Re: [TLS] consensus on adopting draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc
Don Sturek <d.sturek@att.net> Thu, 01 December 2011 20:20 UTC
Return-Path: <d.sturek@att.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88C441F0C54 for <tls@ietfa.amsl.com>; Thu, 1 Dec 2011 12:20:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IVBRWIiMLnRW for <tls@ietfa.amsl.com>; Thu, 1 Dec 2011 12:20:55 -0800 (PST)
Received: from nm26-vm0.access.bullet.mail.mud.yahoo.com (nm26-vm0.access.bullet.mail.mud.yahoo.com [66.94.236.225]) by ietfa.amsl.com (Postfix) with SMTP id 9893C1F0C48 for <tls@ietf.org>; Thu, 1 Dec 2011 12:20:55 -0800 (PST)
Received: from [66.94.237.200] by nm26.access.bullet.mail.mud.yahoo.com with NNFMP; 01 Dec 2011 20:20:51 -0000
Received: from [98.139.221.51] by tm11.access.bullet.mail.mud.yahoo.com with NNFMP; 01 Dec 2011 20:20:51 -0000
Received: from [127.0.0.1] by smtp104.sbc.mail.bf1.yahoo.com with NNFMP; 01 Dec 2011 20:20:50 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1322770850; bh=xGcDDXOAUI3+qVgEyFgcqGsZkGPP1wxuvmYFSqMjpqU=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:User-Agent:Date:Subject:From:To:CC:Message-ID:Thread-Topic:In-Reply-To:Mime-version:Content-type:Content-transfer-encoding; b=K5+vDgvvHGcw64zRwNH7g4Fk1QOGNk7EunGC+67m8JVoLIh51UqxEstRT8sUMlFCw5rKXSLZhF3ahXQ5WlLbX3cCFN/uY+3AP9FVy3ORlUwvv6hLzxj2KGvLQOkVAkQOsDwlhHP4B4kGJ1ZAhZZDur517/aBowUfACEyGl8NS1g=
X-Yahoo-Newman-Id: 892355.79670.bm@smtp104.sbc.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: PX4qcbIVM1ldU.yTWsi8DkC5O54MNkvW1pTtAou9YbExuGQ oLNp.YRDUROBrAExULW15hx3RQP8i5lCFIajcikdn4K9wpNG30oeHZka3ki8 wrEEV.tIn6.0OR5SBAqacqBQecLq0svBBA7XX2lU1fp3lo.JOMiTqvVlbTml vJ7aaBcgip1cb9AESaIeY3kdKYTT7Swyork5M4XVzdVe01SIR7PQQa5HA.bb wgGL_pmB_odnKqCczT9elXeuHZFMRa1.Q8L4njtfa4GpP3hRuNIcLUH0VXfq iedo.A5uuwRTlEpF99IugElAMBni3zqZOeV8H0ToM7wsZsAIkf1Eu56cAcO2 wm1euQiKpgkySJfSGBMB._41yN1yeKNEBdjlc48cdmxTIRnP7uZobAC5YqG7 CPx4wo4BPNvEwrr.AynTKedAIjDND2Phj8LPyF8d5Xpz9dHAyMqDGA7iwbw- -
X-Yahoo-SMTP: fvjol_aswBAraSJvMLe2r1XTzhBhbFxY8q8c3jo-
Received: from [10.1.1.121] (d.sturek@174.78.56.227 with login) by smtp104.sbc.mail.bf1.yahoo.com with SMTP; 01 Dec 2011 12:20:50 -0800 PST
User-Agent: Microsoft-MacOutlook/14.13.0.110805
Date: Thu, 01 Dec 2011 12:20:38 -0800
From: Don Sturek <d.sturek@att.net>
To: Dan Harkins <dharkins@lounge.org>, Joe Salowey <jsalowey@cisco.com>
Message-ID: <CAFD209E.DF10%d.sturek@att.net>
Thread-Topic: [TLS] consensus on adopting draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc
In-Reply-To: <418f9612c158e2e611ca393bc07a4d41.squirrel@www.trepanning.net>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] consensus on adopting draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2011 20:20:58 -0000
Hi Dan, While ZigBee does specify AES-CCM* in their *commercial* specification, I would say the general problem is that IEEE 802.15.4 (which ZigBee uses) specifies AES-CCM and nearly all silicon vendors have that (not CCM*) available. If we could somehow get those implementations to switch to GCM, I don't think we would be asking for adoption of AES-CCM. That said, for the IEEE 802.15.4 devices already manufactured and in those in the field, either we try to align the use of TLS with what is available hardware wise or else bypass the AES-CCM engine in those parts and implement GCM in software..... Don On 12/1/11 12:01 PM, "Dan Harkins" <dharkins@lounge.org> wrote: > >On Wed, November 30, 2011 1:34 pm, Joe Salowey wrote: >> The chairs would like to see if there is consensus in the TLS working >> group to adopt draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc >> as working group items. These drafts define AES-CCM cipher suites for >> TLS. The Zigbee smart energy group has interest in these drafts. >>These >> drafts only deal with a AES-CCM and not with Zigbee's AES-CCM* which is >>a >> super set of AES-CCM. The authors are requesting standards track for >> these ciphers. Please note that there is an IPR declaration listed for >> draft-mcgrew-tls-aes-ccm-ecc available here: >> https://datatracker.ietf.org/ipr/1443/. This declaration has been >>updated >> from previous declarations. Please respond to the following by >>December >> 14, 2011 : >> >> - Do you object to taking these drafts on as working group items? >>(Please >> state the reason for you objection) > > No. > >> - Would you contribute time to review and provide text for the documents >> when needed? > > Yes. > >> - Do you object to standards track status for these documents?(Please >> state the reason for you objection) > > I have a mild objection. There is no point in doing CCM. GCM is faster, >if you're gonna implement an AEAD scheme implement GCM. If you really want >a 2-pass AEAD scheme you can use RFC 5297 and you get misuse-resistance >for free (basically the security of the mode does not collapse if you >reuse a nonce/counter). The only group I know pushing CCM is actually >pushing CCM* and, as you note, this isn't CCM*. > > Dan. > > >_______________________________________________ >TLS mailing list >TLS@ietf.org >https://www.ietf.org/mailman/listinfo/tls
- [TLS] consensus on adopting draft-mcgrew-tls-aes-… Joe Salowey
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Yoav Nir
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Don Sturek
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Peter Gutmann
- [TLS] 答复: consensus on adopting draft-mcgrew-tls-… zhou.sujing
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Nikos Mavrogiannopoulos
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Dan Harkins
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Don Sturek
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Rene Struik
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Robert Cragie
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Martin Rex
- Re: [TLS] consensus on adopting draft-mcgrew-tls-… Robert Cragie