:07 -0000

I prefer (2)

> On 13 Jun 2016, at 22:27, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> 
> On Mon 2016-06-13 15:00:03 -0400, Joseph Salowey wrote:
>> 1. Use the same key for handshake and application traffic (as in the
>> current draft-13)
>> 
>> or
>> 
>> 2. Restore a public content type and different keys
> 
> Given this choice, i prefer (1).
> 
>      --dkg
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email