ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS) Protocol version 1.2
draft-ietf-tls-ecdhe-psk-aead-05

Note: This ballot was opened for revision 03 and is now closed.

Alexey Melnikov Yes

Kathleen Moriarty Yes

Alia Atlas No Objection

Deborah Brungard No Objection

Ben Campbell No Objection

Comment (2017-05-23 for -04)
I support Ekr's DISCUSS position.

Benoit Claise No Objection

Alissa Cooper No Objection

Spencer Dawkins No Objection

Comment (2017-05-24 for -04)
Ciphersuite drafts for TLS are usually above my pay grade, but I understand most of EKR's Discuss, and agree with Adam's suggestion to change the document title to "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)" at an absolute minimum.

Suresh Krishnan No Objection

Mirja K├╝hlewind No Objection

Eric Rescorla (was Discuss) No Objection

Comment (2017-05-22)
The citations to TLS 1.3 still seem pretty muddled. I think you
should just stop referencing and discussing 1.3.

S 2.
I'm not sure that the discussion of the PRF is helpful here in
mandating the non-use of these cipher suites with TLS 1.1 and
below.

Alvaro Retana No Objection

Adam Roach No Objection

Comment (2017-05-23 for -04)
I agree with EKR's discuss -- specifying semantics for these ciphersuites with TLS 1.0 and 1.1 is a material change, and the proposed mechanism (in which servers are encouraged to infer 1.2 support even in the absence of explicit indication) is a bit baffling.

Given the scope this document covers, I recommend adding "1.2" to the title of the document. (e.g.: "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)")