-
-
Notifications
You must be signed in to change notification settings - Fork 679
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cryptography - suggested modification of 6.5.5 #2498
Comments
This would change the requirement completely. Is there any need for the original requirement? Is this used in practice? My problem with the proposed requirement is that TLS 1.2 uses MAC-then-encrypt for non AEAD (eg. TLS_AES_128_CCM_SHA256) (unless when using some TLS extension with does not appear to be used in practice). If we have this requirement, should some provision be made for legacy/compatibility (in particular with TLS 1.2)? |
Again, signatures being used incorrectly again. We really want to get our terminology right. I suggest we fix this for 5.0.
|
I just noticed the "authenticated signatures" wording, which is weird. I think we are talking both about authenticated encryption and signcryption here (?). |
"authenticated signatures" is a valid phrase, so I'm not sure what the issue is in this regard? But you're right they shouldn't be conflated with MACs, which they aren't. I think this part is supposed to be talking about AEAD and making sure this is present in symmetric cipher use. |
Thanks for this clarification, I’m good. Makes sense to me.
|
I don't find that many references to "authenticated signature". In the text, this is the only place we are using this term but we are using "digital signature". Is this (as I understand) intended to mean "digital signature"? If so, can we replace it by "digital signature" for consistency? |
What do you think the next stage here is @randomstuff ? |
I think we can use the proposed wording:
MAC-then-encrypt might be required for compatibility with (very) old TLS implementations (eg. CBC ciphersuites) but I don't think we really need to handle this. If required, we could add:
but I think we don't need to include this. |
Ok so please can you open a PR |
Currently we have:
Proposed by Bart Preneel:
Comment:
The text was updated successfully, but these errors were encountered: