Re: [TLS] FW: New Version Notification for draft-ietf-tls-ecdhe-psk-aead-04.txt

Thanks I will add these by the end of the day.
Yours,
Daniel

On Mon, May 22, 2017 at 1:56 PM, Benjamin Kaduk <bkaduk@akamai.com> wrote:

> Thanks for the updates; the new revision addresses my concerns raised in
> the secdir review.
>
> However,
>
> % In addition, it is worth noting that TLS 1.0 [RFC2246] and TL1.2
> % [RFC4346] splits the pre-master in two parts.
>
> s/TL1.2/TLS 1.1/, and maybe the ending as "split the pre-master secret
> into two parts".
>
> % the PSK and pre-master are treated by
> % distinct hash function with distinct properties.
>
> s/pre-master/ECDHE shared secret/?
>
> -Ben
>
>
> On 05/19/2017 03:18 PM, Daniel Migault wrote:
>
> Hi,
>
> Thank you to all reviewers for their feed backs. Please find the latest version, which as far as I know includes all comments. Comments were not controversial. In order to raise next reviews I am raising aspects that might need a bit more attention.
>
> 1)  The current document mentions I-D.ietf-tls-rfc4492bis and I-D.ietf-tls-tls13 as normative. We can wait for these documents to become RFCs, but we can also dowref them to informational reference if we want to move that document forward. I will leave the AD to decide, and changes if needed can be done by the RFC -editor
>
> 2)  Section 4 has the following text:
>
> """In the case of ECDHE_PSK authentication, the PSK and pre-master are treated by distinct hash function with distinct properties.  This may introduce vulnerabilities over the expected security provided by the constructed pre-master. As such TLS 1.0 and TLS 1.1 should not be  used with ECDHE_PSK. """
>
> With EDCHE_PSK being the ECDHE PSK method not restricted to the cipher suites defined in the document.  I just want to make sure we are ok with the last sentence.
>
> Yours,
> Daniel
>
> -----Original Message-----
> From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org <internet-drafts@ietf.org>]
> Sent: Friday, May 19, 2017 4:03 PM
> To: John Mattsson <john.mattsson@ericsson.com> <john.mattsson@ericsson.com>; Daniel Migault <daniel.migault@ericsson.com> <daniel.migault@ericsson.com>; tls-chairs@ietf.org
> Subject: New Version Notification for draft-ietf-tls-ecdhe-psk-aead-04.txt
>
>
> A new version of I-D, draft-ietf-tls-ecdhe-psk-aead-04.txt
> has been successfully submitted by Daniel Migault and posted to the IETF repository.
>
> Name:		draft-ietf-tls-ecdhe-psk-aead
> Revision:	04
> Title:		ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS)
> Document date:	2017-05-18
> Group:		tls
> Pages:		8
> URL:            https://www.ietf.org/internet-drafts/draft-ietf-tls-ecdhe-psk-aead-04.txt
> Status:         https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/
> Htmlized:       https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-04
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-tls-ecdhe-psk-aead-04
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-ecdhe-psk-aead-04
>
> Abstract:
>    This document defines several new cipher suites for the Transport
>    Layer Security (TLS) protocol.  The cipher suites are all based on
>    the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
>    (ECDHE_PSK) key exchange together with the Authenticated Encryption
>    with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK
>    provides light and efficient authentication, ECDHE provides forward
>    secrecy, and AES-GCM and AES-CCM provides encryption and integrity
>    protection.
>
>
>
>
> Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>
> _______________________________________________
> TLS mailing listTLS@ietf.orghttps://www.ietf.org/mailman/listinfo/tls
>
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>