Re: [Cfrg] My comments on TLS requirements from today's interim
Andrey Jivsov <crypto@brainhub.org> Tue, 01 July 2014 07:03 UTC
Return-Path: <crypto@brainhub.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEA121B27CF for <cfrg@ietfa.amsl.com>; Tue, 1 Jul 2014 00:03:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.501
X-Spam-Level:
X-Spam-Status: No, score=-0.501 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p0CpfmVFmrls for <cfrg@ietfa.amsl.com>; Tue, 1 Jul 2014 00:03:49 -0700 (PDT)
Received: from qmta02.emeryville.ca.mail.comcast.net (qmta02.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:43:76:96:30:24]) by ietfa.amsl.com (Postfix) with ESMTP id 617B91B27CA for <cfrg@irtf.org>; Tue, 1 Jul 2014 00:03:49 -0700 (PDT)
Received: from omta03.emeryville.ca.mail.comcast.net ([76.96.30.27]) by qmta02.emeryville.ca.mail.comcast.net with comcast id Luxi1o0010b6N64A2v3pza; Tue, 01 Jul 2014 07:03:49 +0000
Received: from [192.168.1.145] ([71.202.164.227]) by omta03.emeryville.ca.mail.comcast.net with comcast id Lv3o1o0064uhcbK8Pv3o5H; Tue, 01 Jul 2014 07:03:48 +0000
Message-ID: <53B25D54.5080003@brainhub.org>
Date: Tue, 01 Jul 2014 00:03:48 -0700
From: Andrey Jivsov <crypto@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: cfrg@irtf.org
References: <CABcZeBOMUw5fv--ar=r+5KL76UKz7NDU2M=aEYomjfMjSy+Fog@mail.gmail.com>
In-Reply-To: <CABcZeBOMUw5fv--ar=r+5KL76UKz7NDU2M=aEYomjfMjSy+Fog@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1404198229; bh=XtH0HNIB5BR8wTUEO4nxLPv7yYIuBWfbx4Qt+L3axgA=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=SKzSQzqLIgqt8r7YfxGCA7QiNMbrsyW+Ft3mfhdYEKqmi7nPJwIEKPIXfCLQSSN+v ZUhflOpUsUZwtJZJnQlZ+bKwguNv2BYxyAfAhLSVDtNanZpJLIjgBIsY4JO85TEQaT TqYTDeVmtzXzWGGZllYJrBiDPt16vvrMCg8LymZ58us1giVHbjwhnIsjSUtmaI+GKx bvR8JkCW78PMdPvSQyVGpOJhvHR9oVU3XEhg++hQpQw80xMIf6HUtcYyNdeXlbo8Wj PyjMIUJcUHGL0UvxCLziKX2viHDQiJv/kft47oyysijbweSdER/UkfTSei/3CpaEoX SBpmEuMo0NI1Q==
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/Wlg36b16YXjFolx2Ecb2zYJe9Zs
Subject: Re: [Cfrg] My comments on TLS requirements from today's interim
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jul 2014 07:03:51 -0000
I have the same concern: On 04/29/2014 12:50 PM, Eric Rescorla wrote: > > - It would be nice if there was some chance that these curves could > have some chance of being FIPS-approved, so they could potentially > displace the NIST curves. It may be very difficult to get certainty here. I see the following (the meeting minutes) http://www.ietf.org/mail-archive/web/cfrg/current/msg04505.html that don't answer this. I also saw this post: On 06/26/2014 11:46 PM, Alyssa Rowan wrote: > CFRG have selected Curve25519 as the preferred elliptic curve for use > in IETF protocols, as Rich has pointed out. Let's assume that "the curve" at IETF is Curve25519. It doesn't appear to be an undisputed winner right now, but let's assume that it is universally accepted at every working group at IETF and is added to every IETF protocol soon. There is a significant US federal market with Suite B, FIPS, or at least SP 800 XXX that in some cases supports multiple product lines for a company. Beyond that, one credit that Suite B gets is that Suite B provided a clear and safe path for anybody who wanted to add ECC to their products. It assured interoperability on the Internet and coverage for the US government sector in a single standard. It made it much safer to create persistent data structures that should exist for decades. Not everybody liked it, especially outside of US, but P-256 was and still a method to bootstrap into ECC. I would like to hear your thoughts on the long-term view regarding standardization. I will start with a few possibilities: * Curve25519 becomes so pervasive that NIST adopts it. It replaces P-256 as a standard [Should reaching out to NIST be on the roadmap at some point before that expected acceptance?] * Curve25519 exists parallel to P-256 (and P-256 becomes just a US national standard) [In this case products accept that Curve25519 + all the national standards is a typical product requirement] * Curve25519 is viewed as a couple-of-years forward solution and so the questions of integration with other standards is out of scope for the Curve25519 decision [perhaps because the focus is on currently common Intel x86 CPUs, ARMs?] <other possibilities, I am sure>... Thank you.
- [Cfrg] My comments on TLS requirements from today… Eric Rescorla
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Yoav Nir
- Re: [Cfrg] My comments on TLS requirements from t… Paul Hoffman
- Re: [Cfrg] My comments on TLS requirements from t… Watson Ladd
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Yoav Nir
- Re: [Cfrg] My comments on TLS requirements from t… Igoe, Kevin M.