Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2022-01-26 Thread Thomas Fossati
From: UTA on behalf of Thomas Fossati > On the exponents reuse point you raised: > > From: Uta on behalf of Ilari Liusvaara > > > - Section 6.4: > > > > Reusing ECDH exponents is insecure unless one either: > > > > 1) Checks for point validity, or > > 2) Uses montgomery ladder with twist-secu

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2022-01-24 Thread Thomas Fossati
Hi Nimrod, > Nimrod Aviram wrote: > > I understand you're going with non-ephemeral finite-field > Diffie-Hellman as a SHOULD NOT? > Could you please elaborate on your reasons for this decision? I would expect that raising the normative bar to MUST NOT should come in a document with TLS WG consen

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2022-01-24 Thread Nimrod Aviram
Hi Thomas, I understand you're going with non-ephemeral finite-field Diffie-Hellman as a SHOULD NOT? Could you please elaborate on your reasons for this decision? thanks, Nimrod On Mon, 24 Jan 2022 at 11:43, Thomas Fossati wrote: > Hi Nimrod, > > > > Thanks for your comments and apologies for

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2022-01-24 Thread Thomas Fossati
Hi Nimrod, Thanks for your comments and apologies for the slow response time. From: Uta on behalf of Nimrod Aviram > Coauthor of draft-bartle-tls-deprecate-ffdhe here (the document is > undergoing reorganization, and the work-in-progress state can be found > here). > > draft-ietf-uta reference

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2022-01-24 Thread Thomas Fossati
Hi Ilari, thanks for the great feedback. On the exponents reuse point you raised: From: Uta on behalf of Ilari Liusvaara > - Section 6.4: > > Reusing ECDH exponents is insecure unless one either: > > 1) Checks for point validity, or > 2) Uses montgomery ladder with twist-secure curve. > > Curr

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-17 Thread Peter Saint-Andre
P.S. Following the authors' usual practice, we've opened GitHub issues for all the feedback received so far and will discuss amongst ourselves before posting to the list: https://github.com/yaronf/I-D/issues?q=is%3Aissue+is%3Aopen+label%3ABCP195 On 12/16/21 8:52 AM, Yaron Sheffer wrote: Here’s

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-16 Thread Salz, Rich
I am reading this now. It’s good, I like it. One nit; should Section 4.2 be titled “Cipher Suites for TLS 1.2” ? In section 6.4, the “(e.g., even more than a few hours)” should probably replace it with “(in some cases, even as little as a few hours)” but it would be REALLY helpful for guidance

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-16 Thread Nimrod Aviram
Hi Everyone, Coauthor of draft-bartle-tls-deprecate-ffdhe here (the document is undergoing reorganization, and the work-in-progress state can be found here

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-16 Thread Yaron Sheffer
Here’s a quick reminder to those who have not reviewed the document yet, there’s still a few days until the WGLC deadline. Thanks to those who already responded with comments, and we are looking forward to more. Best,    Yaron  On 12/7/21, 15:00, "Valery Smyslov" wrote:Hi, this message

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-11 Thread Ilari Liusvaara
On Tue, Dec 07, 2021 at 03:59:50PM +0300, Valery Smyslov wrote: > Hi, > > this message starts a Working Group Last Call for > draft-ietf-uta-rfc7525bis-04: > https://datatracker.ietf.org/doc/draft-ietf-uta-rfc7525bis/ > > The WGLC will last for two weeks and will end on December the 21st. > Plea

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-10 Thread Sean Turner
> On Dec 9, 2021, at 16:11, Julien ÉLIE wrote: > > Note that I-D.ietf-tls-dtls13 is RFC 9147 (though still in AUTH48). On the DTLS1.3 I-D’s status: there were two late stage changes 1) the narrow epoch for long-lived connections, and 2) the ambiguous message_hash construction. The WG has sett

Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-09 Thread Julien ÉLIE
Hi all, this message starts a Working Group Last Call for draft-ietf-uta-rfc7525bis-04: https://datatracker.ietf.org/doc/draft-ietf-uta-rfc7525bis/ The WGLC will last for two weeks and will end on December the 21st. Please send your comments to the list before this date. Great job! I've only

[Uta] WGLC for draft-ietf-uta-rfc7525bis-04

2021-12-07 Thread Valery Smyslov
Hi, this message starts a Working Group Last Call for draft-ietf-uta-rfc7525bis-04: https://datatracker.ietf.org/doc/draft-ietf-uta-rfc7525bis/ The WGLC will last for two weeks and will end on December the 21st. Please send your comments to the list before this date. Regards, Leif & Valery. ___