IETF Logo Mail Archive

Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik

"Dan Harkins" <dharkins@lounge.org> Thu, 04 February 2016 21:55 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 269301B2A28 for <cfrg@ietfa.amsl.com>; Thu, 4 Feb 2016 13:55:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.867
X-Spam-Level:
X-Spam-Status: No, score=-3.867 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1YE2z2QiH-9Q for <cfrg@ietfa.amsl.com>; Thu, 4 Feb 2016 13:55:15 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 13F831B2A29 for <cfrg@irtf.org>; Thu, 4 Feb 2016 13:55:15 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id DDDF410224008; Thu, 4 Feb 2016 13:55:13 -0800 (PST)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 4 Feb 2016 13:55:14 -0800 (PST)
Message-ID: <ccbc261634de216a24657137ccc62f48.squirrel@www.trepanning.net>
In-Reply-To: <CACsn0c=OcJP6jzne9hHp67U6ZVpBssK1y=4zu1UW8+V=brUF0w@mail.gmail.com>
References: <4A631584-C0F1-4AFC-A51D-155C34415413@isode.com> <D2D64C5B.61B8F%kenny.paterson@rhul.ac.uk> <CADqLbz+b-YQ10d6d5_GHN+r7ETWobQgq+skPyXQSdUGG1dBDqQ@mail.gmail.com> <CACsn0c=ErkJLja7QUbA06V7vH-KPR_MpTcPhPyrKfyV02bxq-w@mail.gmail.com> <D2D65F65.266E2%uri@ll.mit.edu> <87a8nix2od.fsf@latte.josefsson.org> <D2D68F83.26762%uri@ll.mit.edu> <871t8uw0sb.fsf@latte.josefsson.org> <D2D78DD6.2680E%uri@ll.mit.edu> <b0a5edfea0df3670d5526d488dc731d1.squirrel@www.trepanning.net> <CACsn0c=OcJP6jzne9hHp67U6ZVpBssK1y=4zu1UW8+V=brUF0w@mail.gmail.com>
Date: Thu, 04 Feb 2016 13:55:14 -0800
From: Dan Harkins <dharkins@lounge.org>
To: Watson Ladd <watsonbladd@gmail.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/sguaXUAIUIRfQ1u-H63wssd-hp0>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Feb 2016 21:55:18 -0000

On Thu, February 4, 2016 11:00 am, Watson Ladd wrote:
> On Feb 4, 2016 9:18 AM, "Dan Harkins" <dharkins@lounge.org> wrote:
>>
>> On Wed, February 3, 2016 8:09 am, Blumenthal, Uri - 0553 - MITLL wrote:
>> > On 2/3/16, 5:23 , "Simon Josefsson" <simon@josefsson.org> wrote:
>> >
>> >>   The cryptographic algorithms specified in this Standard are
>> designed
>> >>   both for hardware and software implementation.  They comply with
>> >>   modern cryptographic requirements, and put no restrictions on the
>> >>   confidentiality level of the protected information.
>> >>
>> >>   The Standard applies to developing, operation, and modernization of
>> >>   the information systems of various purposes.
>> >>
>> >>To me this suggests broad applicability.
>> >
>> > Frankly, I don't see why "it" (those other-than-AES algorithms)
>> > shouldn't
>> > be "broadly applicable". AES is mandatory to implement to provide
>> > interoperability. There's nothing inherently holy about it. If two
>> > communicating entities (which both must have AES support to be
> compliant)
>> > happened to implement, e.g., Camellia, and want to communicate using
>> it
> -
>> > it's not my business (and not your business) to tell them not to.
>>
>>   Amen! Agree. +1 and all that.
>
> Is that what actually happens? Or do administrators and programmers have
> no
> clue about which primitives are secure, and assume that the protocols will
> provide security no matter how configured? We can also add in the disaster
> that is the usual API for using these standards, thanks to all the
> complexity that implementations feel a need to offer.

  I'm sure you can find anecdotal evidence that runs the gamut of
experience and clue.

> We got very badly bitten by making experimental RFCs for MD5 and RC4.
> Negotiation of options has only recently been analyzed and is still
> something of a dark art, despite wide consensus ylthst it is necessary.

  As the author of RFC 2409 I know all about the problems with options.
You can negotiate the Tiger hash function in IKE. Why? No reason at all!
There are 2 kinds of authentication using public key encryption that
can be negotiated in IKE. Why? Long, ugly, story. Options... ugh.

> We probably shouldn't endorse NONE, and probably should seek out more
> review of ciphers are are considering adopting, especially if it is an AES
> lookalike.

  That's the thing, we're not "endorsing" anything. There is no imprimatur
of the IETF, or the CFRG, to this publication. As Uri noted, it is none
of our business if two people want to use a non-MTI cipher to communicate
to each other.

  Dan.

v2.23.0 | Report a Bug | By Email