[Ach] EDH/ECDH, AES128/AES256 - was: Secure E-Mail Transport based on DNSSec/TLSA/DANE

Aaron Zauner azet at azet.org
Tue Nov 3 01:08:35 CET 2015

* Aaron Zauner <azet at azet.org> [03/11/2015 00:38:45] wrote:
> Internet Draft:
> https://datatracker.ietf.org/doc/draft-zauner-tls-aes-ocb/
> IPR:

MUA broke some URLs, that's the correct one for the IPR

I should maybe also mention that TLS 1.3 is far from being a
standard currently (although there's a lot of work being done),
the draft as cited above would also add AES-OCB ciphersuite
functionality to TLS 1.2, if accepted. Even if TLS 1.3 is
standardized it'll take a considerable amount of time for it to
actually being deployed - though things move faster these days.

CFRG (Cryptography Forum Research Group) has recently recommended
Curve25519 for use in IETF protocols. They're currently discussing
new signature schemes (e.g. EdDSA).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20151103/945337a6/attachment.sig>

More information about the Ach mailing list