Correct. -----Original Message----- From: ilariliusva...@welho.com [mailto:ilariliusva...@welho.com] Sent: Friday, December 15, 2017 9:46 AM To: Andrei Popov <andrei.po...@microsoft.com> Cc: Colm MacCárthaigh <c...@allcosts.net>; tls@ietf.org Subject: Re: [TLS] A closer look at ROBOT, BB Attacks, timing attacks in general, and what we can do in TLS
On Fri, Dec 15, 2017 at 02:57:33PM +0000, Andrei Popov wrote: > From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Ilari Liusvaara > > Even nastier dependency: SHA-2. If that breaks, currently both TLS > > 1.2 and 1.3 break. There are no alternatives defined. > > Here's an attempt to define a SHA-2 alternative: > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools > .ietf.org%2Fhtml%2Fdraft-wconner-blake2sigs-01&data=04%7C01%7CAndrei.P > opov%40microsoft.com%7C30de6e3a48024110441608d543e3c8b7%7C72f988bf86f1 > 41af91ab2d7cd011db47%7C1%7C0%7C636489567969040822%7CUnknown%7CTWFpbGZs > b3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwifQ%3D%3D%7C-1& > sdata=f72MvX0ydw5WvjkvngbY39sai8v9oOc5ZUYZOQI3XmI%3D&reserved=0 Also would need TLS ciphersuite codepoints with alternative handshake hash algorithms. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
