Re: [Cfrg] My comments on TLS requirements from today's interim
Watson Ladd <watsonbladd@gmail.com> Tue, 01 July 2014 13:33 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AC811A02E6 for <cfrg@ietfa.amsl.com>; Tue, 1 Jul 2014 06:33:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rA3yQ_a4wxk4 for <cfrg@ietfa.amsl.com>; Tue, 1 Jul 2014 06:33:28 -0700 (PDT)
Received: from mail-yk0-x234.google.com (mail-yk0-x234.google.com [IPv6:2607:f8b0:4002:c07::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13E681A02E3 for <cfrg@irtf.org>; Tue, 1 Jul 2014 06:33:28 -0700 (PDT)
Received: by mail-yk0-f180.google.com with SMTP id 131so5691372ykp.11 for <cfrg@irtf.org>; Tue, 01 Jul 2014 06:33:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=kwTgw5Bc6vx+p9HdYOp43EfvkTrTMoOOUoBFAYtDz/g=; b=k66kJAk2K5MOoMT2pivKwK9aS0JfIWF/Qjq4FYZ8bYETeQqad4cUaJdEo732AUe5t1 40VBRq3W67l0ARbiC2rpMMPFQoGzQVRceKxfjIjVzjBdR9KLOC7gqwjCtBLm54GvJy86 hI1+8EEI3fOJzivWHk6NCisG+7u0OOqOjV8mmUM55PafTR+DUv7tCUDY26gq7s5/RY6H x/n609504DoYOypM20aQof6iZRbT+Yq4sXVDmVBsxo8uOlAwXZp/D8eTmPV1jrw3eJ3K b3ZslImnBOMwkPW2LZSqwPgom1aPHBpGvOmU3kxrlOXroqmI3N5DjgSmeRQAEBNIGhc1 llEA==
MIME-Version: 1.0
X-Received: by 10.236.173.71 with SMTP id u47mr69317947yhl.66.1404221607258; Tue, 01 Jul 2014 06:33:27 -0700 (PDT)
Received: by 10.170.39.136 with HTTP; Tue, 1 Jul 2014 06:33:27 -0700 (PDT)
Received: by 10.170.39.136 with HTTP; Tue, 1 Jul 2014 06:33:27 -0700 (PDT)
In-Reply-To: <FB5F9D06-C183-4284-9AAD-B189CDCEC2D8@vpnc.org>
References: <CABcZeBOMUw5fv--ar=r+5KL76UKz7NDU2M=aEYomjfMjSy+Fog@mail.gmail.com> <53B25D54.5080003@brainhub.org> <FB5F9D06-C183-4284-9AAD-B189CDCEC2D8@vpnc.org>
Date: Tue, 01 Jul 2014 06:33:27 -0700
Message-ID: <CACsn0cn752gCdSwPAcLeR97uNFD7xeio5YPuuBpOw=5rRXCU4A@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: cfrg@irtf.org
Content-Type: multipart/alternative; boundary="20cf30549a21162e8f04fd21d214"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/XUefLUTFN-piL4xJbu6OrFj83Mc
Subject: Re: [Cfrg] My comments on TLS requirements from today's interim
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jul 2014 13:33:29 -0000
On Jul 1, 2014 6:17 AM, "Paul Hoffman" <paul.hoffman@vpnc.org> wrote: > > Trying to predict what NIST will do with FIPS-140 certification is silly. Even they don't know from year to year. The NIST of today is not the NIST of 14 months ago; it is likely that there will be other major shifts in NIST's view of itself and what it has to do to stay relevant. I had this concern at the CFRG meeting. Kevin Igoe said that the NSA had no objections to Curve 25519 being in Suite B. There is a legacy cert and software problem: it's likely software will need to deploy several curves for compatibility with x509 certs. Finally, OpenSSL supports non FIPS algorithms as well as FIPS algorithms. It's not impossible to do the same. Sincerely, Watson Ladd > > --Paul Hoffman > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] My comments on TLS requirements from today… Eric Rescorla
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Yoav Nir
- Re: [Cfrg] My comments on TLS requirements from t… Paul Hoffman
- Re: [Cfrg] My comments on TLS requirements from t… Watson Ladd
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Yoav Nir
- Re: [Cfrg] My comments on TLS requirements from t… Igoe, Kevin M.