IETF Logo Mail Archive

Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik

Yoav Nir <ynir.ietf@gmail.com> Mon, 01 February 2016 13:55 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 422621A90C5 for <cfrg@ietfa.amsl.com>; Mon, 1 Feb 2016 05:55:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2sMTeLxU-DYW for <cfrg@ietfa.amsl.com>; Mon, 1 Feb 2016 05:54:59 -0800 (PST)
Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A0A31A90C1 for <cfrg@irtf.org>; Mon, 1 Feb 2016 05:54:59 -0800 (PST)
Received: by mail-wm0-x229.google.com with SMTP id p63so71553261wmp.1 for <cfrg@irtf.org>; Mon, 01 Feb 2016 05:54:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to; bh=T3Hr8uC1tggt4mPmpjjJWjued5s6AGSSE8rbMqCUhOg=; b=cWrkS4xA2i0SeQuH6TR6YugYjyt3QlysVkMccwtXhqjcqFX+D08buZL1q1hCmPlJ9I fvt8Lj0WEO77Egf+VuUjC8MX5xhgXDYvZLcr0QrnxNzlLK9szheAgCDIAdAwLpp46+Rj hHgpshgvUafzRV/AePDE7jMAKBE06aqQmpiS/0Iqi3KruaaCHRqbViWkpYW+WsaZJ/HG zFestkUl6kDwwUeCnVr4SduAEjbhLOwK7Iazun+6vxuYUfh24JvB/iMryGa1lVXCtOZS NGDsjLPoPqwxhXXfKkPlGjXgPWFWSdzjXrz5me3zD9d+a4uJ28DGTSctItJJ7lJ138W4 BgFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:content-type:from :in-reply-to:date:cc:message-id:references:to; bh=T3Hr8uC1tggt4mPmpjjJWjued5s6AGSSE8rbMqCUhOg=; b=U5Cg2FWb9SaW2Ksfj2IuC9tDv+naJjL31JnhltnH2btycwKPh3mOE85sawJpceDoVQ OPWJs4n4l8aQslEaBWJdK5aTGsEcoBMbYeSjBEKXfOYc+OJ9T3LknQeXdfL4XWFMs1MY inUkwOsPYoSiiIIQer5LFF2j84VmmiJzl/NrqBMDwY+tvLwY13/eWG7MDVXDYCWrkm6+ 9axUCr71vOGVieZCKcD8h/n0B9xVDgGa/1Vjafd8upYRZKHumzgZASrLLw2oGXi9T6Zs SdFSM/kEc2zvd1ykjyVdECQeNTsqdEkdNkeb5Dbr+vD0Z1uyCLxf9X6gDXXLLG9G0LBm pVZg==
X-Gm-Message-State: AG10YOQGjhHJZHLV37eQhgdt4RDX42m1zPHcwBbZPbT6Mi8t7OWit0BR58onSGnq638Riw==
X-Received: by 10.28.52.195 with SMTP id b186mr11622142wma.40.1454334897785; Mon, 01 Feb 2016 05:54:57 -0800 (PST)
Received: from [172.24.249.34] (dyn32-131.checkpoint.com. [194.29.32.131]) by smtp.gmail.com with ESMTPSA id l194sm11665095wmb.14.2016.02.01.05.54.55 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 01 Feb 2016 05:54:55 -0800 (PST)
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Content-Type: multipart/signed; boundary="Apple-Mail=_6DF7B774-AB80-485F-A842-1F3DAB9D0A90"; protocol="application/pgp-signature"; micalg="pgp-sha256"
X-Pgp-Agent: GPGMail 2.6b2
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <87io28y3v7.fsf@latte.josefsson.org>
Date: Mon, 01 Feb 2016 15:54:53 +0200
Message-Id: <1B518FB3-0B4C-4836-BEBB-A19851E1B998@gmail.com>
References: <4A631584-C0F1-4AFC-A51D-155C34415413@isode.com> <87io28y3v7.fsf@latte.josefsson.org>
To: Simon Josefsson <simon@josefsson.org>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/lRVXLV58kn2K2XPMoNptOSMDh7U>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, Nevil Brownlee <rfc-ise@rfc-editor.org>
Subject: Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2016 13:55:01 -0000

> On 1 Feb 2016, at 3:09 PM, Simon Josefsson <simon@josefsson.org> wrote:
> 
> I believe that publishing the document below would conflict with ongoing
> work in the IETF to provide secure block ciphers that we can use on the
> Internet.  It is not in the best interest of the IETF nor the Internet
> at large to publish RFCs of national ciphers if there is no immediate
> desire to use them in Internet protocols.

Hi.

There definitely is a desire to use this cipher. True, all potential users come from the same country, but that should not be blocking.

As a vendor, we often get a request to provide an IPsec and/or TLS implementation with GOST ciphers, and this is the new GOST cipher.

OTOH there is no RFC describing AES either. We usually point to a NIST document. Similarly, there are GOST documents describing kuznyechik. They are even referenced by the draft. So I’m not sure what this draft is supposed to accomplish. Is it merely an English translation? Regardless, this is an algorithm that is going to be used on the Internet and documenting it is a good thing. I don’t see how this interferes with our goal or providing secure block and streamish ciphers.

Yoav

v2.23.0 | Report a Bug | By Email