[TLS] RE: SIV as WG item?

To: <simon at josefsson.org>
Subject: [TLS] RE: SIV as WG item?
From: <Pasi.Eronen at nokia.com>
Date: Mon, 14 Jan 2008 10:26:41 +0200
Cc: tls at ietf.org
In-reply-to: <87odbtpwu2.fsf@mocca.josefsson.org>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <B356D8F434D20B40A8CEDAEC305A1F24051748FC@esebe105.NOE.Nokia.com> <87odbtpwu2.fsf@mocca.josefsson.org>
Thread-index: AchTluHq6QWWwBHTSYu3XQFvRfyxlAC7yZxw
Thread-topic: SIV as WG item?

Simon Josefsson wrote:

> Generally speaking, I believe the crypto community will produce
> several AEAD cipher modes with rather different properties (speed,
> IV-use, provable security, patent status, and so on).
> 
> Having all those ciphers defined for TLS is an advantage, to allow
> interoperable testing.  What is less clear at this point is which of
> the alternatives to prefer.

Many of the arguments made in the recent discussion about IDEA
(e.g., more code means more complexity and less security in
practise, especially if some of that code is rarely used and thus
largely untested; and having too many "vanity" options just causes
problems) would suggest that having *all* those ciphers defined in
TLS would not be a such good idea.

This doesn't mean that we have to decide on a single AEAD mode, but
IMHO for any specs we write, we should have an expectation that it
will see non-insignificant real-world deployment (i.e., ends up
being used, as opposed to just being implemented by some library).

Best regards,
Pasi

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- [TLS] Re: SIV as WG item?
  - From: Simon Josefsson

References:
- [TLS] SIV as WG item?
  - From: Pasi.Eronen
- [TLS] Re: SIV as WG item?
  - From: Simon Josefsson

Prev by Date: [TLS] I-D Action:draft-ietf-tls-rsa-aes-gcm-01.txt
Next by Date: [TLS] Re: SIV as WG item?
Previous by thread: [TLS] Re: SIV as WG item?
Next by thread: [TLS] Re: SIV as WG item?
Index(es):
- Date
- Thread

[TLS] RE: SIV as WG item?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.