Thanks I will add these by the end of the day. Yours, Daniel On Mon, May 22, 2017 at 1:56 PM, Benjamin Kaduk <bka...@akamai.com> wrote:
> Thanks for the updates; the new revision addresses my concerns raised in > the secdir review. > > However, > > % In addition, it is worth noting that TLS 1.0 [RFC2246] and TL1.2 > % [RFC4346] splits the pre-master in two parts. > > s/TL1.2/TLS 1.1/, and maybe the ending as "split the pre-master secret > into two parts". > > % the PSK and pre-master are treated by > % distinct hash function with distinct properties. > > s/pre-master/ECDHE shared secret/? > > -Ben > > > On 05/19/2017 03:18 PM, Daniel Migault wrote: > > Hi, > > Thank you to all reviewers for their feed backs. Please find the latest > version, which as far as I know includes all comments. Comments were not > controversial. In order to raise next reviews I am raising aspects that might > need a bit more attention. > > 1) The current document mentions I-D.ietf-tls-rfc4492bis and > I-D.ietf-tls-tls13 as normative. We can wait for these documents to become > RFCs, but we can also dowref them to informational reference if we want to > move that document forward. I will leave the AD to decide, and changes if > needed can be done by the RFC -editor > > 2) Section 4 has the following text: > > """In the case of ECDHE_PSK authentication, the PSK and pre-master are > treated by distinct hash function with distinct properties. This may > introduce vulnerabilities over the expected security provided by the > constructed pre-master. As such TLS 1.0 and TLS 1.1 should not be used with > ECDHE_PSK. """ > > With EDCHE_PSK being the ECDHE PSK method not restricted to the cipher suites > defined in the document. I just want to make sure we are ok with the last > sentence. > > Yours, > Daniel > > -----Original Message----- > From: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org > <internet-dra...@ietf.org>] > Sent: Friday, May 19, 2017 4:03 PM > To: John Mattsson <john.matts...@ericsson.com> <john.matts...@ericsson.com>; > Daniel Migault <daniel.miga...@ericsson.com> <daniel.miga...@ericsson.com>; > tls-cha...@ietf.org > Subject: New Version Notification for draft-ietf-tls-ecdhe-psk-aead-04.txt > > > A new version of I-D, draft-ietf-tls-ecdhe-psk-aead-04.txt > has been successfully submitted by Daniel Migault and posted to the IETF > repository. > > Name: draft-ietf-tls-ecdhe-psk-aead > Revision: 04 > Title: ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for > Transport Layer Security (TLS) > Document date: 2017-05-18 > Group: tls > Pages: 8 > URL: > https://www.ietf.org/internet-drafts/draft-ietf-tls-ecdhe-psk-aead-04.txt > Status: > https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ > Htmlized: https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-04 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-ietf-tls-ecdhe-psk-aead-04 > Diff: > https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-ecdhe-psk-aead-04 > > Abstract: > This document defines several new cipher suites for the Transport > Layer Security (TLS) protocol. The cipher suites are all based on > the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key > (ECDHE_PSK) key exchange together with the Authenticated Encryption > with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK > provides light and efficient authentication, ECDHE provides forward > secrecy, and AES-GCM and AES-CCM provides encryption and integrity > protection. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > _______________________________________________ > TLS mailing listTLS@ietf.orghttps://www.ietf.org/mailman/listinfo/tls > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
