Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes-gcm-03.txt
<Pasi.Eronen@nokia.com> Thu, 23 October 2008 15:56 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DC3B43A69C1; Thu, 23 Oct 2008 08:56:57 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7CBEC3A69C1 for <tls@core3.amsl.com>; Thu, 23 Oct 2008 08:56:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.412
X-Spam-Level:
X-Spam-Status: No, score=-6.412 tagged_above=-999 required=5 tests=[AWL=0.187, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v93L-6aj+l6O for <tls@core3.amsl.com>; Thu, 23 Oct 2008 08:56:55 -0700 (PDT)
Received: from mgw-mx03.nokia.com (smtp.nokia.com [192.100.122.230]) by core3.amsl.com (Postfix) with ESMTP id 0CB6A3A6869 for <tls@ietf.org>; Thu, 23 Oct 2008 08:56:54 -0700 (PDT)
Received: from esebh107.NOE.Nokia.com (esebh107.ntc.nokia.com [172.21.143.143]) by mgw-mx03.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id m9NFvwVH020448; Thu, 23 Oct 2008 18:58:09 +0300
Received: from esebh102.NOE.Nokia.com ([172.21.138.183]) by esebh107.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 23 Oct 2008 18:58:04 +0300
Received: from vaebe104.NOE.Nokia.com ([10.160.244.59]) by esebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 23 Oct 2008 18:58:04 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Thu, 23 Oct 2008 18:58:04 +0300
Message-ID: <1696498986EFEC4D9153717DA325CB7202005611@vaebe104.NOE.Nokia.com>
In-Reply-To: <200810201401.QAA25056@TR-Sys.de>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes-gcm-03.txt
Thread-Index: AckyvI4k5oikXL5vQPG6GHjU+DxIZwCalF0A
References: <200810201401.QAA25056@TR-Sys.de>
From: Pasi.Eronen@nokia.com
To: ah@tr-sys.de, tls@ietf.org
X-OriginalArrivalTime: 23 Oct 2008 15:58:04.0135 (UTC) FILETIME=[21F3A770:01C93528]
X-Nokia-AV: Clean
Subject: Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes-gcm-03.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
Alfred, I'm not sure if we have decided on any WG policy about whether new cipher suites (defined from now on) should apply only to TLS 1.2, or also to earlier versions (when they don't need new features of TLS 1.2, like AEAD). (This question is anyway quite recent, as all earlier cipher suites were always version-independent -- mostly worked even with SSLv3.) My personal opinion is that if being compatible with TLS 1.0/1.1 requires just a single sentence in the spec, it's the probably safer than not doing it (since we don't have to try to predict if someone will use it or not). Best regards, Pasi > -----Original Message----- > From: tls-bounces@ietf.org [mailto:tls-bounces@ietf.org] On > Behalf Of ext Alfred HÎnes > Sent: 20 October, 2008 17:01 > To: tls@ietf.org > Subject: Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes-gcm-03.txt > > At Mon, 20 Oct 2008 12:17:34 +0300, Pasi.Eronen at nokia.com wrote: > > > Hi, > > > > <not wearing any hats> > > > > I have one comment: I think it'd be useful if the CBC mode cipher > > suites could be used with TLS 1.0/1.1 as well. (This would mean > > saying that when TLS 1.0/1.1 is negotiated, the TLS 1.0/1.1 PRF > > is used.) > > > > Best regards, > > Pasi > > > >> -----Original Message----- > >> From: tls-bounces@ietf.org On Behalf Of ext Joseph Salowey > (jsalowey) > >> To: tls@ietf.org > >> Sent: 06 October, 2008 05:21 > >> Subject: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes-gcm-03.txt > >> > >> This is a working group last call for > >> draft-ietf-tls-psk-new-mac-aes-gcm-03.txt. Please send any > >> comments on this draft to the list by October, 20 2008. > >> > >> Thanks, > >> > >> Joe > > This comment indeed raises a reasonable question. > > Technically, it would apparently not be a problem to follow > this proposal, it's perhaps more a question of WG policy. > > As far as I can see, in the recent past this WG has -- maybe > more implicitely than explicitely stated -- followed the policy > to *not* retrofit support for cipher suites incorporating use > of SHA-2 algorithms into TLS v1.0 / v1.1 in *Standards-Track* > documents (cf. the CBC cipher suites in RFC 5289); this has > only been done so far in documents intended for Informational > or Experimental status. (Note: Using an established TLS v1.0/v1.1 > implementation as the basis of an experiment is deemed useful > to further experimentation.) > > Since this draft also aims at Standards Track, it would seem > consequential to not deviate from this policy, and hence not > extend the scope of the draft to TLS v1.0/v1.1 for the CBC > cipher suites, unless there are specific reasons to do so. > > Pasi: > Do you have specific use cases in mind that could justify that? > > All: > Or is the perceived view of WG policy wrong, and consistency > with RFC 5289 less important than extended utility? > > My proposal: > > It might make sense to now leave the draft "as is" and defer > the final decision on this amendment until comments from > IETF LC have been received and can be considered as well. > Documenting the question in the PROTO Writeup could direct > the community at large to consider this topic during LC, > and doing so thus would be a good chance to see if someone > explicitely calls for the addition if this feature. > > Kind regards, > Alfred. > > -- > > +------------------------+------------------------------------ > --------+ > | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., > Dipl.-Phys. | > | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 > | > | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de > | > +------------------------+------------------------------------ > --------+ > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes-gcm… Joseph Salowey (jsalowey)
- Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes… Pasi.Eronen
- Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes… Alfred Hönes
- Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes… Joseph Salowey (jsalowey)
- Re: [TLS] WGLC for draft-ietf-tls-psk-new-mac-aes… Pasi.Eronen