[TLS] TLS 1.3 and max_fragment_length
When we added padding to TLS 1.3, we created an ambiguity with the max_fragment_length extension. Does the limit apply to len(TLSInnerPlaintext) or does it apply to len(TLSInnerPlaintext.content) (i.e., TLSPlaintext.length)? That is, does is include the padding and content type, or not? Including the padding would recognize the limitations apply to handling large blobs of encrypted data (see earlier email from Thomas Pornin). That would be my preference. I think that we need to say that though. I guess the second-order question is whether to roll RFC6066-bis or patch these things in TLS 1.3 directly. (BTW, RFC 6066 is quite poor. It's not very precise in identifying what it is talking about, it also describes a negotiation design unlike anything else in TLS, one that can't be extended ever.) ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] Interest in draft-sullivan-tls-exported-authentication
Can you help me understand what this means? servers that are authoritative for multiple domains the same connection but do not have a certificate that is simultaneously authoritative for all of them I'm sure there's a word or two missing between "domains" and "the" in the first line, but I'm not sure what they are. More generally, it's great to see a replacement for renegotiation. Can you expand (maybe just here?) on the last paragraph of the security considerations? I think you mean that the sender of an authenticator can't tell when it was received & understood. But I'm not sure the receiver can tell when it was sent---say, in the case of a smartcard insertion, or access to a key from satisfying some local attestation scheme, whether that key access precedes or follows the sending of a request. -Brian Nick Sullivanwrites: > All, > > I have updated the draft in preparation for the IETF 98: > https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-01 > > The details of the protocol haven't changed, but I've included some > security considerations after speaking with Karthikeyan Bhargavan and > others about the cryptographic soundness of the construction. > > Nick > > On Tue, Jan 3, 2017 at 8:59 PM Joseph Salowey wrote: > >> There seemed to be support for draft-sullivan-tls-exported-authentication >> (https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-00) >> in Seoul. Since there has not been much discussion of this draft on the >> list we are giving the working group a chance to review the draft before >> calling for adoption later this month. >> >> Cheers, >> >> J >> ___ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- Brian Sniffen Akamai Technologies ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] Interest in draft-sullivan-tls-exported-authentication
All, I have updated the draft in preparation for the IETF 98: https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-01 The details of the protocol haven't changed, but I've included some security considerations after speaking with Karthikeyan Bhargavan and others about the cryptographic soundness of the construction. Nick On Tue, Jan 3, 2017 at 8:59 PM Joseph Saloweywrote: > There seemed to be support for draft-sullivan-tls-exported-authentication > (https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-00) > in Seoul. Since there has not been much discussion of this draft on the > list we are giving the working group a chance to review the draft before > calling for adoption later this month. > > Cheers, > > J > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
[TLS] Updated DTLS draft
I have just posted a new version of the DTLS 1.3 draft, updated for draft-19. It's still very rough with a lot of open issues (some of which are even noted in the draft), and no doubt contains egregious errors. https://tools.ietf.org/html/draft-rescorla-tls-dtls13-01 As usual, comments welcome. -Ekr ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
[TLS] I-D Action: draft-ietf-tls-rfc4492bis-15.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security of the IETF. Title : Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier Authors : Yoav Nir Simon Josefsson Manuel Pegourie-Gonnard Filename: draft-ietf-tls-rfc4492bis-15.txt Pages : 33 Date: 2017-03-13 Abstract: This document describes key exchange algorithms based on Elliptic Curve Cryptography (ECC) for the Transport Layer Security (TLS) protocol. In particular, it specifies the use of Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) key agreement in a TLS handshake and the use of Elliptic Curve Digital Signature Algorithm (ECDSA) and Edwards Digital Signature Algorithm (EdDSA) as authentication mechanisms. This document obsoletes and replaces RFC 4492. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-rfc4492bis/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-tls-rfc4492bis-15 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-rfc4492bis-15 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] WGLC: draft-ietf-tls-tls13-19
Note to Ilari: I have already taken your email as WGLC comments, so no need to re-send. -Ekr On Mon, Mar 13, 2017 at 10:30 AM, Sean Turnerwrote: > This is a working group last call announcement for > draft-ietf-tls-tls13-19, to run through March 27. Please send your reviews > to the list as soon as possible so we can prepare for any discussion of > open issues at IETF 98 in Chicago. > > Thanks, > J > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
[TLS] WGLC: draft-ietf-tls-tls13-19
This is a working group last call announcement for draft-ietf-tls-tls13-19, to run through March 27. Please send your reviews to the list as soon as possible so we can prepare for any discussion of open issues at IETF 98 in Chicago. Thanks, J ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls