[TLS] PRF in TLS 1.2
Wan-Teh Chang <wtchang@redhat.com> Mon, 18 September 2006 22:46 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GPRt5-0007kk-7T; Mon, 18 Sep 2006 18:46:51 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GPRt4-0007kf-8J for tls@ietf.org; Mon, 18 Sep 2006 18:46:50 -0400
Received: from mx1.redhat.com ([66.187.233.31]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GPRt2-00033q-Va for tls@ietf.org; Mon, 18 Sep 2006 18:46:50 -0400
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k8IMkkbq022575 for <tls@ietf.org>; Mon, 18 Sep 2006 18:46:46 -0400
Received: from potter.sfbay.redhat.com (potter.sfbay.redhat.com [172.16.27.15]) by int-mx1.corp.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k8IMkdmv010327 for <tls@ietf.org>; Mon, 18 Sep 2006 18:46:40 -0400
Received: from [127.0.0.1] (dhcp-172-16-25-208.sfbay.redhat.com [172.16.25.208]) by potter.sfbay.redhat.com (8.12.8/8.12.8) with ESMTP id k8IMkW0p020130 for <tls@ietf.org>; Mon, 18 Sep 2006 18:46:35 -0400
Message-ID: <450F222D.2020706@redhat.com>
Date: Mon, 18 Sep 2006 15:48:13 -0700
From: Wan-Teh Chang <wtchang@redhat.com>
User-Agent: Thunderbird 2.0b1pre (Windows/20060915)
MIME-Version: 1.0
To: tls@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
Cc:
Subject: [TLS] PRF in TLS 1.2
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Hi, Could someone please post a description of what was decided about the PRF in TLS 1.2 in the Montreal WG meeting? The only documents I can find on this topic are: - Slide 7 of Eric's presentation (http://www3.ietf.org/proceedings/06jul/slides/tls-1.pdf) - Eric's TLS WG Summary http://www1.ietf.org/mail-archive/web/tls/current/msg00698.html But I can't tell from the WG summary what was decided and whether the proposal in Slide 7 was accepted. I'd also like to know what new PRFs have been proposed, and who the proponents are. The reason I'm interested in the PRF issue is that TLS 1.0 required an official interpretation from NIST to be acceptable for use in FIPS mode. (See the letter from William Burr of NIST in IG 7.1, http://csrc.nist.gov/cryptval/140-1/FIPS1402IG.pdf . Search for "Burr" or "TLS" in that document.) I hope we can eliminate such FIPS compliance issues in TLS 1.2. But it's not clear to me whether not using MD5 in the PRF would be sufficient for the PRF to be FIPS compliant, or we'd also need to use one of the KDFs specified in NIST SP 800-56A, Section 5.8. (http://csrc.nist.gov/publications/nistpubs/800-56A/sp800-56A_May-3-06.pdf) Wan-Teh Chang _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] PRF in TLS 1.2 Wan-Teh Chang
- Re: [TLS] PRF in TLS 1.2 Eric Rescorla
- Re: [TLS] PRF in TLS 1.2 Wan-Teh Chang
- Re: [TLS] PRF in TLS 1.2 Eric Rescorla
- RE: [TLS] PRF in TLS 1.2 Blumenthal, Uri
- Re: [TLS] PRF in TLS 1.2 Kyle Hamilton
- Re: [TLS] PRF in TLS 1.2 Peter Gutmann
- Re: [TLS] PRF in TLS 1.2 David Hopwood
- RE: [TLS] PRF in TLS 1.2 Blumenthal, Uri
- Re: [TLS] PRF in TLS 1.2 Wan-Teh Chang
- RE: [TLS] PRF in TLS 1.2 Pasi Eronen
- RE: [TLS] PRF in TLS 1.2 Pasi.Eronen
- Re: [TLS] PRF in TLS 1.2 Eric Rescorla
- Re: [TLS] PRF in TLS 1.2 David Hopwood
- Re: [TLS] PRF in TLS 1.2 David Hopwood
- Re: [TLS] PRF in TLS 1.2 Eric Rescorla
- Re: [TLS] PRF in TLS 1.2 Eric Rescorla
- RE: [TLS] PRF in TLS 1.2 Blumenthal, Uri
- Re: [TLS] PRF in TLS 1.2 David Hopwood
- Re: [TLS] PRF in TLS 1.2 David Hopwood
- Re: [TLS] PRF in TLS 1.2 Kyle Hamilton
- Re: [TLS] PRF in TLS 1.2 Daniel Brown
- RE: [TLS] PRF in TLS 1.2 Blumenthal, Uri
- RE: [TLS] PRF in TLS 1.2 Blumenthal, Uri
- Re: [TLS] PRF in TLS 1.2 Bodo Moeller
- Re: [TLS] PRF in TLS 1.2 Bodo Moeller
- RE: [TLS] PRF in TLS 1.2 Pasi.Eronen
- Re: [TLS] PRF in TLS 1.2 Kyle Hamilton
- Re: [TLS] PRF in TLS 1.2 EKR
- Re: [TLS] PRF in TLS 1.2 Daniel Brown
- Re: [TLS] PRF in TLS 1.2 Bodo Moeller
- Re: [TLS] PRF in TLS 1.2 Peter Gutmann