See my response inline. -----Ursprüngliche Nachricht----- Von: Hubert Kario [mailto:hka...@redhat.com] Gesendet: Montag, 3. September 2018 13:19 An: tls@ietf.org Cc: Bruckert, Leonie Betreff: Re: [TLS] WG: New Version Notification for draft-bruckert-brainpool-for-tls13-00.txt
*** gpg4o | Die E-Mail wurde von einem unbekannten Schlüssel unterzeichnet: 92A8D1B801D2F5F5 *** On Sunday, 2 September 2018 15:30:45 CEST Bruckert, Leonie wrote: > Htmlized: > https://tools.ietf.org/html/draft-bruckert-brainpool-for-tls13-00 > > Abstract: > > This document specifies the use of several ECC Brainpool curves for > > authentication and key exchange in the Transport Layer Security (TLS) > > protocol version 1.3. So I understand why you need SignatureScheme registrations, but I'm completely missing the need for NamedGroup registrations – are the 26, 27 and 28 tainted somehow? Yes! In section B.3.1.4 (https://tools.ietf.org/html/rfc8446#appendix-B.3.1.4) these numbers are deprecated. For a previous discussion on the tls mailing list see https://www.ietf.org/mail-archive/web/tls/current/msg26646.html I also don't see the need to redefine curves from RFC 5639. I referred to RFC 5639 since it defines the Brainpool curve parameters first, without any relation to protocols. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
