Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2
draft-ietf-tls-ecdhe-psk-aead-05

Yes

(Alexey Melnikov)

(Kathleen Moriarty)

No Objection

(Adam Roach)

(Alia Atlas)

(Alissa Cooper)

(Alvaro Retana)

(Ben Campbell)

(Benoît Claise)

(Deborah Brungard)

(Eric Rescorla)

(Mirja Kühlewind)

(Spencer Dawkins)

(Suresh Krishnan)

Note: This ballot was opened for revision 03 and is now closed.

Alexey Melnikov Former IESG member

Yes

Yes (for -04) Unknown

Kathleen Moriarty Former IESG member

Yes

Yes (for -03) Unknown

Adam Roach Former IESG member

No Objection

No Objection (2017-05-23 for -04) Unknown

I agree with EKR's discuss -- specifying semantics for these ciphersuites with TLS 1.0 and 1.1 is a material change, and the proposed mechanism (in which servers are encouraged to infer 1.2 support even in the absence of explicit indication) is a bit baffling.

Given the scope this document covers, I recommend adding "1.2" to the title of the document. (e.g.: "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)")

Alia Atlas Former IESG member

No Objection

No Objection (for -04) Unknown

Alissa Cooper Former IESG member

No Objection

No Objection (for -04) Unknown

Alvaro Retana Former IESG member

No Objection

No Objection (for -04) Unknown

Ben Campbell Former IESG member

No Objection

No Objection (2017-05-23 for -04) Unknown

I support Ekr's DISCUSS position.

Benoît Claise Former IESG member

No Objection

No Objection (for -04) Unknown

Deborah Brungard Former IESG member

No Objection

No Objection (for -04) Unknown

Eric Rescorla Former IESG member

(was Discuss) No Objection

No Objection (2017-05-22) Unknown

The citations to TLS 1.3 still seem pretty muddled. I think you
should just stop referencing and discussing 1.3.

S 2.
I'm not sure that the discussion of the PRF is helpful here in
mandating the non-use of these cipher suites with TLS 1.1 and
below.

Mirja Kühlewind Former IESG member

No Objection

No Objection (for -04) Unknown

Spencer Dawkins Former IESG member

No Objection

No Objection (2017-05-24 for -04) Unknown

Ciphersuite drafts for TLS are usually above my pay grade, but I understand most of EKR's Discuss, and agree with Adam's suggestion to change the document title to "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)" at an absolute minimum.

Suresh Krishnan Former IESG member

No Objection

No Objection (for -04) Unknown

ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2 draft-ietf-tls-ecdhe-psk-aead-05

ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2
draft-ietf-tls-ecdhe-psk-aead-05