There's a typo on "Triple Hanshake" and "the are" instead of "there are".
The mention of AES-GCM is only optimal if using hardware and counters (see the router link below), otherwise the random nonce is too small. I'm not sure if this is a practical issue for implementations. I would like if the implementation issues section had a section on libraries not filtering out obsolete signature algorithms and cipher suites, and not checking small key sizes (even on the root certificate): http://googleonlinesecurity.blogspot.com/2013/11/a-roster-of-tls-cipher-suites-weaknesses.html https://wiki.mozilla.org/CA:MD5and1024 http://csrc.nist.gov/groups/ST/hash/policy.html Additionally, the URL to Georgiev2012 is to http://doi.acm.org/10.1145/2382196.2382204 which is a paywalled site: it would be more effective for readers if it pointed to the accessable URL http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf Will Sargent Consultant, Professional Services Typesafe <http://typesafe.com>, the company behind Play Framework <http://www.playframework.com>, Akka <http://akka.io> and Scala <http://www.scala-lang.org/> On Tue, Aug 12, 2014 at 1:55 PM, Yaron Sheffer <[email protected]> wrote: > Dear UTA folks, > > This version incorporates feedback from shortly before, during and > following the Toronto meeting. The changes are: > > o Added implementation issues ("most dangerous code"), > renegotiation, triple handshake. > > o Added text re: mitigation of Lucky13. > > o Added applicability to DTLS. > > Please review and comment on the list. > > Thanks, > Yaron > > -------- Forwarded Message -------- > Subject: New Version Notification for draft-ietf-uta-tls-attacks-02.txt > Date: Tue, 12 Aug 2014 04:25:18 -0700 > From: [email protected] > To: Yaron Sheffer <[email protected]>, Ralph Holz <[email protected]>, > Peter Saint-Andre <[email protected]>, Ralph Holz <[email protected]>, > Peter Saint-Andre <[email protected]>, Yaron Sheffer <[email protected]> > > > A new version of I-D, draft-ietf-uta-tls-attacks-02.txt > has been successfully submitted by Yaron Sheffer and posted to the > IETF repository. > > Name: draft-ietf-uta-tls-attacks > Revision: 02 > Title: Summarizing Current Attacks on TLS and DTLS > Document date: 2014-08-12 > Group: uta > Pages: 10 > URL: http://www.ietf.org/internet-drafts/draft-ietf-uta-tls-attacks-02.txt > Status: https://datatracker.ietf.org/doc/draft-ietf-uta-tls- > attacks/ > Htmlized: http://tools.ietf.org/html/draft-ietf-uta-tls-attacks-02 > Diff: http://www.ietf.org/rfcdiff?url2=draft-ietf-uta-tls-attacks-02 > > Abstract: > Over the last few years there have been several serious attacks on > TLS, including attacks on its most commonly used ciphers and modes of > operation. This document summarizes these attacks, with the goal of > motivating generic and protocol-specific recommendations on the usage > of TLS and DTLS. > > > > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > _______________________________________________ > Uta mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/uta >
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
