ietf
[Top] [All Lists]

RE: Genart last call review of draft-ietf-tls-ecdhe-psk-aead-03

2017-05-18 12:50:22
Hi Dan, 

Thank you for your reviews and comments. I believe the following text provides 
more explanation on how the provided cipher suites are negotiated by TLS1.3 as 
well as why point codes defined in the document does not apply to TLS1.3. Feel 
free to let me know if that address your concern and I can publish version 04 
with the text below.

Unlike TLS1.2, TLS1.3 separates authentication and cipher suite negotiation 
<xref target="I-D.ietf-tls-tls13"/> Section 1.2. TLS1.3 supports PSK with ECDHE 
key exchange and the cipher suites TLS_AES_128_GCM_SHA256, 
TLS_AES_256_GCM_SHA384, TLS_AES_128_CCM_8_SHA256 and  TLS_AES_128_CCM_SHA256 
are part of the specification. As a result, TLS 1.3 and higher versions, 
negotiate and support these cipher suites in a different way.

I am not sure we  have to wait for the publication of TLS1.3 as changes on 
TLS1.3 are unlikely to impact the code point assigned. However, we currently 
have TLS1.3 as a normative reference. 

Yours, 
Daniel
-----Original Message-----
From: Dan Romascanu [mailto:dromasca(_at_)gmail(_dot_)com] 
Sent: Monday, May 15, 2017 6:47 AM
To: gen-art(_at_)ietf(_dot_)org
Cc: draft-ietf-tls-ecdhe-psk-aead(_dot_)all(_at_)ietf(_dot_)org; 
ietf(_at_)ietf(_dot_)org; tls(_at_)ietf(_dot_)org; dromasca(_at_)gmail(_dot_)com
Subject: Genart last call review of draft-ietf-tls-ecdhe-psk-aead-03

Reviewer: Dan Romascanu
Review result: Ready with Issues

I am the assigned Gen-ART reviewer for this draft. The General Area Review Team 
(Gen-ART) reviews all IETF documents being processed by the IESG for the IETF 
Chair.  Please treat these comments just like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-tls-ecdhe-psk-aead-??
Reviewer: Dan Romascanu
Review Date: 2017-05-15
IETF LC End Date: 2017-05-18
IESG Telechat date: 2017-05-25

Summary:

This is a straight-forward and clear document that defines several new cipher 
suites for the Transport Layer Security (TLS) protocol version
1.2 and higher, based on the Ephemeral Elliptic Curve Diffie-Hellman with 
Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated 
Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. The 
document is well written and I appreciate the effort to clarify in the 
Introduction the context, what was missing, and why the document is necessary. 
The document is Ready, there is one issue about support for TLS version 1.3 and 
higher that may need some text clarification. 

Major issues:

Minor issues:

Section 4 ('Applicable TLS Versions') describes in details how the cipher 
suites defined in the document make use of the authenticated encryption with 
additional data (AEAD) defined in TLS 1.2 [RFC5246] and DTLS 1.2 [RFC6347]. 
About TLS 1.3 it just says: 

' TLS 1.3 and above version, negotiate and support these cipher suites in a 
different way.'

This may raise some concerns as 'in a different way' is ambiguous, especially 
compared to the details included for TLS 1.2. Moreover, TLS
1.3 is still work-in-progress, and I believe that this document when approved 
needs to wait for TLS 1.3 to be approved for publication.
Will anything change, or need to be added? Some better clarification text would 
help IMO. 

Nits/editorial comments: 



<Prev in Thread] Current Thread [Next in Thread>