RE: [TLS] Issue 56: AES as MTI

To: "Eric Rescorla" <ekr at networkresonance.com>, "Yee, Peter" <pyee at rsasecurity.com>
Subject: RE: [TLS] Issue 56: AES as MTI
From: "Joseph Salowey \(jsalowey\)" <jsalowey at cisco.com>
Date: Wed, 12 Sep 2007 16:43:57 -0700
Authentication-results: sj-dkim-3; header.From=jsalowey@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Cc: tls at ietf.org
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1204; t=1189640639; x=1190504639; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey@cisco.com; z=From:=20=22Joseph=20Salowey=20\(jsalowey\)=22=20<jsalowey@cisco.com> |Subject:=20RE=3A=20[TLS]=20Issue=2056=3A=20AES=20as=20MTI |Sender:=20; bh=L4cbrm2uvosPVZvkOAKfqw8VNNXt1pu3HRmCUogUvhA=; b=sOpWv674V9W9V17GdlNIPQv2PjGxwBnm3KTC+x9tvUnHKpnae2VRhdOfaTVicrkuaTzbVSCk 09AXQO6j+kUNQTwC8FlG2IOoWmAnprKJ+YVnb4Yt2lv5k2S/bqCvWt3+;
In-reply-to: <20070912232636.2B5FE33C21@delta.rtfm.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Thread-index: Acf1lOMWkVBCdIqQRV+HNq83v1u3KgAAXqdg
Thread-topic: [TLS] Issue 56: AES as MTI

I'm in favor of having AES as the MTI.  I'd have to think a bit more
about whether CBC or GCM is appropriate, but either should be fine.
Initially, I was thinking AES-CBC, because of the reason Eric mentioned.


Joe

> -----Original Message-----
> From: Eric Rescorla [mailto:ekr at networkresonance.com] 
> Sent: Wednesday, September 12, 2007 4:27 PM
> To: Yee, Peter
> Cc: tls at ietf.org
> Subject: Re: [TLS] Issue 56: AES as MTI
> 
> At Wed, 12 Sep 2007 19:27:17 -0400,
> Yee, Peter wrote:
> > 
> > Just AES in general or a specific key size and mode?  I'd generally 
> > favor the move, although I recognize that AES will probably 
> be slower 
> > than RC4 so there will be those who would resist the move.  Despite 
> > that, I'd be in favor of AES-GCM as MTI as it's a whole lot better 
> > than 3DES_EDE_CBC.
> 
> The current algorithm is 3DES_EDE_CBC. I would imagine we 
> would use AES_128_CBC. It's a much easier substitution than 
> GCM and most TLS stacks already support AES-CBC.
> 
> -Ekr
> 
> _______________________________________________
> TLS mailing list
> TLS at lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/tls
> 

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Issue 56: AES as MTI
  - From: Eric Rescorla

Prev by Date: Re: [TLS] Issue 56: AES as MTI
Next by Date: Re: [TLS] Issue 56: AES as MTI
Previous by thread: Re: [TLS] Issue 56: AES as MTI
Next by thread: Re: [TLS] Issue 56: AES as MTI
Index(es):
- Date
- Thread

RE: [TLS] Issue 56: AES as MTI

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.