| Re: crypto algorithms for DTLS | <– Date –> <– Thread –> |
From: Abhijit Choudhury (achoudhu) (achoudhu cisco.com)
|
|
| Date: Wed, 9 Jul 2008 11:23:11 -0700 (PDT) | |
Hi Dorothy, Please note that AES-GCM requires TLS1.2 which is currently in AUTH48 state in the RFC-editors queue and should be published shortly. DTLS1.2, which is based on TLS1.2, is working group item and will most likely make it to last call after next IETF. I would suggest we reference TLS1.2 and add the AES-GCM ciphersuites as MAY. Also, in order to ensure that CAPWAP track DTLS better, we should change the text in section 2.4.4.1 from "Note that only block ciphers are currently recommended for use with DTLS. To understand the reasoning behind this, see [DTLS-DESIGN]." To "CAPWAP implementations only use cipher suites that are recommended for use with DTLS. Note that certain stream ciphers, such as RC4, that cannot be randomly accessed may not be used with DTLS." Thoughts ? Abhijit -----Original Message----- From: Dorothy.Gellert [at] nokia.com [mailto:Dorothy.Gellert [at] nokia.com] Sent: Tuesday, July 08, 2008 4:17 PM To: Pat Calhoun (pacalhou); skelly [at] arubanetworks.com; Abhijit Choudhury (achoudhu) Cc: capwap [at] frascone.com Subject: RE: [Capwap] crypto algorithms for DTLS Hi All, Are there any objections in the WG to adding the following cipher suites: TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_DH_RSA_WITH_AES_256_GCM_SHA384 to the base spec as a MAY? If not, based on the list discussion and approved draft status of draft-ietf-tls-rsa-aes-gcm-03.txt, I support including these cipher suites as a MAY in the next(last) WGLC. Best Regards, Dorothy > -----Original Message----- > From: ext Pat Calhoun (pacalhou) [mailto:pcalhoun [at] cisco.com] > Sent: Tuesday, July 08, 2008 4:06 PM > To: Scott Kelly; Abhijit Choudhury (achoudhu) > Cc: capwap > Subject: Re: [Capwap] crypto algorithms for DTLS > > Oh, and just to make sure, if we were to go ahead with this, the > following cipher suites would be added: > > TLS_RSA_WITH_AES_128_GCM_SHA256 > TLS_DH_RSA_WITH_AES_256_GCM_SHA384 > > Right? > > PatC > > -----Original Message----- > From: Pat Calhoun (pacalhou) > Sent: Tuesday, July 08, 2008 3:57 PM > To: Scott Kelly; Abhijit Choudhury (achoudhu) > Cc: capwap > Subject: Re: [Capwap] crypto algorithms for DTLS > > CAPWAP Chairs, > > I am done with the edits, and ready to submit the spec for the WG Last > Call. This is a new feature, and we had agreed to defer to the next > version of the protocol. However, the IETF has completed the long > pole, and the change, as a MAY, is fairly minor. What would you > recommend? > > PatC > > -----Original Message----- > From: Scott Kelly [mailto:skelly [at] arubanetworks.com] > Sent: Tuesday, July 08, 2008 3:42 PM > To: Abhijit Choudhury (achoudhu) > Cc: capwap > Subject: Re: [Capwap] crypto algorithms for DTLS > > Hi Abhijit, > > > > > Folks, > > > > The issue of using AES-GCM as a cipher-suite for CAPWAP/DTLS was > > discussed in the list about a year ago. (Please refer to > CAPWAP issue > > > 7 > > (http://www.capwap.org/cgi-bin/roundup.cgi/CAPWAP/issue7) > > > > Due to the use of DTLS, we were stuck with TLS ciphersuites. > > To use GCM we would require a TLS GCM ciphersuite. We > discussed this > > at an ad-hoc meeting, and decided to defer this feature, as GCM was > > not a TLS ciphersuite, and there was no document to reference. > > > > However, since that time, use of AES-GCM has been approved > in the TLS > > working group, and we have an approved draft > > https://datatracker.ietf.org/idtracker/draft-ietf-tls-rsa-aes-gcm/ > > > > As noted in the original email, there is a lot of momentum > behind this > > > crypto algorithm, and it results in significant improvements in > > throughput in either HW or SW implementations. > > > > Could we address this issue in the current spec and make AES-GCM an > > ciphersuite that can be used with CAPWAP/DTLS ? > > I have no objections to adding support for AES-GCM as a MAY. > The original proposal suggested making it mandatory to implement, but > given the current lack of support in commodity crypto HW, I don't > think this would be appropriate at this time. > > --Scott > > > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: > http://lists.frascone.com/mailman/listinfo/capwap > > Archives: http://lists.frascone.com/pipermail/capwap > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: > http://lists.frascone.com/mailman/listinfo/capwap > > Archives: http://lists.frascone.com/pipermail/capwap > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: > http://lists.frascone.com/mailman/listinfo/capwap > > Archives: http://lists.frascone.com/pipermail/capwap >
- Re: crypto algorithms for DTLS, (continued)
- Re: crypto algorithms for DTLS Dorothy.Gellert, July 8 2008
- Re: crypto algorithms for DTLS Abhijit Choudhury (achoudhu), July 9 2008
- Re: crypto algorithms for DTLS Scott Kelly, July 9 2008
- Re: crypto algorithms for DTLS Joseph Salowey (jsalowey), July 9 2008
- Re: crypto algorithms for DTLS Abhijit Choudhury (achoudhu), July 9 2008
- Re: crypto algorithms for DTLS Pat Calhoun (pacalhou), July 9 2008
- Re: crypto algorithms for DTLS Pat Calhoun (pacalhou), July 9 2008
- Re: crypto algorithms for DTLS Scott Kelly, July 9 2008
- Re: crypto algorithms for DTLS Abhijit Choudhury (achoudhu), July 9 2008
Results generated by Tiger Technologies using MHonArc.