Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm

To: <badra at isima.fr>
Subject: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
From: "Mark Tillinghast" <Mark_Tillinghast at symantec.com>
Date: Fri, 26 Sep 2008 15:19:42 -0700
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <53627.88.164.98.77.1222466018.squirrel at www.isima.fr>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <mailman.81.1222455607.10569.tls at ietf.org> <5FD537098FD21B439D882EEDD9299A233B2666 at TUS1XCHCLUPIN09.enterprise.veritas.com> <53627.88.164.98.77.1222466018.squirrel at www.isima.fr>
Sender: tls-bounces at ietf.org
Thread-index: AckgInfN+nlkPiBnTNGB/Q+2XFI08wAA0UiA
Thread-topic: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm

I am good with 4 Security Considerations amendments. That was exactly what I was hoping for.
Thanks
Mark

-----Original Message-----
From: badra at isima.fr [mailto:badra at isima.fr] 
Sent: Friday, September 26, 2008 2:54 PM
To: Mark Tillinghast
Cc: tls at ietf.org
Subject: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm

Dear Mark,

Thank you for your comments.

> Regarding
> http://www.ietf.org/internet-drafts/draft-ietf-tls-psk-new-mac-aes-gcm-0
> 3.txt
>
> 1. Please Replace:
> Due to recent analytic work on SHA-1 [Wang05], the IETF
>    is gradually moving away from SHA-1 and towards stronger hash
>    algorithms.
>
> with:
> Due to recent analytic work on SHA-1 [Wang05], the IETF
>    is moving away from SHA-1 and towards stronger hash
>    algorithms.

OK

> 2. I think it would be good to see some comment in the 4. security
> considerations regarding NULL_SHA384 NULL_SHA256.

What about adopting the same text of RFC 4785:

OLD:
   The security considerations in [RFC4279], [RFC4758] and [RFC5288]
   apply to this document as well.  In addition, as described in
   [RFC5288], these cipher suites may only be used with TLS 1.2 or
   greater.

NEW:
   The security considerations in [RFC4279], [RFC4758] and [RFC5288]
   apply to this document as well.  In particular, as authentication-only
   ciphersuites (with no encryption) defined here do not support
   confidentiality, care should be taken not to send sensitive information
   (such as passwords) over connections protected with one of the
   ciphersuites with NULL encryption defined in this document.

   As described in [RFC5288], the cipher suites defined in this document
   may only be used with TLS 1.2 or greater.

> Thanks,
> Mark

Best regards,
Badra
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
  - From: badra

Prev by Date: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
Next by Date: Re: [TLS] Fwd: Last Call: draft-rescorla-tls-suiteb (Suite B Cipher Suites for TLS) to Informational RFC
Previous by thread: Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm
Index(es):
- Date
- Thread

Re: [TLS] New version of draft-ietf-tls-psk-new -mac-aes-gcm

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.