I want to second that. I will note that RFC 7925 doesn't really point to any drawbacks of a short authentication tag, implying only that they are better because of their smaller size. The recent analysis we've done suggests that the small tag forces a tough trade-off between DoS resistance and forgery protection. I think that the mandatory suite should be more conservatively selected, even if the non-recommended suite is used for a more narrow set of cases.
On Sun, May 24, 2020, at 03:49, Eric Rescorla wrote: > I am in favor of adoption and am willing to review. > > I note that this requires CCM8. ISTM that the analysis of this we just > landed in DTLS should call this into question. > > -Ekr > > > On Fri, May 15, 2020 at 12:54 AM Valery Smyslov <val...@smyslov.net> wrote: > > Hi, > > > > during the last virtual interim meeting the > > draft-tschofenig-uta-tls13-profile-04 > > was discussed. The authors of the draft asked for its adoption by the WG > > and > > a > > quick poll during the meeting indicated that participants were in favor of > > the adoption. > > > > This message starts a two weeks call for adoption of the > > draft-tschofenig-uta-tls13-profile-04 draft to confirm the results we saw > > at > > the meeting. > > The call will end up 30 May 2020. Please send your opinions to the list > > before this date. > > > > Please if possible include any reasons supporting your opinion. If you > > support this adoption, > > please indicate whether you are ready to review this draft if it becomes a > > WG document. > > > > Regards, > > Leif & Valery. > > > > _______________________________________________ > > Uta mailing list > > Uta@ietf.org > > https://www.ietf.org/mailman/listinfo/uta > _______________________________________________ > Uta mailing list > Uta@ietf.org > https://www.ietf.org/mailman/listinfo/uta > _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
