Re: [TLS] AD review of draft-ietf-tls-encrypt-then-mac
"Christian Kahlo" <christian.kahlo@ageto.net> Wed, 04 June 2014 13:01 UTC
Return-Path: <christian.kahlo@ageto.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F10F1A01D2 for <tls@ietfa.amsl.com>; Wed, 4 Jun 2014 06:01:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vgqYEWbGlbLP for <tls@ietfa.amsl.com>; Wed, 4 Jun 2014 06:01:20 -0700 (PDT)
Received: from mail-we0-f180.google.com (mail-we0-f180.google.com [74.125.82.180]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE4801A01F4 for <tls@ietf.org>; Wed, 4 Jun 2014 06:01:13 -0700 (PDT)
Received: by mail-we0-f180.google.com with SMTP id q58so8437038wes.39 for <tls@ietf.org>; Wed, 04 Jun 2014 06:01:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:reply-to:from:to:references :in-reply-to:subject:date:organization:mime-version:content-type :content-transfer-encoding:thread-index:content-language; bh=DNOYNNWk+SV4wr/pArwIgNvy9rTgCjZ/VWQ966z06y8=; b=eb34EzFDy5ZNn4WCJAdzkKz1t8JuSOHi6Kiv3vIaaEabQTp2LGYzVa2KqO95s8IWdH 9nC7sGSWnnhjG41iJqf1avuT7xzXqVWpnfrUusjrWvP3vUfIwm3BZIvOoNVtZhLAtpj0 nPEdNRqjVU9peLZQhySpI1ZhFXixbuzwyfYIh8Tqnm8kCBIlpGEpGl5VGKHHBmP6kLhE kQsrB/9XlCQpY7ndGqfwobqUvh7mdrFDb5/7EMp/qyQvkofKD+KWytVmQ6hN9Lir7h8I Kg5sw3eXI61b+DHrxcr52YTvZLbOgD6GXvGBI3t8O5h7+UPK77Qk+ASP5/bDv0IAfu/b 34bQ==
X-Gm-Message-State: ALoCoQndtOV5eKXU2UVReT+eogt5+OuQfS564ogvIadMf35hAF25KSiRn1APib/Cp1qXdI4iqvPX
X-Received: by 10.15.33.140 with SMTP id c12mr1017498eev.41.1401886866438; Wed, 04 Jun 2014 06:01:06 -0700 (PDT)
Received: from THINK2 ([82.119.170.75]) by mx.google.com with ESMTPSA id w9sm5663622eev.4.2014.06.04.06.01.04 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 04 Jun 2014 06:01:05 -0700 (PDT)
Message-ID: <538f1891.092b0f0a.6229.ffffd809@mx.google.com>
X-Google-Original-Message-ID: <000001cf7ff5$0b7202d0$22560870$@kahlo@ageto.net>
From: Christian Kahlo <christian.kahlo@ageto.net>
To: 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>, 'Sean Turner' <TurnerS@ieca.com>, tls@ietf.org
References: <F4D41247-9B3F-43A2-9E19-E1A547A6930B@ieca.com> <538F0C88.7030107@cs.tcd.ie>
In-Reply-To: <538F0C88.7030107@cs.tcd.ie>
Date: Wed, 04 Jun 2014 15:01:03 +0200
Organization: AGETO Innovation GmbH
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac9/7fWCQLivYJS6Rdi1elp8u7i1dgAATG8g
Content-Language: de
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/FXZyhp96cUy-z0yh8cfqhIKX7ks
Subject: Re: [TLS] AD review of draft-ietf-tls-encrypt-then-mac
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: c.kahlo@ageto.net
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jun 2014 13:01:22 -0000
Hi there, > On 04/06/14 01:49, Sean Turner wrote: > > draft-ietf-tls-encrypt-then-mac has completed WGLC, the latest > version > > addresses all outstanding issues. I've entered a Shepherd write-up, > > and am passing the buck to our AD. Stay tuned for an AD review. > > section 3: "Once the use of encrypt-then-MAC has been negotiated..." do > you need to be more explicit about this? > The client clearly has to start by sending the extension, but MUST the > server also include the response extension as well, or can a server > just start using e-t-m if a client has sent it the extension? (You do > say that if the server is using a stream cipher or AEAD then the server > MUST NOT send the response extension.) This might be determined in 5246 > already, but even so might be worth repeating here. writing as the guy who did the first public testable implementation (eid.vx4.net) a server MUST send the extension if it was received from the client and the server wants to negotiate ETM. Otherwise the client wouldn't know how to encipher/decipher messages. This shouldn't be implicit. The part about AEAD and stream ciphers is correct so far. Best regards, Christian
- [TLS] progressing draft-ietf-tls-encrypt-then-mac Sean Turner
- Re: [TLS] progressing draft-ietf-tls-encrypt-then… Stephen Farrell
- [TLS] AD review of draft-ietf-tls-encrypt-then-mac Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-encrypt-the… Christian Kahlo