Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on key usage" PRs (#765/#769)

Aaron Zauner <azet@azet.org> Thu, 16 February 2017 19:33 UTC

Return-Path: <azet@azet.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B405129697 for <cfrg@ietfa.amsl.com>; Thu, 16 Feb 2017 11:33:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=azet.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 729kz6G_IP2Q for <cfrg@ietfa.amsl.com>; Thu, 16 Feb 2017 11:33:45 -0800 (PST)
Received: from mail-wr0-x22e.google.com (mail-wr0-x22e.google.com [IPv6:2a00:1450:400c:c0c::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CB1012955E for <cfrg@irtf.org>; Thu, 16 Feb 2017 11:33:45 -0800 (PST)
Received: by mail-wr0-x22e.google.com with SMTP id i10so18617403wrb.0 for <cfrg@irtf.org>; Thu, 16 Feb 2017 11:33:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=fw2jktFOTSwYWkYtcPGQS13BqI8oauZo3a0+Xvpcc9Q=; b=ID6PGVxtjoWxu9B/gfGZTeClZQEATGGW5CC5hsKjTAT5JtIBFHNaTEI4Yzi911DhFh qMpZXHaytKRRWx1t9c4IDnxGgkwcjsTq8h/LNhrfsJPwMPcNrNw1AGTkT4yCuNbJmn93 xpZHnEpKlgT5dk5xpjl/oUX2Cy21T0ADGMrao=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=fw2jktFOTSwYWkYtcPGQS13BqI8oauZo3a0+Xvpcc9Q=; b=bKyzfWsmvnEZEP/Lg5eMfQ3ZxnxN7+9udtdJAmZE35+1zx1tv6oKF2ZeBFDmZc84VM JWWd9qrsv0dJV4ozlI3avZ8jU6UdIzBoepRTB6FsQ4lZMP05kekan5O2NpvDuTChyP7J ZHsXsp/n5yNOH3cqIgagT/+49iYsH+datclBEhKpoxhtIce2bXYsDpxJ+S9wDiTn6D9i sDViAXdWP/erV7qqqG26uga7YrGNNMMWs3xKRzWT1N8ekH+AcXOZXqw0pTHCfbpOTkWK Hq4k0EnJ1l/4WuiTdkVVOLO+RdlyVKqICxRtGQP5NM+IBhE+1LLZcdRvoVJc0PyRFLWY 6IlA==
X-Gm-Message-State: AMke39ls3ztHkr3DX9NqQuoVmW0NiX5H6AIFf2V75LvwcSOEXJcKZ/BJeYfTHeeDTAPgmw==
X-Received: by 10.223.131.99 with SMTP id 90mr3791850wrd.146.1487273623585; Thu, 16 Feb 2017 11:33:43 -0800 (PST)
Received: from [192.168.1.120] ([156.218.58.77]) by smtp.gmail.com with ESMTPSA id v128sm1464652wmv.2.2017.02.16.11.33.41 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 16 Feb 2017 11:33:42 -0800 (PST)
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: multipart/signed; boundary="Apple-Mail=_461E11DF-8232-41A2-B8E2-A699F4C242C4"; protocol="application/pgp-signature"; micalg=pgp-sha512
X-Pgp-Agent: GPGMail
From: Aaron Zauner <azet@azet.org>
In-Reply-To: <CABkgnnURRPNEGEFKJvBJ=of=pqSD6CLJ+M3CB5KepEQA38XeHQ@mail.gmail.com>
Date: Thu, 16 Feb 2017 21:33:39 +0200
Message-Id: <FFCF8465-1B10-4202-8AE6-37DE152C5D17@azet.org>
References: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com> <CABkgnnVrFGHe0eKREXbG_pv=y18ouopZsE2c5+Czz0HAGko6rg@mail.gmail.com> <D4C331C7.86224%kenny.paterson@rhul.ac.uk> <VI1PR8303MB0094D686941D99290BB431FCAB590@VI1PR8303MB0094.EURPRD83.prod.outlook.com> <D4C73D19.2FB4B%qdang@nist.gov> <D4C85054.2FDA4%qdang@nist.gov> <be49d59e37339cbaea8fef9bdb2a8971@esat.kuleuven.be> <D4C8AE28.30145%qdang@nist.gov> <CY4PR09MB1464278F1845979862CA9C8EF3580@CY4PR09MB1464.namprd09.prod.outlook.com> <BD6FC1F4-F2ED-46F8-9E53-862B69D9C00A@gmail.com> <e7c9bc1fb1b57333bacbe2def2687d18@esat.kuleuven.be> <D4C9AB9C.302D5%qdang@nist.gov> <CDDC7812-27AF-4566-AE33-6DF829FEB81E@rhul.ac.uk> <CABkgnnX78HnPnudEYOciS-VgJ4opYQX56OQ1R4yYvqxOQkO7Bg@mail.gmail.com> <859B3094-61BF-40B3-9473-4220E830D70F@gmail.com> <CABkgnnURRPNEGEFKJvBJ=of=pqSD6CLJ+M3CB5KepEQA38XeHQ@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/_PY0xwX5TLHeqi2UOvpBJ3oXeJo>
Cc: IRTF CFRG <cfrg@irtf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on key usage" PRs (#765/#769)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2017 19:33:46 -0000

> On 15 Feb 2017, at 19:25, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
> On 16 February 2017 at 04:20, Yoav Nir <ynir.ietf@gmail.com> wrote:
>> No, not really, but TLS is not just the web, and there are connections that
>> last for a long time and transfer large amounts of data. Think datacenter
>> synchronization. At packet-sized records 24 million records amounts to 36
>> GB. That is considerably larger than a 4 GB software update I downloaded
>> over HTTPS a few years ago, but not out of the ballpark.
> 
> I realize that's going to require updates pretty often (once you open
> up the CWND), but I don't think that it is frequent enough to be a
> concern.
> 
> I well know that HTTP gets used at these volumes more often than
> people realize.  I'd rather recommend ChaCha for those niche uses
> though if the rate was sufficiently high.

I agree with Yoav Nir here, it's certainly not a niche use* and one's implementation should not be forced to use a certain cipher mode if there would be better options (e.g. because -- as pointed out earlier -- hardware support is available).

* We'll all agree that most of the TLS traffic is made up by HTTPS requests, still, there are many other uses and we design protocols not just for the web. That's W3C.

Aaron