Opened 15 years ago

Closed 15 years ago

#36 closed editorial (fixed)

Editorial nits from Peter

Reported by: pasi.eronen@… Owned by:
Priority: minor Milestone:
Component: draft-ietf-tls-rfc4346-bis Version: 02
Severity: Keywords:
Cc:

Description

http://www1.ietf.org/mail-archive/web/tls/current/msg01276.html

> The following text may need updating, as KDFs per
> ciphersuite now may or may not be using (in the handshake
> layer) "HMAC, keyed MACs, or secure digesting of data that
> is protected by a secret"
>
>   "A number of operations in the TLS record and handshake
>   layer required a keyed MAC; this is a secure digest of
>   some data protected by a secret. Forging the MAC is
>   infeasible without knowledge of the MAC secret. The
>   construction we use for this operation is known as HMAC,
>   described in [HMAC]."

Yes, I'll clean this up.

http://www1.ietf.org/mail-archive/web/tls/current/msg01273.html

> 5.  "However, you SHOULD never send data over a link encrypted 
>    with 40 bit security unless you feel that data is worth no 
>    more than the effort required to break that encryption.
>
> I think its time for this to go... if only because we have 
> no "links", above the TLS. We have channels or bridges. If its 
> kept, perhaps consider
>
>   "However, you SHOULD never send data over a link encrypted 
>    with 40 bit OR LESS security unless you feel that data 
>    is worth no more than the effort required to break that 
>    encryption.

Well, the 40-bit algroithms have been deprecated in TLS, so this 
section should simply be removed.

http://www1.ietf.org/mail-archive/web/tls/current/msg01271.html

> 7. Concerning section 1.1:
>
>
> "     - Allow the client to indicate which hash functions it 
>         supports.
>
>      - Allow the server to indicate which hash functions it 
>        supports
>
>      - Addition of support for authenticated encryption with 
>        additional data modes."
>
> distinguish indicating hash functions, from mac functions. hash 
> functions used in securing the handshake are not the same as mac
> functions used in the record-layer. Without reading further, 
> I don't know which are being referred to in this summary.

I'll put this on the list of things to change.

Change History (1)

comment:1 Changed 15 years ago by ekr@…

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.