Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as WG item
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TLS] draft-badra-tls-psk-new-mac-aes-gcm as WG item
badra at isima.fr writes:
>> Badra, there is a problem in the current document. It is the same
>> problem I pointed out for TLS-RSA-AES-GCM: The Galois Counter mode can
>> fail to decrypt, and the document needs to describe how that should be
>> handled by implementations. I suggest to adopt the same fix made in
>>
>> http://www.ietf.org/internet-drafts/draft-ietf-tls-rsa-aes-gcm-03.txt
>>
>> specifically, to add:
>>
>> Implementations MUST send TLS Alert bad_record_mac for all types of
>> failures encountered in processing the AES-GCM algorithm.
>
> I adopted the same text, it is already included in section 2 (at the end).
Duh! Then I don't have any remaining issues for now, but will review it
again if it is adopteFrom tls-bounces at ietf.org Tue May 6 14:58:30 2008
Return-Path: <tls-bounces at ietf.org>
X-Original-To: tls-archive at ietf.org
Delivered-To: ietfarch-tls-archive at core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 2FC1B3A6931;
Tue, 6 May 2008 14:58:30 -0700 (PDT)
X-Original-To: tls at core3.amsl.com
Delivered-To: tls at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 341493A6931
for <tls at core3.amsl.com>; Tue, 6 May 2008 14:58:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5
tests=[AWL=-0.150, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32])
by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id C0C0ZrPAfKFO for <tls at core3.amsl.com>;
Tue, 6 May 2008 14:58:28 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39])
by core3.amsl.com (Postfix) with ESMTP id 51A783A6939
for <tls at ietf.org>; Tue, 6 May 2008 14:58:27 -0700 (PDT)
Received: from yxa.extundo.com ([83.241.177.38] helo=mocca.josefsson.org)
by yxa-v.extundo.com with esmtpsa (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32)
(Exim 4.63) (envelope-from <simon at josefsson.org>)
id 1JtVAx-00024x-5D; Tue, 06 May 2008 23:58:20 +0200
From: Simon Josefsson <simon at josefsson.org>
To: badra at isima.fr
References: <1696498986EFEC4D9153717DA325CB727BC503 at vaebe104.NOE.Nokia.com>
<48173B41.5000401 at bolyard.com>
<20080429152618.B25AD5081A at romeo.rtfm.com>
<48174BB8.7080009 at pobox.com>
<20080429202042.3E54E5081A at romeo.rtfm.com>
<4817BC5E.5000209 at pobox.com>
<20080430003846.0FA015081A at romeo.rtfm.com>
<57263.137.194.192.227.1209578312.squirrel at www.isima.fr>
<1696498986EFEC4D9153717DA325CB72809B90 at vaebe104.NOE.Nokia.com>
<87bq3j62io.fsf at mocca.josefsson.org>
<51758.88.164.98.77.1210089210.squirrel at www.isima.fr>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:080506:badra at isima.fr::Vn0HnYhkTPFrR3aL:3a9o
X-Hashcash: 1:22:080506:pasi.eronen at nokia.com::OuQnvs1yer0mQC31:9XQi
X-Hashcash: =?utf-8?Q?1=3A22=3A080506=3A=C2?=
tls at ietf.org::1kVAe2E5xK0JWLbT:nnZ5
Date: Tue, 06 May 2008 23:58:18 +0200
In-Reply-To: <51758.88.164.98.77.1210089210.squirrel at www.isima.fr>
(badra at isima.fr's message of "Tue, 6 May 2008 17:53:30 +0200 (CEST)")
Message-ID: <87hcdb14ed.fsf at mocca.josefsson.org>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux)
MIME-Version: 1.0
Cc: pasi.eronen at nokia.com, tls at ietf.org
Subject: Re: [TLS]
=?iso-8859-1?q?=A0=A0draft-badra-tls-psk-new-mac-aes-gcm=A0?=
=?iso-8859-1?q?as=A0WG=A0item?=
X-BeenThere: tls at ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:tls at ietf.org>
List-Help: <mailto:tls-request at ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request at ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces at ietf.org
Errors-To: tls-bounces at ietf.org
badra at isima.fr writes:
>> Badra, there is a problem in the current document. It is the same
>> problem I pointed out for TLS-RSA-AES-GCM: The Galois Counter mode can
>> fail to decrypt, and the document needs to describe how that should be
>> handled by implementations. I suggest to adopt the same fix made in
>>
>> http://www.ietf.org/internet-drafts/draft-ietf-tls-rsa-aes-gcm-03.txt
>>
>> specifically, to add:
>>
>> Implementations MUST send TLS Alert bad_record_mac for all types of
>> failures encountered in processing the AES-GCM algorithm.
>
> I adopted the same text, it is already included in section 2 (at the end).
Duh! Then I don't have any remaining issues for now, but will review it
again if it is adopted by thed by the WG and moves to WGLC.
Thanks,
Simon
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls
WG and moves to WGLC.
Thanks,
Simon
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
