[Cryptography] [TLS] ETSI releases standards for enterprise security and data centre management

Stephen Farrell stephen.farrell at cs.tcd.ie
Sat Dec 1 19:23:10 EST 2018 

On 01/12/2018 09:10, Dmitry Belyavsky wrote:
> Dear All,
> 
> JFYI. Via Feisti Duck nerwsletter.
> 
> https://www.etsi.org/news-events/news/1358-2018-11-press-etsi-releases-standards-for-enterprise-security-and-data-centre-management

Yes, it is a shame that ETSI's role in transport security
appears to be to stick their noses in the trough of cast-off
proposals that didn't garner IETF consensus due to insecurity.

I hope that that properly (i.e., negatively), influences
people's opinions of ETSI, and of any government or industry
body so easily open to capture. Put another way, the IETF's
imperfect but terrifically open process considered this for
more than a year, (once there were people who raised the
topic, no matter how ineptly) and concluded there was no
consensus to even start such work, whereas ETSI appear to
have picked up those droppings and started and finished their
"standardisation" "process" (ironic quoting intended:-) in
roughly the same amount of time an open process requires to
conclude that such proposals are rubbish.

> 
> The eTLS key exchange shall use exactly the same messages and procedures to

I also hope the IETF aren't shy about enforcing copyright
on the name TLS. (Not that I understand copyright;-)

Cheers,
S.

> establish a set of session keys as a
> TLS 1.3 ephemeral Diffie-Hellman key exchange, except for two differences
> [2].
> 1) the server shall use a static public/private key pair at Step 2 in
> clause 4.3.1; and
> 2) the server's certificate at Step 5 shall contain visibility information
> as defined in clause 4.3.3 to indicate to the
> client that eTLS is in use.
> NOTE: Neither the static public key nor the visibility information affects
> the operation of a TLS 1.3 compliant
> client, so an eTLS server is therefore fully interoperable with TLS 1.3
> compliant clients.
> 
> 
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x5AB2FAF17B172BEA.asc
Type: application/pgp-keys
Size: 9029 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20181202/2abeda4a/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20181202/2abeda4a/attachment.sig>

More information about the cryptography mailing list