Re: [Cfrg] My comments on TLS requirements from today's interim
Andrey Jivsov <crypto@brainhub.org> Tue, 01 July 2014 16:26 UTC
Return-Path: <crypto@brainhub.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90C331B2841 for <cfrg@ietfa.amsl.com>; Tue, 1 Jul 2014 09:26:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Wqs5vxTgiDQ for <cfrg@ietfa.amsl.com>; Tue, 1 Jul 2014 09:26:22 -0700 (PDT)
Received: from qmta02.emeryville.ca.mail.comcast.net (qmta02.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:43:76:96:30:24]) by ietfa.amsl.com (Postfix) with ESMTP id 97B131B2830 for <cfrg@irtf.org>; Tue, 1 Jul 2014 09:26:13 -0700 (PDT)
Received: from omta24.emeryville.ca.mail.comcast.net ([76.96.30.92]) by qmta02.emeryville.ca.mail.comcast.net with comcast id M4Hx1o0061zF43QA24SDDN; Tue, 01 Jul 2014 16:26:13 +0000
Received: from [192.168.1.145] ([71.202.164.227]) by omta24.emeryville.ca.mail.comcast.net with comcast id M4SC1o00W4uhcbK8k4SCTY; Tue, 01 Jul 2014 16:26:13 +0000
Message-ID: <53B2E124.4010008@brainhub.org>
Date: Tue, 01 Jul 2014 09:26:12 -0700
From: Andrey Jivsov <crypto@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: cfrg@irtf.org
References: <CABcZeBOMUw5fv--ar=r+5KL76UKz7NDU2M=aEYomjfMjSy+Fog@mail.gmail.com> <53B25D54.5080003@brainhub.org> <FB5F9D06-C183-4284-9AAD-B189CDCEC2D8@vpnc.org> <CACsn0cn752gCdSwPAcLeR97uNFD7xeio5YPuuBpOw=5rRXCU4A@mail.gmail.com>
In-Reply-To: <CACsn0cn752gCdSwPAcLeR97uNFD7xeio5YPuuBpOw=5rRXCU4A@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1404231973; bh=kJJkrxMQtVCobQoUqcYmDCY2ius0WqXHq4UQUM6yBqQ=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=CxMvVMHRW3R2F6iq6ja/S3VyTY6KF2sHA/owgBE46tCSZsOvHQRwt+lrTMqBSNsjq OwE9vlbHRDzt1jWHSO8vOdf+Q5WoxtMV+hM2FFbhRQ+vEzO2/U25X8SVSON08/FH+N qQemFD3nCbctMb/khq9kAw9KRQbpLExbbH1pD63IKu5koy5VjGVixDB/rzfbnRjUb8 N3VqGAVOb1IDorgiqYbGj/iMOfqTY/kNRxXb/HQnczFvFosCkKyQTN7QKW9v8fXHaA hlnoueyTtNoFOhWHf2L6vrd9pGalrEbpw47VtYgaTIAxQMMTFI9Z2ZCdoIs/38iA2y g5Aflx+42U9Ig==
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/gbYnl2EXQDDZ94gtTyTUzbmph84
Subject: Re: [Cfrg] My comments on TLS requirements from today's interim
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jul 2014 16:26:24 -0000
On 07/01/2014 06:33 AM, Watson Ladd wrote: > > On Jul 1, 2014 6:17 AM, "Paul Hoffman" <paul.hoffman@vpnc.org > <mailto:paul.hoffman@vpnc.org>> wrote: > > > > Trying to predict what NIST will do with FIPS-140 certification is > silly. Even they don't know from year to year. The NIST of today is not > the NIST of 14 months ago; it is likely that there will be other major > shifts in NIST's view of itself and what it has to do to stay relevant. > > I had this concern at the CFRG meeting. Kevin Igoe said that the NSA had > no objections to Curve 25519 being in Suite B. > This is a useful information. It would be even more useful if some statement of this sort was public and by NIST/NSA. > There is a legacy cert and software problem: it's likely software will > need to deploy several curves for compatibility with x509 certs. > > Finally, OpenSSL supports non FIPS algorithms as well as FIPS > algorithms. It's not impossible to do the same. I am not sure I see an argument here. OpenSSL had always many ECC curves but vendors were making sure to disable them at compile time. Only with great caution they would enable specifically P-256, and sometimes P-384, after careful consideration. ...
- [Cfrg] My comments on TLS requirements from today… Eric Rescorla
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Yoav Nir
- Re: [Cfrg] My comments on TLS requirements from t… Paul Hoffman
- Re: [Cfrg] My comments on TLS requirements from t… Watson Ladd
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Andrey Jivsov
- Re: [Cfrg] My comments on TLS requirements from t… Yoav Nir
- Re: [Cfrg] My comments on TLS requirements from t… Igoe, Kevin M.