[Top] [All Lists]

Re: [TLS] Last Call: 'ECC Cipher Suites for TLS' to Informational RFC

2005-11-14 07:54:28
I am reviewing the most recent ECC in TLS draft (draft-ietf-tls- ecc-12.txt) for its adoption in Mozilla's Netscape Security Services library, and have noted some issues that I believe should resolved before the draft is approved as an Informational RFC.

1. DES is listed as the encryption mechanism for one of the cipher suites, namely TLS_ECDH_ECDSA_WITH_DES_CBC_SHA. No other key agreement / signature combinations in the draft include the DES cipher and I recommend that this cipher suite be eliminated. The small key size of DES makes it inappropriate for use with any named elliptic curve in the draft. This would probably require renumbering the cipher suites to maintain sequential numbering, and I recommend changing the number of TLS_ECDH_ECDSA_WITH_NULL_SHA to 0xC0, 0x01 and TLS_ECDH_ECDSA_WITH_RC4_128_SHA to 0xC0, 0x02, minimizing the total number of changes required.

2. It appears that there is an error in the name of one of the cipher suites. All of the cipher suites using NULL for bulk encryption are of the form "..._WITH_NULL_SHA", but the cipher suite TLS_ECDH_anon_NULL_WITH_SHA is not named in a similar way. I recommend changing its name to TLS_ECDH_anon_WITH_NULL_SHA.


The IESG has received a request from the Transport Layer Security WG to
consider the following document:

- 'ECC Cipher Suites for TLS '
   <draft-ietf-tls-ecc-12.txt> as an Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action.  Please send any comments to the
iesg(_at_)xxxxxxxx or ietf(_at_)xxxxxxxx mailing lists by 2005-11-22.

The file can be obtained via

Ietf mailing list

<Prev in Thread] Current Thread [Next in Thread>