Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
Russ Housley <housley@vigilsec.com> Wed, 25 June 2008 20:43 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 92E5F3A6919; Wed, 25 Jun 2008 13:43:21 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A5CB3A6A32 for <tls@core3.amsl.com>; Wed, 25 Jun 2008 13:43:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.359
X-Spam-Level:
X-Spam-Status: No, score=-101.359 tagged_above=-999 required=5 tests=[AWL=1.240, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HtywaVuioGzs for <tls@core3.amsl.com>; Wed, 25 Jun 2008 13:43:21 -0700 (PDT)
Received: from woodstock.binhost.com (woodstock.binhost.com [8.8.40.152]) by core3.amsl.com (Postfix) with SMTP id C95203A680C for <tls@ietf.org>; Wed, 25 Jun 2008 13:43:20 -0700 (PDT)
Received: (qmail 14871 invoked by uid 0); 25 Jun 2008 20:35:38 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (72.66.14.12) by woodstock.binhost.com with SMTP; 25 Jun 2008 20:35:38 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Wed, 25 Jun 2008 16:26:39 -0400
To: tls@ietf.org
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <Pine.LNX.4.44.0806251433160.17162-100000@citation2.av8.net >
References: <20080623173648.CD55D3A6A2B@core3.amsl.com> <Pine.LNX.4.44.0806251433160.17162-100000@citation2.av8.net>
Mime-Version: 1.0
Message-Id: <20080625204320.C95203A680C@core3.amsl.com>
Cc: iab@iab.org, rms@gnu.org
Subject: Re: [TLS] Document Action: 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode' to Informational RFC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
http://www.ietf.org/ietf/IPR/certicom-ipr-rfc-3446.pdf seem to cover TLS and ECC. However, I agree that Certicom should be asked to update the IPR statement to cover TLS 1.2 as well as the recent Internet-Drafts. Russ At 02:53 PM 6/25/2008, Dean Anderson wrote: >Gentle people, > >I can find no patent disclosures on this document listed on the IETF IPR >search page at https://datatracker.ietf.org/ipr/search/ using >draft-ietf-tls-ecc-new-mac as the I-D Filename. > >Elliptic curve cryptography is a heavilly patented area, and it seems >impossible that this draft does not involve an existing patent. > >I also seemed to have missed the discussion of non-patented >alternatives, as required by RFC3979. > >Surely the IESG would not approve a document AGAIN that did not disclose >its patent status in violation of RFC3979 et al!?! > >I have to object to the approval of this draft on those grounds. I am >very concerned that the IESG would not be more circumspect and careful >in light of the previous TLS-Authz scandal. See >http://www.av8.net/IETF-watch/People/Housley/index.html >http://www.av8.net/IETF-watch/People/TimPolk/index.html >for more information about TLS-Authz. > > --Dean > > >On Mon, 23 Jun 2008, The IESG wrote: > > > The IESG has approved the following document: > > > > - 'TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois > > Counter Mode ' > > <draft-ietf-tls-ecc-new-mac-07.txt> as an Informational RFC > > > > This document is the product of the Transport Layer Security Working > > Group. > > > > The IESG contact persons are Pasi Eronen and Tim Polk. > > > > A URL of this Internet-Draft is: > > http://www.ietf.org/internet-drafts/draft-ietf-tls-ecc-new-mac-07.txt > > > > Technical Summary > > > > This document describes new ECC cipher suites for TLS which > > specify stronger MAC algorithms. Eight use HMAC with SHA-256 or > > SHA-384 and eight use AES in Galois Counter Mode (GCM). > > > > Working Group Summary > > > > This document is a product of the Transport Layer Security (TLS) > > Working Group. The document represents the consensus of the TLS > > working group. > > > > Document Quality > > > > There has been significant review of the document by members of > > the TLS working group on the document and changes were made to > > improve the document based on these reviews. > > > > Personnel > > > > The Document Shepherd for this document is Joseph Salowey, and the > > responsible Area Director is Pasi Eronen. > > > > RFC Editor Note > > > > In document title, expand "GCM" to "Galois Counter Mode (GCM)" > > > > Abstract: > > OLD: > > However, all those cipher suites use SHA-1 as their MAC > > algorithm. This document describes sixteen new cipher suites > > for TLS which specify stronger digest algorithms. > > NEW: > > However, all those cipher suites use HMAC-SHA1 as their MAC > > algorithm. This document describes sixteen new cipher suites > > for TLS which specify stronger MAC algorithms. > > > > Section 3.1 > > OLD: > > These eight cipher suites are the same as the corresponding > > cipher suites in RFC 4492 (with names ending in "_SHA" in place > > of "_SHA256" or "_SHA384"), except for the hash and PRF > > algorithms. > > NEW: > > These eight cipher suites are the same as the corresponding > > cipher suites in RFC 4492 (with names ending in "_SHA" in place > > of "_SHA256" or "_SHA384"), except for the MAC and PRF > > algorithms. > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > > > > > >-- >Av8 Internet Prepared to pay a premium for better service? >www.av8.net faster, more reliable, better service >617 344 9000 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Document Action: 'TLS Elliptic Curve Cipher… The IESG
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Rob Dugal
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Pasi.Eronen
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Russ Housley
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Russ Housley
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Whyte, William
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Peter Gutmann
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Blumenthal, Uri
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Russ Housley
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Eric Rescorla
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Mike
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Martin Rex
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Matthew Campagna
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Mark Tillinghast
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Pasi.Eronen
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Pasi.Eronen
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… tom.petch
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Paul Hoffman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Simon Josefsson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dan Harkins
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Paul Hoffman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Simon Josefsson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Martin Rex
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Richard M Stallman
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Steven M. Bellovin
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Yoav Nir
- Re: [TLS] Document Action: 'TLS Elliptic Curve Ci… Dean Anderson