IETF Logo Mail Archive

Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC

Russ Housley <housley@vigilsec.com> Wed, 25 June 2008 20:43 UTC

Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 92E5F3A6919; Wed, 25 Jun 2008 13:43:21 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A5CB3A6A32 for <tls@core3.amsl.com>; Wed, 25 Jun 2008 13:43:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.359
X-Spam-Level:
X-Spam-Status: No, score=-101.359 tagged_above=-999 required=5 tests=[AWL=1.240, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HtywaVuioGzs for <tls@core3.amsl.com>; Wed, 25 Jun 2008 13:43:21 -0700 (PDT)
Received: from woodstock.binhost.com (woodstock.binhost.com [8.8.40.152]) by core3.amsl.com (Postfix) with SMTP id C95203A680C for <tls@ietf.org>; Wed, 25 Jun 2008 13:43:20 -0700 (PDT)
Received: (qmail 14871 invoked by uid 0); 25 Jun 2008 20:35:38 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (72.66.14.12) by woodstock.binhost.com with SMTP; 25 Jun 2008 20:35:38 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Wed, 25 Jun 2008 16:26:39 -0400
To: tls@ietf.org
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <Pine.LNX.4.44.0806251433160.17162-100000@citation2.av8.net >
References: <20080623173648.CD55D3A6A2B@core3.amsl.com> <Pine.LNX.4.44.0806251433160.17162-100000@citation2.av8.net>
Mime-Version: 1.0
Message-Id: <20080625204320.C95203A680C@core3.amsl.com>
Cc: iab@iab.org, rms@gnu.org
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org

http://www.ietf.org/ietf/IPR/certicom-ipr-rfc-3446.pdf  seem to cover 
TLS and ECC.  However, I agree that Certicom should be asked to 
update the IPR statement to cover TLS 1.2 as well as the recent 
Internet-Drafts.

Russ


At 02:53 PM 6/25/2008, Dean Anderson wrote:
>Gentle people,
>
>I can find no patent disclosures on this document listed on the IETF IPR
>search page at https://datatracker.ietf.org/ipr/search/ using
>draft-ietf-tls-ecc-new-mac as the I-D Filename.
>
>Elliptic curve cryptography is a heavilly patented area, and it seems
>impossible that this draft does not involve an existing patent.
>
>I also seemed to have missed the discussion of non-patented
>alternatives, as required by RFC3979.
>
>Surely the IESG would not approve a document AGAIN that did not disclose
>its patent status in violation of RFC3979 et al!?!
>
>I have to object to the approval of this draft on those grounds.  I am
>very concerned that the IESG would not be more circumspect and careful
>in light of the previous TLS-Authz scandal. See
>http://www.av8.net/IETF-watch/People/Housley/index.html
>http://www.av8.net/IETF-watch/People/TimPolk/index.html
>for more information about TLS-Authz.
>
>                 --Dean
>
>
>On Mon, 23 Jun 2008, The IESG wrote:
>
> > The IESG has approved the following document:
> >
> > - 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois
> >    Counter Mode '
> >    <draft-ietf-tls-ecc-new-mac-07.txt> as an Informational RFC
> >
> > This document is the product of the Transport Layer Security Working
> > Group.
> >
> > The IESG contact persons are Pasi Eronen and Tim Polk.
> >
> > A URL of this Internet-Draft is:
> > http://www.ietf.org/internet-drafts/draft-ietf-tls-ecc-new-mac-07.txt
> >
> > Technical Summary
> >
> >    This document describes new ECC cipher suites for TLS which
> >    specify stronger MAC algorithms. Eight use HMAC with SHA-256 or
> >    SHA-384 and eight use AES in Galois Counter Mode (GCM).
> >
> > Working Group Summary
> >
> >    This document is a product of the Transport Layer Security (TLS)
> >    Working Group. The document represents the consensus of the TLS
> >    working group.
> >
> > Document Quality
> >
> >    There has been significant review of the document by members of
> >    the TLS working group on the document and changes were made to
> >    improve the document based on these reviews.
> >
> > Personnel
> >
> >    The Document Shepherd for this document is Joseph Salowey, and the
> >    responsible Area Director is Pasi Eronen.
> >
> > RFC Editor Note
> >
> >    In document title, expand "GCM" to "Galois Counter Mode (GCM)"
> >
> >    Abstract:
> >    OLD:
> >       However, all those cipher suites use SHA-1 as their MAC
> >       algorithm.  This document describes sixteen new cipher suites
> >       for TLS which specify stronger digest algorithms.
> >    NEW:
> >       However, all those cipher suites use HMAC-SHA1 as their MAC
> >       algorithm.  This document describes sixteen new cipher suites
> >       for TLS which specify stronger MAC algorithms.
> >
> >    Section 3.1
> >    OLD:
> >       These eight cipher suites are the same as the corresponding
> >       cipher suites in RFC 4492 (with names ending in "_SHA" in place
> >       of "_SHA256" or "_SHA384"), except for the hash and PRF
> >       algorithms.
> >    NEW:
> >       These eight cipher suites are the same as the corresponding
> >       cipher suites in RFC 4492 (with names ending in "_SHA" in place
> >       of "_SHA256" or "_SHA384"), except for the MAC and PRF
> >       algorithms.
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
> >
> >
>
>--
>Av8 Internet   Prepared to pay a premium for better service?
>www.av8.net         faster, more reliable, better service
>617 344 9000

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email