Re: [Curdle] Which curves are MUST and SHOULD ?
"Mark D. Baushke" <mdb@juniper.net> Wed, 02 December 2020 05:02 UTC
Return-Path: <mdb@juniper.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32D283A0FF8 for <curdle@ietfa.amsl.com>; Tue, 1 Dec 2020 21:02:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=hhroGdBv; dkim=pass (1024-bit key) header.d=juniper.net header.b=ZKwtx80A
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cUrUV9KYkjMH for <curdle@ietfa.amsl.com>; Tue, 1 Dec 2020 21:02:47 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F2353A0FF6 for <curdle@ietf.org>; Tue, 1 Dec 2020 21:02:46 -0800 (PST)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0B24tNBx016667; Tue, 1 Dec 2020 21:02:44 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : subject : in-reply-to : references : from : mime-version : content-type : content-id : date : message-id; s=PPS1017; bh=DDhj0pN4irfT7ChLeypDcfw2Q0RgerdsW7BDje8j9pE=; b=hhroGdBvNLHskJOh/C6X7RQNfdsrYYY4p3IAqV2JKJllBtumHlLkaYk43q16OL72N8sp GT/2BGiS8RaTaWl2geb15WuIec4USKRnUb5ieetaYiUWnSTbb6hV8LJLAnakPolJAXR2 ANyigH2uLh1pMKPR7h+6zFjetrPluBEvQJCG/VC9K7GlQKU754lrkD68jZxm85/VlINV +ub4N+TN6xjkTWdZqYaZZe2dXYHFKpZiFKD5jAt3q1bWxPjyIqOSN81RlR6ocv0o+nEU tXeyEF4jNwCCPmqGZ9RGcN/zX0LDsc4Q3pBALDOSF0mJSTNtKjGRxoBzlhqTl0Vj05Fx gA==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2100.outbound.protection.outlook.com [104.47.58.100]) by mx0a-00273201.pphosted.com with ESMTP id 355vjd8ttd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 01 Dec 2020 21:02:44 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DNP+aFDpOHqZqR4Four9FnbDI2U2I/4SLigGOtA3TbVE4Nwv/F3Yes+Gbp1SmyX00m0yyV+xogcrPdMWmUStNuvpYF2GWCptbDNNHnETs/VpUF3nqZdV5MyFGJygDCOT9QKCC0XTZZGp+AzVfxQTh0HskOtAAqruHWJUfhfl4r7aU7KKkTIUpEDyhbW7ckngCsVSRLMbn6KNnaIbftIfUbIBhRTBNGseZ+ZGbTZYyNJasjU9aq/R89TvQlH9c1osXgnqaQizKrTUqMp5aJIaZDkkUfFuBkHXnTnPzp2Uw9+/RtI7BMmL1LIi8t9WDvmSr4z3M08fABznCz/n+H83AQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DDhj0pN4irfT7ChLeypDcfw2Q0RgerdsW7BDje8j9pE=; b=LEBkgmoJECaUQYDks5sonPnjv5S7orZT0YrtXtEq9u1rUxjpNIQwWPoX+/eHxruc4KZFWaC3yJ18UiPrm2hISUDxHh83Nh8fSJJwbnUnfzkjYTgX1V6Eq4P5LAE+96f1lxlS7ZQdvsW7/+WAb6Ic8SMIa+DPw5XYLjT+iDsOAu6PD4cGN0oeILFu4D8teIadHXlmyOz4z3FaPtHJsXmmIfPeMV8iBY2hCCXwn0Bx1ymeWDBjHIKQLit1qqYmATPttRe0jRFjsXZPKSTEaBMPmFCpUEh6GKvffwtwfN5bEOAevVLF5iWV7s3UDIpgRGKlIwf1QGoPhuAru3qAVeBcXA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 66.129.239.12) smtp.rcpttodomain=gmail.com smtp.mailfrom=juniper.net; dmarc=fail (p=reject sp=reject pct=100) action=oreject header.from=juniper.net; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DDhj0pN4irfT7ChLeypDcfw2Q0RgerdsW7BDje8j9pE=; b=ZKwtx80AeGdsK2hwMYVHc9Jxk6sZT2otOaXYOsmQks/BXvLWempHhL+z+yx4sDkJYl34lZNw1ZyzcKLvwHpl27DHgmwah4Cm/DuoggUwapU5JYc++9ZsrU19sx+dfGmmgr9OjReiy84fyELWuNA+NfAl6nscBw8yZ85e7MhtDWE=
Received: from DM3PR12CA0137.namprd12.prod.outlook.com (2603:10b6:0:51::33) by MWHPR0501MB3706.namprd05.prod.outlook.com (2603:10b6:301:7e::38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.16; Wed, 2 Dec 2020 05:02:41 +0000
Received: from DM6NAM12FT058.eop-nam12.prod.protection.outlook.com (2603:10b6:0:51:cafe::a) by DM3PR12CA0137.outlook.office365.com (2603:10b6:0:51::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.17 via Frontend Transport; Wed, 2 Dec 2020 05:02:41 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 66.129.239.12) smtp.mailfrom=juniper.net; gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=fail action=oreject header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.12 as permitted sender)
Received: from P-EXFEND-EQX-01.jnpr.net (66.129.239.12) by DM6NAM12FT058.mail.protection.outlook.com (10.13.179.205) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3589.12 via Frontend Transport; Wed, 2 Dec 2020 05:02:40 +0000
Received: from P-EXBEND-EQX-01.jnpr.net (10.104.8.52) by P-EXFEND-EQX-01.jnpr.net (10.104.8.54) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 21:02:39 -0800
Received: from p-mailhub01.juniper.net (10.104.20.6) by P-EXBEND-EQX-01.jnpr.net (10.104.8.52) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 1 Dec 2020 21:02:39 -0800
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [10.108.17.159]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id 0B252cet030564; Tue, 1 Dec 2020 21:02:38 -0800 (envelope-from mdb@juniper.net)
To: Daniel Migault <mglt.ietf@gmail.com>, Rich Salz <rsalz@akamai.com>
CC: Curdle Mailing List <curdle@ietf.org>
In-Reply-To: <CADZyTkk--kCWqE7q0Xi5C40V92MuZBktDzQGt_vPSZPiBy7v9w@mail.gmail.com>
References: <2CCABC30-F757-4659-9FF3-5AADDD51EE30@akamai.com> <4b681efd49274f03c7e0521e127e031426632ad0.camel@redhat.com> <CADZyTkk--kCWqE7q0Xi5C40V92MuZBktDzQGt_vPSZPiBy7v9w@mail.gmail.com>
Comments: In-reply-to: Daniel Migault <mglt.ietf@gmail.com> message dated "Tue, 01 Dec 2020 21:37:43 -0500."
From: "Mark D. Baushke" <mdb@juniper.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <18476.1606885358.1@eng-mail01.juniper.net>
Date: Tue, 01 Dec 2020 21:02:38 -0800
Message-ID: <18479.1606885358@eng-mail01.juniper.net>
X-EXCLAIMER-MD-CONFIG: e3cb0ff2-54e7-4646-8a04-0dae4ac7b136
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 5791e418-e9ec-4048-04ee-08d8967f7f1b
X-MS-TrafficTypeDiagnostic: MWHPR0501MB3706:
X-Microsoft-Antispam-PRVS: <MWHPR0501MB37069C6F4AE6C66894A76F67BFF30@MWHPR0501MB3706.namprd05.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: zhCWyikA8rFVpOOB1Yba9R1Fp7G0GCBJZ5q0oHwNuijIQQNUkTcWuQ9cjE57BgEWiMBn9G0U7xQKcfnA4mmaocsZ1aSJikg/i4XLTRnRlv/dCd7T3zU6uUhMDAySSYuh249EhFxu3OXGwingrr85Twn8kOm7EICXHEoQWUJ6eMKalB+zRpxJ43mAegf03VupthBlRa+Ersuna1fHr20Z4cgRC88NvxhY9CNoZ6LUBcO0EAuY26A0rUzdxZxKlIn3dBa5nHyYa4yHAmEXqRdAY/mlbc+Ac1ZiBjO2Mek90uprLP4wuA3Bc9v4JjWW+g8r7Kbk0ssQkYhHnK/uGvrJjGVIIPUpjYLozJuRgebijW5e49+OwAJ3zrHPVO0s+XQ85A0ptItD3YR6W32LghlmHXfnyCsSq8Sb9EY4egxzhlQ+Ka8FugQbhcgvDE+7leYjN2YtfrbpX8BeR0DwJtr0Q7GIVRjviukSMo2CeV6JnhrdMxY8MfhjitCcSpi0F8ptSubRazQpVvIAhDFn/WWbzzImnHdVS+3FxSwi3OBjrh0=
X-Forefront-Antispam-Report: CIP:66.129.239.12; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:P-EXFEND-EQX-01.jnpr.net; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(376002)(136003)(346002)(39860400002)(396003)(46966005)(47076004)(70586007)(34020700004)(70206006)(81166007)(356005)(82740400003)(110136005)(316002)(966005)(478600001)(82310400003)(5660300002)(4326008)(83080400002)(86362001)(7696005)(8936002)(186003)(2906002)(26005)(426003)(336012)(8676002); DIR:OUT; SFP:1102;
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Dec 2020 05:02:40.9076 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5791e418-e9ec-4048-04ee-08d8967f7f1b
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.12]; Helo=[P-EXFEND-EQX-01.jnpr.net]
X-MS-Exchange-CrossTenant-AuthSource: DM6NAM12FT058.eop-nam12.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR0501MB3706
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-12-01_12:2020-11-30, 2020-12-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 spamscore=0 priorityscore=1501 mlxlogscore=999 bulkscore=0 clxscore=1011 mlxscore=0 adultscore=0 lowpriorityscore=0 phishscore=0 suspectscore=0 impostorscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012020030
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/3OHCVwkrlneNkCek51eJ7gaxpFE>
Subject: Re: [Curdle] Which curves are MUST and SHOULD ?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 05:02:49 -0000
Hi Folks, Daniel Migault <mglt.ietf@gmail.com> writes: > I think the reason for SHOULD is to let time for implementations to > integrate it, Yes. > but since that is already the case I agree we can have it to MUST. Actually, I am aware of only ten implementations that have support for curve25519-sha256 ... if you know of more, please let me know. > This also aligns with recommended modern TLS profile from mozilla. Is there an Informative Reference I should add to this draft to reference the TLS profile? Looking at this URL: https://ssh-comparison.quendi.de/comparison/kex.html (which I suspect does NOT include all SSH implementations some of which are commercial). I will note that the count of SSH implementations in support Key Exchange algorithms and is not entirely relevant to this IETF Draft given the intent of the draft is to increase the implementations that support the SHOULD algorithms. My primary intent for this draft is to deprecate 'weak' key exchanges and to try to promote at least one new Mandatory to Implement algorithm as well as provide guidance from this community as to which key exchanges are desirable for implementors to converge on using. It is my hope that the 'best' key exchanges for each of FFC and ECC and IFC algorithms. I fully expect this RFC to be replaced in a few years as techniques to attach the key exchanges in this draft are found to be weak or vulnerable. Count Key exchange 45 diffie-hellman-group1-sha1 44 diffie-hellman-group14-sha1 38 diffie-hellman-group-exchange-sha1 35 diffie-hellman-group-exchange-sha256 30 ecdh-sha2-nistp256 25 ecdh-sha2-nistp521 25 ecdh-sha2-nistp384 14 curve25519-sha256@libssh.org 10 diffie-hellman-group14-sha256 10 curve25519-sha256 9 diffie-hellman-group16-sha512 7 diffie-hellman-group18-sha512 5 rsa2048-sha256 5 rsa1024-sha1 4 gss-gex-sha1-* 4 ext-info-c 4 diffie-hellman-group15-sha512 3 gss-group14-sha1-* 3 gss-group1-sha1-* 3 ecdh-sha2-1.3.132.0.10 (this is the ansip256k1 curve) 3 diffie-hellman-group17-sha512 3 diffie-hellman-group16-sha256 3 diffie-hellman-group15-sha256 3 curve448-sha512 2 diffie-hellman-group18-sha512@ssh.com 2 diffie-hellman-group16-sha512@ssh.com 2 diffie-hellman-group16-sha384@ssh.com 2 diffie-hellman-group15-sha384@ssh.com 2 diffie-hellman-group15-sha256@ssh.com 2 diffie-hellman-group14-sha256@ssh.com 1 kexguess2@matt.ucc.asn.au 1 gss-nistp521-sha512-* 1 gss-nistp384-sha256-* 1 gss-nistp256-sha256-* 1 gss-group18-sha512-* 1 gss-group17-sha512-* 1 gss-group16-sha512-* 1 gss-group15-sha512-* 1 gss-group14-sha256-* 1 gss-gex-sha256-* 1 gss-curve448-sha512-* 1 gss-curve25519-sha256-* 1 gss-13.3.132.0.10-sha256-* 1 ext-info-s 1 diffie-hellman-group14-sha224@ssh.com 1 diffie-hellman-group-exchange-sha512@ssh.com 1 diffie-hellman-group-exchange-sha384@ssh.com 1 diffie-hellman-group-exchange-sha224@ssh.com 0 ecmqv-sha2 Of course, this draft will NOT be listing the 'private' @domain.name exchanges. Be safe, stay healthy, -- Mark
- [Curdle] Which curves are MUST and SHOULD ? Salz, Rich
- Re: [Curdle] Which curves are MUST and SHOULD ? Loganaden Velvindron
- Re: [Curdle] Which curves are MUST and SHOULD ? Simo Sorce
- Re: [Curdle] Which curves are MUST and SHOULD ? Daniel Migault
- Re: [Curdle] Which curves are MUST and SHOULD ? Mark D. Baushke
- Re: [Curdle] Which curves are MUST and SHOULD ? Benjamin Kaduk
- Re: [Curdle] Which curves are MUST and SHOULD ? Mark D. Baushke
- Re: [Curdle] Which curves are MUST and SHOULD ? Peter Gutmann
- Re: [Curdle] Which curves are MUST and SHOULD ? Ron Frederick
- Re: [Curdle] Which curves are MUST and SHOULD ? Mark D. Baushke
- Re: [Curdle] Which curves are MUST and SHOULD ? denis bider
- Re: [Curdle] Which curves are MUST and SHOULD ? Ron Frederick
- Re: [Curdle] Which curves are MUST and SHOULD ? Salz, Rich
- Re: [Curdle] Which curves are MUST and SHOULD ? Ron Frederick
- Re: [Curdle] Which curves are MUST and SHOULD ? Mark D. Baushke
- Re: [Curdle] Which curves are MUST and SHOULD ? Hubert Kario
- Re: [Curdle] Which curves are MUST and SHOULD ? Mark D. Baushke
- Re: [Curdle] Which curves are MUST and SHOULD ? Daniel Migault
- Re: [Curdle] Which curves are MUST and SHOULD ? Simo Sorce
- Re: [Curdle] Which curves are MUST and SHOULD ? Mark D. Baushke
- Re: [Curdle] Which curves are MUST and SHOULD ? Ron Frederick
- Re: [Curdle] Which curves are MUST and SHOULD ? Ron Frederick
- Re: [Curdle] Which curves are MUST and SHOULD ? denis bider
- Re: [Curdle] Which curves are MUST and SHOULD ? denis bider
- Re: [Curdle] Which curves are MUST and SHOULD ? Hubert Kario
- Re: [Curdle] Which curves are MUST and SHOULD ? Simo Sorce
- Re: [Curdle] Which curves are MUST and SHOULD ? denis bider
- [Curdle] Straw Poll still in progress for draft-i… Mark D. Baushke
- Re: [Curdle] Straw Poll still in progress for dra… denis bider
- Re: [Curdle] Straw Poll still in progress for dra… Daniel Migault
- Re: [Curdle] Straw Poll still in progress for dra… Mark D. Baushke
- Re: [Curdle] Straw Poll still in progress for dra… Loganaden Velvindron
- Re: [Curdle] Straw Poll still in progress for dra… Mark D. Baushke