Subject: Agenda Item: TLS mechanisms for ECDH-type cipher suites
Hi all, I'd like to request an agenda item for the next meeting to discuss adding some new mechanisms in support of other cipher suites beyond simply 'original' and 'DH' types, for example: CKM_TLS_MASTER_KEY_DERIVE CKM_TLS_MASTER_KEY_DERIVE_DH We're seeing some confusion in consumers of our PKCS#11 implementation about which to use for ECDH type cipher suites. It looks like some have chosen the 'original' to derive master keys because of the "fixed-length" phrase in PKCS#11 description. Then others have chosen the 'DH' type because ECDH is DH-ish, if you will. In those cases, we have run afoul of a strip-leading-zeroes problem in some implementations of DH. The inclination is to create a new family of TLS mechanisms specifically for ECDH, to avoid the guessing, such as: CKM_TLS_MASTER_KEY_DERIVE_ECDH I'd like solicit the group's thoughts on this. Please feel free to reply and share your opinions. We can discuss at next meeting possibly. Thanks, D.