[Cfrg] Wanting a signature scheme, not needing it right now

Paul Hoffman <paul.hoffman@vpnc.org> Fri, 02 January 2015 02:17 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 6F08F1A8709 for <cfrg@ietfa.amsl.com>; Thu, 1 Jan 2015 18:17:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.647
X-Spam-Status: No, score=-3.647 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 8UmF1oC6G7tp for <cfrg@ietfa.amsl.com>; Thu, 1 Jan 2015 18:17:25 -0800 (PST)
Received: from proper.com (Hoffman.Proper.COM []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B7BF1A8708 for <cfrg@irtf.org>; Thu, 1 Jan 2015 18:17:23 -0800 (PST)
Received: from [] (50-1-98-91.dsl.dynamic.fusionbroadband.com []) (authenticated bits=0) by proper.com (8.14.9/8.14.7) with ESMTP id t022HJw7064835 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Jan 2015 19:17:20 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: proper.com: Host 50-1-98-91.dsl.dynamic.fusionbroadband.com [] claimed to be []
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <CAMfhd9Vi=VJw2NW1CX1aE_qjXFmQ1Cmd1F4s7C9eEvuVog-f=Q@mail.gmail.com>
Date: Thu, 1 Jan 2015 18:17:19 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <3182E341-130D-45D7-B05C-EB26297B077C@vpnc.org>
References: <CAMfhd9Vi=VJw2NW1CX1aE_qjXFmQ1Cmd1F4s7C9eEvuVog-f=Q@mail.gmail.com>
To: Adam Langley <agl@imperialviolet.org>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/0vgdP80JllaztsjaA98wJz6Ixkw
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: [Cfrg] Wanting a signature scheme, not needing it right now
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jan 2015 02:17:27 -0000

On Jan 1, 2015, at 2:00 PM, Adam Langley <agl@imperialviolet.org> wrote:
> It does not suggest a signature scheme, despite several people
> suggesting that it would be required in recent days, because I don't
> think that we're at that point yet.

I was one of those folks, and a few folks off-list walked me through why I was incorrect when I said it was needed for TLS. I want a signature scheme for EC, and I would prefer that it have better operational security properties than ECDSA. If we can get agreement on that soon, great, but if not, it should not deter CFRG from giving the TLS WG a 128-strength solution.

--Paul Hoffman