Re: [Cfrg] FIPS or equivalent approvals
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 29 July 2014 18:16 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE1A21A0091 for <cfrg@ietfa.amsl.com>; Tue, 29 Jul 2014 11:16:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 48Of3xrRmjlW for <cfrg@ietfa.amsl.com>; Tue, 29 Jul 2014 11:16:29 -0700 (PDT)
Received: from mail-la0-x234.google.com (mail-la0-x234.google.com [IPv6:2a00:1450:4010:c03::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 727221B2A0A for <cfrg@irtf.org>; Tue, 29 Jul 2014 11:16:29 -0700 (PDT)
Received: by mail-la0-f52.google.com with SMTP id e16so28859lan.39 for <cfrg@irtf.org>; Tue, 29 Jul 2014 11:16:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=0hN2OZVdEiL7BJS/y3HGMwyRUkp+AQkbSSqz1urJg8Q=; b=PGeSXo0S74MNJUaEbY4VX2YbipipuNtVpurOLOS4VQ6Zjy660Jt4uvzvATP3LcUWt3 rThDKWsZqWkBAgPZPl1IO5KwrCBTgNjkBCDiMBm5EbLEJXc5jkLrCUFhwddEG+qFj/I4 32ZxeyS0Mrf9gEidTiAqOX3C5UGzIKmHLgvag45eD9mrFzZtuX9xi69VgU3kWwkQ50ir M82g6vvIj46CqGOb5kxDF9zU+GZ1gQjLCDaRYeYSs0jeU7DTQSlVvcLPgJ5sZP1kUeop t+3nOMXSyLRzt8hNqSLMunWZr8w1qPWfaKSGwmTXYvsSIbOAl1pOe0y7715EmO1YnUu5 lRkg==
MIME-Version: 1.0
X-Received: by 10.152.27.197 with SMTP id v5mr4253359lag.84.1406657787544; Tue, 29 Jul 2014 11:16:27 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Tue, 29 Jul 2014 11:16:27 -0700 (PDT)
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C718599EDBA8@USMBX1.msg.corp.akamai.com>
References: <CAMm+LwhYWfP30=rdYQoVZ=Ns8dCn2HdjKLLPCP7Yw540eifvOg@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C718599EDBA8@USMBX1.msg.corp.akamai.com>
Date: Tue, 29 Jul 2014 14:16:27 -0400
X-Google-Sender-Auth: T7MU6UVRp3Mb3tvvNyMSV3QNutY
Message-ID: <CAMm+Lwgu6XQAKUtdQo_J2LgFdgGidFGb9sLaqUy50A0c6M7CVg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/CFFdy3I_UV7DmzxKLaQuJ285Zw8
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] FIPS or equivalent approvals
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2014 18:16:32 -0000
On Tue, Jul 29, 2014 at 11:45 AM, Salz, Rich <rsalz@akamai.com> wrote: >> If we are going to use the new curves in PKIX (a major part of TLS) we are >> going to need trustworthy HSMs. > > I disagree with the idea that PKIX is a major part of TLS, the implication that RSA 2K certs need to be replaced quickly, and that HSM's are needed by the CA's. > > Other then that, the sentence is fine. :) That depends on your definition of 'quickly'. I don't intend to do this according to the 'waterfall' development model where anyone who looks ahead more than one problem at a time gets told to wait for what turns out to be three years for a decision. We have seen the result of that approach in IPv6 and DNSSEC. If this group wants to make the decision it is going to have to allow for parallel processing of things that can be done in parallel. It will take a little while for the hardware folk to take notice. And some of those vendors have expertise that I think is rather useful, they have been facing issues such as side channels for a long time. Given that this is essentially a bikeshedding decision process, one of the criteria is going to be which curve's supporters is willing to do most to persuade people that they will win. As for CAs not needing HSMs, I don't think any of the browser providers is going to accept a root that is not protected by some FIPS-140 equivalent validated HSM with multiple separation of duties controls. We will need the whole industry on board in the end. At least in nCipher, Aladdin, Intel, AMD, ARM etc are asked early on they won't have an excuse to complain later. Making the approach is a signal to their people to think about planning to put some of this stuff on their roadmaps.
- [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Paul Hoffman
- Re: [Cfrg] FIPS or equivalent approvals Salz, Rich
- Re: [Cfrg] FIPS or equivalent approvals Robert Moskowitz
- Re: [Cfrg] FIPS or equivalent approvals Alyssa Rowan
- Re: [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Salz, Rich
- Re: [Cfrg] FIPS or equivalent approvals David Jacobson
- Re: [Cfrg] FIPS or equivalent approvals David Jacobson
- Re: [Cfrg] FIPS or equivalent approvals Randy Bush