[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    [TLS] HKDF
From:       Eric Rescorla <ekr () rtfm ! com>
Date:       2015-03-23 14:19:59
Message-ID: CABcZeBPa3j+EfMkPik7r5G-qcBpYkXTFWwYwuCeE38mFjUwpJw () mail ! gmail ! com
[Download RAW message or body]

As I mentioned in a previous message [0] during the interim we discussed
moving from the TLS PRF to HKDF [RFC5869].

The general sentiment was:

- Move to HKDF
- Specify both SHA-256 and SHA-384 (the latter being required for
  Suite B)

This is also the time when we would want to look at adjusting
the key expansion to separate keys and IVs (assuming we still
have IVs).

Please use this thread to discuss this topic.

-Ekr

[0] https://www.ietf.org/mail-archive/web/tls/current/msg15621.html

[Attachment #3 (text/html)]

<div dir="ltr"><div>As I mentioned in a previous message [0] during the interim we \
discussed</div><div>moving from the TLS PRF to HKDF \
[RFC5869].</div><div><br></div><div>The general sentiment \
was:</div><div><br></div><div>- Move to HKDF</div><div>- Specify both SHA-256 and \
SHA-384 (the latter being required for</div><div>   Suite \
B)</div><div><br></div><div>This is also the time when we would want to look at \
adjusting</div><div>the key expansion to separate keys and IVs (assuming we \
still</div><div>have IVs).</div><div><br></div><div>Please use this thread to discuss \
this topic.</div><div><br></div><div>-Ekr</div><div><br></div><div>[0] <a \
href="https://www.ietf.org/mail-archive/web/tls/current/msg15621.html">https://www.iet \
f.org/mail-archive/web/tls/current/msg15621.html</a></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div>




[prev in list] [next in list] [prev in thread] [next in thread]