I am reviewing the most recent ECC in TLS draft (draft-ietf-tls-
ecc-12.txt) for its adoption in Mozilla's Netscape Security Services
library, and have noted some issues that I believe should resolved
before the draft is approved as an Informational RFC.
1. DES is listed as the encryption mechanism for one of the cipher
suites, namely TLS_ECDH_ECDSA_WITH_DES_CBC_SHA. No other key
agreement / signature combinations in the draft include the DES
cipher and I recommend that this cipher suite be eliminated. The
small key size of DES makes it inappropriate for use with any named
elliptic curve in the draft. This would probably require renumbering
the cipher suites to maintain sequential numbering, and I recommend
changing the number of TLS_ECDH_ECDSA_WITH_NULL_SHA to 0xC0, 0x01 and
TLS_ECDH_ECDSA_WITH_RC4_128_SHA to 0xC0, 0x02, minimizing the total
number of changes required.
2. It appears that there is an error in the name of one of the cipher
suites. All of the cipher suites using NULL for bulk encryption are
of the form "..._WITH_NULL_SHA", but the cipher suite
TLS_ECDH_anon_NULL_WITH_SHA is not named in a similar way. I
recommend changing its name to TLS_ECDH_anon_WITH_NULL_SHA.
The IESG has received a request from the Transport Layer Security
consider the following document:
- 'ECC Cipher Suites for TLS '
<draft-ietf-tls-ecc-12.txt> as an Informational RFC
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send any comments to the
iesg(_at_)xxxxxxxx or ietf(_at_)xxxxxxxx mailing lists by 2005-11-22.
The file can be obtained via
Ietf mailing list