[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[TLS] TLS 1.1 and static DH

To: tls@xxxxxxxx
Subject: [TLS] TLS 1.1 and static DH
From: Jan Nordqvist <jnordqvist@xxxxxxxxxx>
Date: Tue, 24 Oct 2006 10:04:11 -0700
Cc:
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F2403495D36@xxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <B356D8F434D20B40A8CEDAEC305A1F2403495D36@xxxxxxxxxxxxxxxxxxxxxx>
User-agent: Thunderbird 1.5.0.7 (Windows/20060909)

Hi All,

We have an implementation of a TLS 1.0/1.1 stack for which we areseeking candidates for interoperability testing. None of the publiclyavailable implementations that we have found implements TLS1.1 and weare therefore interested in getting access to a TLS implementation thatdoes both TLS1.0 and TLS1.1 for interoperability testing and preferablyalso for regression testing.

Ideally we would like access to a trusted public domain implementation,
but as an alternative we could either consider access over the public
Internet or exchange a bundled test-suite with some other vendor under
an NDA.

Apart from the 1.1 support, an issue that surprises me somewhat is that
the static DH cipher suites, i.e. the TLS_DH_DSA and TLS_DH_RSA suites
rarely seems to be supported.
None of the TLS RFC's makes any statement, perhaps rightly, about
the AlgorithmIdentifier to use for DH keys in certificates. At the
same time it seems that X.509 DH certificates are somewhat arcane and I
have seen certificates using both 1.2.840.10046.2.1 (the X.509 suggested
dhpublicnumber) and  1.2.840.113549.1.3.1 (RSA/DH) as the
AlgorithmIdentifier as well as 1.2.840.113549.1.3.1 or
1.2.840.113549.1.5.16.1 (PKCS-8) for the private key id in the key-file.
Could it be that the lack of consistency here has something to do with
the lack of support for static DH in TLS?
Any comments or clarification here would be appreciated.

If anyone is interested in engaging in a mutual test setup, our interest
would involve testing out all of the RFC-4346 mandated cipher suites,
except the export suites, the Kerberos suites and the IDEA suite, with
and without client authentication, with and without "standard" stateful
session resumption and potentially stateful resumption per RFC-4507.

Thank you,

Jan Nordqvist
Software Architect
Lucent VitalAAA product group


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- RE: [TLS] TLS 1.1 and static DH
  - From: Pasi Eronen

References:
- RE: [TLS] Open issue: Record Version Numbers
  - From: Pasi.Eronen

Prev by Date: [TLS] I-D ACTION:draft-ietf-tls-rfc4346-bis-02.txt
Next by Date: [TLS] Comments on RFC-4346
Previous by thread: Re: [TLS] Open issue: Record Version Numbers
Next by thread: RE: [TLS] TLS 1.1 and static DH
Index(es):
- Date
- Thread