[TLS] TLS 1.3 research papers

2017-10-04 Thread Neetish Pathak
Could you please suggest few research papers (apart from TLS 1.3 draft) on TLS 1.3 that may be helpful to understand TLS 1.3 implementation and performance. Is there any research available on TLS 1.3 performance benchmarking? Some papers which I am referring right now are: 1. A

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Salz, Rich
* If an item is marked as not recommended it does not necessarily mean that it is flawed, rather, it indicates that either the item has not been through the IETF consensus process or the item has limited applicability to specific cases. Perhaps change the list “to” to “intended for” ?

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Andrei Popov
It seems that CCM_8 falls in the “limited applicability” bucket. However, there’s nothing wrong with IoT specs requiring these ciphers in their TLS profiles. Cheers, Andrei From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Joseph Salowey Sent: Wednesday, October 4, 2017 11:42 AM To: Salz,

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Joseph Salowey
The current editor's copy of the draft has the following text about the recommended column: The instructions in this document add a recommended column to many of the TLS registries to indicate parameters that are generally recommended for implementations to support. Adding a recommended parameter

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Don Sturek
Hi Russ, At the upcoming IEEE 802.15 meeting in Orlando, we (vendors using IEEE 802.15.4) plan a presentation on support for AES-256 in an upcoming version of the 802.15.4 standard. In the Wi-SUN Alliance, we are using TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 now. It would be great to at least not

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Yoav Nir
> On 4 Oct 2017, at 16:29, Russ Housley wrote: > > >> On Oct 4, 2017, at 3:30 AM, Yoav Nir > > wrote: >> >>(IoT) - This requirement is for interoperability with IoT. Only >>128-bit keys are at the given level. >

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Russ Housley
> On Oct 4, 2017, at 3:30 AM, Yoav Nir wrote: > >(IoT) - This requirement is for interoperability with IoT. Only >128-bit keys are at the given level. If the IoT environment is willing to accept lower integrity protection in order to save a few bits on the

Re: [TLS] Should CCM_8 CSs be Recommended?

2017-10-04 Thread Yoav Nir
What we did in IPsec in RFC-tp-be 8221 is the following. This (including the IoT marker) is also going to appear in the IANA registry: +-++-++ | Name| Status | AEAD| Comment|