IETF Logo Mail Archive

Re: [TLS] Version in record MAC

Eric Rescorla <ekr@rtfm.com> Thu, 29 October 2015 08:33 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FE8A1B2AF9 for <tls@ietfa.amsl.com>; Thu, 29 Oct 2015 01:33:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8IePXNH-F1UA for <tls@ietfa.amsl.com>; Thu, 29 Oct 2015 01:33:51 -0700 (PDT)
Received: from mail-yk0-x22a.google.com (mail-yk0-x22a.google.com [IPv6:2607:f8b0:4002:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 129021B2AF6 for <tls@ietf.org>; Thu, 29 Oct 2015 01:33:51 -0700 (PDT)
Received: by ykft191 with SMTP id t191so34901282ykf.0 for <tls@ietf.org>; Thu, 29 Oct 2015 01:33:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm_com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=i3to58R09sssTHtvey3f0dMukWBE/w/Apdiv0xeqOe0=; b=P1pc2pRa+syrZxvLu2ER2lc6HNgxT8kgMlah4emELfkT2pZK0OAguqzZlxniksc1sG SIyZzxf+wGKaEJKir3LBXA5m8o3b3f11AQ+xXBCw9w6b77FHymIpN0YajapTS5imDwHU eoODUHRfSad6CvG7zQbNqy+uS+e/6H85bmEA/nIMp0+v+OHX9FrVLhl35U3c7xOfZ0SW /83ItWtF+pgmGIZsAcifh1lJp/zJ+wJ/0O3fsW5LgKg7X3RgxqeGHC/SVNlyTxph02dh 0xcSthbEZhKR1vU8EaiKlKC/ebwy2GJpSJewt8ueJFyMIYJBibzDXDSZ6z8d4Q+Juz0X tSIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=i3to58R09sssTHtvey3f0dMukWBE/w/Apdiv0xeqOe0=; b=QEOPbqVdT6y6xcBpnl23+asr+m+6Wgf/lP8eS3VeXVZVpUKWju8hhdqAWzrsVjrcZP n4lrTYoJgVI3KdISyCqxWZ/7J3TOnplz6wzbMDdekn429OIpzAR+ZDtYWnsjcvhGMNJz eXl618tia/qqPIaKF4i9TtDtnCLz3ybob8I2z6f1PZFQH8s3oMI3S3Vhr3OsidI4eV+E ED7bjYnxeTg3/Gl4N3rvKYiIsHtqXS34F97+AKiUJQwPS/MEOMN5zje9pmEZCngmxyHB Si0UVCj4Mu2G0HRz5p0r+s88wnUJ8ZWiumBrjWAUqYzeUyY9hmyRMCCLnH2GxGLJP/4U H7mg==
X-Gm-Message-State: ALoCoQl/HsLStuyMHuYC1OELW2xiQS8zbeORk3sQyABBos307BPSeqy4Vauu9hBVhh8isSVrVYsA
X-Received: by 10.129.130.6 with SMTP id s6mr331512ywf.155.1446107630354; Thu, 29 Oct 2015 01:33:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.221.85 with HTTP; Thu, 29 Oct 2015 01:33:10 -0700 (PDT)
In-Reply-To: <CABcZeBOhqJrCVqRVzRtMEwFtLzRJ-W_3U_VJFf5apYCVJ1vDpA@mail.gmail.com>
References: <CABkgnnV+QrjcXJdZwwAGW-SpX0Z0_JroEVT-kMJgUAVe7DDQUw@mail.gmail.com> <CABcZeBOrL=TosONYfM_QPPYfT5N4VH7yR4hFw3Qt8W4V0uznkw@mail.gmail.com> <CABkgnnXis0mwqcsd1D0S61kqL6kvq9=ZU0BRbwbLH7Jesj0Y-w@mail.gmail.com> <CABcZeBNpV3uqOF4YohiCrtq03hR7LPnPGdny6yWB+zysVufiqA@mail.gmail.com> <CABkgnnWVJeeBuMitweCj=nOSB5cA-R-6btdQeWp0Bdnomd2XtQ@mail.gmail.com> <CAMfhd9V4WVxKbJh6KkNdVFGBGKh=tG5kC_7sPthOwhrrUi5eoQ@mail.gmail.com> <CABcZeBOc_9i83j4rjxve8PuBPWdd8eCVN2wQth3G0=T_xz1UKg@mail.gmail.com> <811734cd29d64adc98c5388870611575@XCH-ALN-004.cisco.com> <CABcZeBNZJkrVsA9UEN-ywpzUOZy4wJ=2=QDg-KhjNUCvMKi=HA@mail.gmail.com> <CABcZeBNOJNwL9Akbhnpd2fg8rk80BNYRkODRpqDb9nk2K_m1mg@mail.gmail.com> <20151027150915.GA8140@LK-Perkele-V2.elisa-laajakaista.fi> <CABcZeBMsass0MQT3cyE0Q9eq6eWUUtZ=wGNFavw5XKEqa=SkGA@mail.gmail.com> <CAMfhd9V6-1GnEtqBQjx5MhFYU_kAvj9vXK_7R=Hi=UGhtDnu_w@mail.gmail.com> <CABcZeBOhqJrCVqRVzRtMEwFtLzRJ-W_3U_VJFf5apYCVJ1vDpA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 29 Oct 2015 17:33:10 +0900
Message-ID: <CABcZeBP8MOoDuTK6svF-J6Cu3sUewMFVK13eAftTJniMw39SfA@mail.gmail.com>
To: Adam Langley <agl@imperialviolet.org>
Content-Type: multipart/alternative; boundary="94eb2c07c35e9d725405233a2b4a"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/ucSeoc4WONvOPVeueS0qFmRKxoU>
Cc: "David McGrew (mcgrew)" <mcgrew@cisco.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Version in record MAC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Oct 2015 08:33:52 -0000

Per discussion with Sean, I've merged this at:
https://github.com/tlswg/tls13-spec/commit/5f30bca74fdf8ded2bf50b112487ca780faa52ef

On Wed, Oct 28, 2015 at 3:53 AM, Eric Rescorla <ekr@rtfm.com> wrote:

> Sure. Like I said, I don't feel strongly about this, I just wanted to take
> people's
> temperature. I'm find with removing the seq from the AD.
>
> -Ekr
>
> On Tue, Oct 27, 2015 at 2:49 PM, Adam Langley <agl@imperialviolet.org>
> wrote:
>
>> On Tue, Oct 27, 2015 at 8:56 AM, Eric Rescorla <ekr@rtfm.com> wrote:
>> > Yes, that's correct. But we could relax that restriction and make those
>> work
>> > if we wanted...
>>
>> Explicit nonces should not be used in TLS. I'm happy to be building
>> things without them in mind.
>>
>> SIV modes, if turned into AEADs, would have to authenticate their
>> nonces internally. RFC 5297 basically says that already
>> (https://tools.ietf.org/html/rfc5297#section-3). That might mean that
>> the nonce is prepended to the AD inside the AEAD abstraction, but that
>> wouldn't be TLS's concern.
>>
>>
>> Cheers
>>
>> AGL
>>
>> --
>> Adam Langley agl@imperialviolet.org https://www.imperialviolet.org
>>
>
>

v2.23.0 | Report a Bug | By Email