Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm

To: Mark�Tillinghast� <Mark_Tillinghast at symantec.com>
Subject: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
From: badra at isima.fr
Date: Fri, 26 Sep 2008 23:53:38 +0200 (CEST)
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
Importance: Normal
In-reply-to: <5FD537098FD21B439D882EEDD9299A233B2666 at TUS1XCHCLUPIN09.enterprise.ver itas.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <mailman.81.1222455607.10569.tls at ietf.org> <5FD537098FD21B439D882EEDD9299A233B2666 at TUS1XCHCLUPIN09.enterprise.veritas.com>
Sender: tls-bounces at ietf.org
User-agent: SquirrelMail/1.4.2

Dear Mark,

Thank you for your comments.

> Regarding
> http://www.ietf.org/internet-drafts/draft-ietf-tls-psk-new-mac-aes-gcm-0
> 3.txt
>
> 1. Please Replace:
> Due to recent analytic work on SHA-1 [Wang05], the IETF
>    is gradually moving away from SHA-1 and towards stronger hash
>    algorithms.
>
> with:
> Due to recent analytic work on SHA-1 [Wang05], the IETF
>    is moving away from SHA-1 and towards stronger hash
>    algorithms.

OK

> 2. I think it would be good to see some comment in the 4. security
> considerations regarding NULL_SHA384 NULL_SHA256.

What about adopting the same text of RFC 4785:

OLD:
   The security considerations in [RFC4279], [RFC4758] and [RFC5288]
   apply to this document as well.  In addition, as described in
   [RFC5288], these cipher suites may only be used with TLS 1.2 or
   greater.

NEW:
   The security considerations in [RFC4279], [RFC4758] and [RFC5288]
   apply to this document as well.  In particular, as authentication-only
   ciphersuites (with no encryption) defined here do not support
   confidentiality, care should be taken not to send sensitive information
   (such as passwords) over connections protected with one of the
   ciphersuites with NULL encryption defined in this document.

   As described in [RFC5288], the cipher suites defined in this document
   may only be used with TLS 1.2 or greater.

> Thanks,
> Mark

Best regards,
Badra
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
  - From: Mark Tillinghast

Prev by Date: Re: [TLS] New version of draft-ietf-tls-psk-new-mac-aes-gcm
Next by Date: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
Previous by thread: [TLS] I-D Action:draft-ietf-tls-psk-new-mac-aes-gcm-03.txt
Next by thread: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
Index(es):
- Date
- Thread

Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.