Re: [Cfrg] Closing out tls1.3 "Limits on key usage" PRs (#765/#769).

Aaron Zauner <azet@azet.org> Wed, 01 March 2017 13:12 UTC

Return-Path: <azet@azet.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 889821295A0 for <cfrg@ietfa.amsl.com>; Wed, 1 Mar 2017 05:12:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=azet.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ySFSJ29HEzm1 for <cfrg@ietfa.amsl.com>; Wed, 1 Mar 2017 05:12:15 -0800 (PST)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 649351295B2 for <cfrg@irtf.org>; Wed, 1 Mar 2017 05:12:15 -0800 (PST)
Received: by mail-wm0-x22a.google.com with SMTP id v186so109820595wmd.0 for <cfrg@irtf.org>; Wed, 01 Mar 2017 05:12:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=ERclPtGHmQwDI8Z6ZImSOHsFXc8Da3GmMTzMfqyVZj0=; b=NCvNVkEqCKF4QZLJbU6ieqtM6mxktTrBHYMVJGUgr9D4fT/km9TdyCa/YTC9P21NN4 yuo4aC2n+n6ANGE2Vlp8UqNhjffdljBAJ6c+34GsvDE5sg67mMOyhCEA5iJYXevViqE+ xzDZxAdpi5Z3TIfpja2Ytpov4KFLLsdWUdkkY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=ERclPtGHmQwDI8Z6ZImSOHsFXc8Da3GmMTzMfqyVZj0=; b=IhKkZkqdY5rFx3GvDBdMMhpeWbTscG4Yyp85LXWN5EYtZiHL2Rdz/N6aYNxwfRwoba WbOVuYZg2P9hJNxUKQIV9+vNEbaWpX+AKVNyov5nIfUQFe7Go20QRnsp2vLDxNToFK2o qLgyetARl9WzIrqYoE4ppvxORl0T5qC2CyvemdMk6gxCwCBmRDGp3I9gvv+967S4HxaI a9kao/CdWnvCVPAeM+PLz7PMIEvnysb+AXzQxANTlRS98S9qZ9JHIf/f5RY513hscHhV sb/96V3GSsgd9i2l7RLfQ+TZEEoMfaZe1c7exag4gnj+FFMRFAAhoMFaO4PQFbJjrNtO yAsA==
X-Gm-Message-State: AMke39k59R4BBTZ95nXtg34qmy8wh6iVo7dWvgSn84zuv2TaXqPKeWsnahOpv/l4aWSwGA==
X-Received: by 10.28.203.204 with SMTP id b195mr3425506wmg.51.1488373933775; Wed, 01 Mar 2017 05:12:13 -0800 (PST)
Received: from [192.168.1.121] ([41.143.43.27]) by smtp.gmail.com with ESMTPSA id m201sm6951872wmd.19.2017.03.01.05.12.11 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 01 Mar 2017 05:12:13 -0800 (PST)
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: multipart/signed; boundary="Apple-Mail=_730454EA-7C14-4F96-9548-200CE3398D6F"; protocol="application/pgp-signature"; micalg=pgp-sha512
X-Pgp-Agent: GPGMail
From: Aaron Zauner <azet@azet.org>
In-Reply-To: <CY4PR09MB1464243342F19FCBE48C37E7F3550@CY4PR09MB1464.namprd09.prod.outlook.com>
Date: Wed, 1 Mar 2017 13:11:25 +0000
Message-Id: <26137F3B-5655-44CA-877E-7168CE02DBF1@azet.org>
References: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com> <CY4PR09MB1464243342F19FCBE48C37E7F3550@CY4PR09MB1464.namprd09.prod.outlook.com>
To: "Dang, Quynh (Fed)" <quynh.dang@nist.gov>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/8-Uq_CYi5b3u-FdMqfmyeFQghnQ>
Cc: IRTF CFRG <cfrg@irtf.org>, "<tls@ietf.org>" <tls@ietf.org>, Sean Turner <sean@sn3rd.com>
Subject: Re: [Cfrg] Closing out tls1.3 "Limits on key usage" PRs (#765/#769).
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2017 13:12:17 -0000

> On 25 Feb 2017, at 14:28, Dang, Quynh (Fed) <quynh.dang@nist.gov> wrote:
> 
> Hi Sean, Joe, Eric and all,
> 
> I would like to address my thoughts/suggestions on 2 issues in option a.
> 
> 1) The data limit should be addressed in term of blocks, not records. When the record size is not the full size, some user might not know what to do. When the record size is 1 block, the limit of 2^24.5 blocks (records) is way too low unnecessarily for the margin of 2^-60.  In that case, 2^34.5 1-block records is the limit which still achieves the margin of 2^-60.

I respectfully disagree. TLS deals in records not in blocks, so in the end any semantic change here will just confuse implementors, which isn't a good idea in my opinion.

Aaron