IETF Logo Mail Archive

Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 01 February 2016 16:33 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 435D41B322E for <cfrg@ietfa.amsl.com>; Mon, 1 Feb 2016 08:33:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jaqvxa9KRUoW for <cfrg@ietfa.amsl.com>; Mon, 1 Feb 2016 08:33:46 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D16A21B3228 for <cfrg@irtf.org>; Mon, 1 Feb 2016 08:33:45 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 85BB7BE7C; Mon, 1 Feb 2016 16:33:44 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LK3cweHQozLg; Mon, 1 Feb 2016 16:33:44 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id E5FCDBE4C; Mon, 1 Feb 2016 16:33:43 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1454344424; bh=Y9G8M73h9ZRuVGQf23yyuTsKVXfYekVn6LeOEWJliS8=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=tgKYYZZj8H74WIQVonnE3Xno3lQ00u7jSz6CnEMJulqj/8TjAE6JYmCgsn4iMZnsx O9FeP9WvvWXndTSNPhK5kBr4p6vflS20/azYo1sEMFCdDfg2dh9e+wyMQeKDC5t9wJ 6BO++rIwk8zqIm3xpLWeCD381fROgn8xxm46hpJQ=
To: Simon Josefsson <simon@josefsson.org>, Valery Smyslov <svanru@gmail.com>
References: <4A631584-C0F1-4AFC-A51D-155C34415413@isode.com> <87io28y3v7.fsf@latte.josefsson.org> <8b4d37ef9b8f4be7877ecc0164c57b8e@usma1ex-dag1mb1.msg.corp.akamai.com> <877fioxzdm.fsf@latte.josefsson.org> <4F5E9D3626FF4E5DA34F8944BE0C16B5@buildpc> <87k2mowg47.fsf@latte.josefsson.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56AF88E8.9020407@cs.tcd.ie>
Date: Mon, 01 Feb 2016 16:33:44 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <87k2mowg47.fsf@latte.josefsson.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/j-3xsr7zEKmLCO3bMcNzQqOKEwQ>
Cc: cfrg@irtf.org, Nevil Brownlee <rfc-ise@rfc-editor.org>
Subject: Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2016 16:33:47 -0000

Hi Simon,

On the higher level, I agree with those who think this is
not a 5742 conflict, but I'll point the rest of the IESG
at this thread so they can read about it themselves.

On 01/02/16 16:27, Simon Josefsson wrote:
> "Valery Smyslov" <svanru@gmail.com> writes:
> 
>>> Also consider that AES isn't an RFC: the disadvantage of that does not
>>> seem to be stopping us from using it.
>>
>> Situation with AES is different - it is documented in English.
>> Camellia is a better example - and it was published (RFC 3713).
>> Do you think that many people have implemented it since then
>> without understanding the consequences?
> 
> Yes.  I think Camellia is a good example here.  I recall seeing
> implementations that preferred Camellia over AES when both were
> available, which I suspect was due to misunderstanding or mistake.  The
> document can inform the reader about some aspects, but sometimes having
> too much rope available causes bad things to happen.

I agree that that happened and was undesirable, but I think
that the mistake then was in the TLS code point allocation.
We (the IETF) should've made sure that the registry or the
specification that created the code points clarified things
for implementers. With TLS1.3, I think the TLS WG have
decided to structure the IANA registries so this'll end up
better. I forget if that'd also mean re-structuring the
registries for earlier TLS versions or not, but in any case
the issue is one for the TLS WG (or IPSECME or whoever) and
not something that the ISE ought handle in the basic spec
describing the algorithm details.

Cheers,
S.


> 
> /Simon
> 
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email