Re: [Curdle] Which curves are MUST and SHOULD ?

"Mark D. Baushke" <mdb@juniper.net> Thu, 17 December 2020 19:35 UTC

Return-Path: <mdb@juniper.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A9C83A0EDE for <curdle@ietfa.amsl.com>; Thu, 17 Dec 2020 11:35:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=iTh7aQTj; dkim=pass (1024-bit key) header.d=juniper.net header.b=GvMu6Msh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5c_2ZRMjSWoH for <curdle@ietfa.amsl.com>; Thu, 17 Dec 2020 11:35:35 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EE793A0EDB for <curdle@ietf.org>; Thu, 17 Dec 2020 11:35:35 -0800 (PST)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0BHJVgY7013382; Thu, 17 Dec 2020 11:35:27 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : subject : in-reply-to : references : from : mime-version : content-type : content-transfer-encoding : date : message-id; s=PPS1017; bh=y7TKWHCTVpfU6X3Mg12/UcaVqpnP25t+CQqMOXzepmY=; b=iTh7aQTjbR1aRw871NHWfTxYdp6OJ5nsC69hB8fZJMU+419ZfYltUanDlkESqffv7ctJ RmoNbn2q/E/kVQYyXRzu7KkFnhx77SDYkO72XQXyfFY5lBG1MZcYFDWqPryFdKtftmR7 Jcz6zW6Zt2FZ6UB0MsINdPkiSvNvzRXfdIh8odbKjo2aeo6PuhFhlNJlRV8TP/ByMb/k iSzVqTafdv5Aj9QZ7u6RUudMTqxJG1pbo0gm2Yu0ZMqcTlBD6YafzE3aLjI4w1f9yA4R oAYkjCb6USElzrsalDQf4A7pDOcvqwZQkvwsiaIC0rW+tHn/Heee/DOOzPiaNAGMHrLn 5A==
Received: from nam10-bn7-obe.outbound.protection.outlook.com (mail-bn7nam10lp2103.outbound.protection.outlook.com [104.47.70.103]) by mx0b-00273201.pphosted.com with ESMTP id 35fqtn249n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 17 Dec 2020 11:35:27 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=muVC8hPhi1jZZ8Nn11jsrEKzQ0fqYi08mxTpEe0rNEfciXWLGF/C+dQfPV0UQUsAdVbPTBFSEqKGJ3+478iugKgmWhUjcjHm5IKupRnNXW+eS3QPbZxh69E3Kp8IHFFQ0CbJlswqb3iIAzu8a5m93BlxWx9ZEHX9iPNvMtWC3hxhNA3g0zNxWF8wW6qzJZ08INJh7Ra48jvxw6L5lM+xGfXKSdapDM6omrzDtgG+kGl2n/QprkRmWh+Y87YN0RKwXroAHdeqhrYpkipnLQ0WzIbFM0Noo5K2E9ytVSEWwrcVOUuAsQaD6S+cvuZgfcK0Yw170QfDTy5Jie8hFMR9rA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y7TKWHCTVpfU6X3Mg12/UcaVqpnP25t+CQqMOXzepmY=; b=Di362hnOtvyHr91+c4uV5oLJxAwKxo60VKZKGudCEl4Ap4OJPcEomZ+9Rcsr8Tgx3Db7VyXC3nQ3QM2M1vyj5tLrl3NtASpuXyCfHNs/kzp1Tm/Ryxl7w3WAFE4dr5XF8kzzMv7WB7Arndl/FS+AaykQZCAvespLafYlVNG9MtEHapIbBj759LhFce3SlSG+3v3c8sOZI0JOlyoBKw0G3vXWxs/RwONQfjsexn/M95Cz3U3FVeCszj5nioVm1ZzQZRoi5Uo7gqdbSHxxIXk6OrrZArXnWSReo8LV9l1saf6LLMlv8kxiaPEYVwDs3wktEy17GX7a7rzZM7Nb+pySrA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 66.129.239.12) smtp.rcpttodomain=timeheart.net smtp.mailfrom=juniper.net; dmarc=fail (p=reject sp=reject pct=100) action=oreject header.from=juniper.net; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y7TKWHCTVpfU6X3Mg12/UcaVqpnP25t+CQqMOXzepmY=; b=GvMu6MshUS8oHdAGG2iCNm16cshWyonHp3dlm3vm79DDT5zbM0xcAC66+DuAPT5NUezp8KoSSwEFe61vKp5CAVif3Hik0tey8qS5V/m0kXvKVaZXh7SU5MkpzFspECelZ3qRGxBpv7v0WqlsIVzjQvlSoISJGHDRChVbzIwsoD0=
Received: from MW4PR04CA0328.namprd04.prod.outlook.com (2603:10b6:303:82::33) by DM6PR05MB4218.namprd05.prod.outlook.com (2603:10b6:5:91::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3676.9; Thu, 17 Dec 2020 19:35:26 +0000
Received: from MW2NAM12FT060.eop-nam12.prod.protection.outlook.com (2603:10b6:303:82:cafe::dc) by MW4PR04CA0328.outlook.office365.com (2603:10b6:303:82::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.12 via Frontend Transport; Thu, 17 Dec 2020 19:35:26 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 66.129.239.12) smtp.mailfrom=juniper.net; timeheart.net; dkim=none (message not signed) header.d=none;timeheart.net; dmarc=fail action=oreject header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.12 as permitted sender)
Received: from P-EXFEND-EQX-01.jnpr.net (66.129.239.12) by MW2NAM12FT060.mail.protection.outlook.com (10.13.181.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3676.10 via Frontend Transport; Thu, 17 Dec 2020 19:35:25 +0000
Received: from P-EXBEND-EQX-01.jnpr.net (10.104.8.52) by P-EXFEND-EQX-01.jnpr.net (10.104.8.54) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 17 Dec 2020 11:35:17 -0800
Received: from p-mailhub01.juniper.net (10.104.20.6) by P-EXBEND-EQX-01.jnpr.net (10.104.8.52) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 17 Dec 2020 11:35:17 -0800
Received: from eng-mail03.juniper.net (eng-mail03.juniper.net [10.108.22.11]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id 0BHJZFQe008246; Thu, 17 Dec 2020 11:35:15 -0800 (envelope-from mdb@juniper.net)
Received: from eng-mail03 (localhost [127.0.0.1]) by eng-mail03.juniper.net (8.16.1/8.14.9) with ESMTP id 0BHJZTdG040888; Thu, 17 Dec 2020 11:35:29 -0800 (PST) (envelope-from mdb@juniper.net)
To: Ron Frederick <ronf@timeheart.net>
CC: "Salz, Rich" <rsalz@akamai.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, Curdle Mailing List <curdle@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, Daniel Migault <mglt.ietf@gmail.com>
In-Reply-To: <12959BD6-F3AB-418B-8CE0-C3BE43999435@timeheart.net>
References: <2CCABC30-F757-4659-9FF3-5AADDD51EE30@akamai.com> <4b681efd49274f03c7e0521e127e031426632ad0.camel@redhat.com> <CADZyTkk--kCWqE7q0Xi5C40V92MuZBktDzQGt_vPSZPiBy7v9w@mail.gmail.com> <18479.1606885358@eng-mail01.juniper.net> <20201205194724.GB64351@kduck.mit.edu> <37691.1607621661@eng-mail01.juniper.net> <1607647129866.76532@cs.auckland.ac.nz> <2917.1607672034@eng-mail01.juniper.net> <012AE120-2516-44F6-B729-ED342A137535@timeheart.net> <ED8F3B46-A5CC-4D14-A714-FD1C0AA67486@akamai.com> <12959BD6-F3AB-418B-8CE0-C3BE43999435@timeheart.net>
Comments: In-reply-to: Ron Frederick <ronf@timeheart.net> message dated "Tue, 15 Dec 2020 08:59:59 -0800."
From: "Mark D. Baushke" <mdb@juniper.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 17 Dec 2020 11:35:24 -0800
Message-ID: <40887.1608233724@eng-mail03>
X-EXCLAIMER-MD-CONFIG: e3cb0ff2-54e7-4646-8a04-0dae4ac7b136
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 661dc7ea-a8b6-407a-bd9c-08d8a2c2e711
X-MS-TrafficTypeDiagnostic: DM6PR05MB4218:
X-Microsoft-Antispam-PRVS: <DM6PR05MB4218C8FF72A94C46F76BC304BFC40@DM6PR05MB4218.namprd05.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: rbjA4BbJMgtDZ0qgGjKZfC9qyjCHjvpPBc/spcEhohVN+Q89DTz5noboCmKPxUKULt9/pWp6Ejzzav9kI1h28g4NleLn+UswrYcgiqniXV4yNSPlzqVy35MWOgDocYHjs0kdAJJGZzdzHEFhQG7lmFd1kXTVmR0Djdjs0KWw3ffD4I9NRyIgcQerrTliV+ILiNBEK5HqeLSBkGWwGM577oiZOnIpx9Rt9XOgjEU8jzqqG3rjrqiRbSKZXfAo1rFKQ4d94kJ4vCul318d2w7RLIVBxtzfAM1GOtJ24V03HFf0qyWJ0ViFMfWkySWTAKVSnwHW+0x/L8n//5mMPWmIU8fcp6PBp3aYfmIA1tuZQGh/8MgAOrgrp7nITgk3jAeIkNwLbFS6JZqTzmj0+KT8yKU3wMMiE96ciYKZK6TQeGT3+8gmCespw7s55N5kEKJPCcHlVIBOTFnc2wkvjnxTzA==
X-Forefront-Antispam-Report: CIP:66.129.239.12; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:P-EXFEND-EQX-01.jnpr.net; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(346002)(39860400002)(376002)(396003)(136003)(46966005)(6666004)(4326008)(83380400001)(54906003)(70206006)(8936002)(81166007)(336012)(33716001)(82310400003)(7126003)(6916009)(53546011)(2906002)(5660300002)(9686003)(8676002)(426003)(70586007)(356005)(26005)(478600001)(86362001)(186003)(82740400003)(316002)(47076004)(62816006); DIR:OUT; SFP:1102;
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Dec 2020 19:35:25.5920 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 661dc7ea-a8b6-407a-bd9c-08d8a2c2e711
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.12]; Helo=[P-EXFEND-EQX-01.jnpr.net]
X-MS-Exchange-CrossTenant-AuthSource: MW2NAM12FT060.eop-nam12.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB4218
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343, 18.0.737 definitions=2020-12-17_13:2020-12-17, 2020-12-17 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 adultscore=0 clxscore=1011 priorityscore=1501 mlxscore=0 lowpriorityscore=0 malwarescore=0 spamscore=0 bulkscore=0 suspectscore=0 phishscore=0 impostorscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012170131
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/fJVlKSs3F2nvwxWTfYNQG3izWs8>
Subject: Re: [Curdle] Which curves are MUST and SHOULD ?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Dec 2020 19:35:38 -0000

Ron Frederick <ronf@timeheart.net> writes:

> On Dec 15, 2020, at 8:09 AM, Salz, Rich <rsalz@akamai.com> wrote:
> >>   I’m not comfortable with algorithms going from REQUIRED to SHOULD NOT without some kind of transitional period. My suggestion would be to ease into this with SHOULD NOT for now. If you want to discuss BCP in this draft, perhaps that can be a separate section.
> >
> > We've done it before, MD5, short RSA/DH keys, etc.
> >
> > We shouldn't pretend that crypto-breaking advances haven't happened.
> >
> > Admins can make trade-offs anyway.

I am under the impression that the audience here is the maintainers of
SSHv2 software rather than the administrators that manage the sites
using it.

A "MUST NOT" recommendation would suggest that the code in support of
the particular entry could be deleted.

A "SHOULD NOT" recommendation would suggest that the code in support of
either be deleted or not available by default.

I do know of old hardware that implements only diffie-hellman-group1-sha1
(an embedded SunOS 5.8 running OpenSSH 3.4p1).

If you want an implementer to keep it around, then MAY is probably the
better alternative.

> Sorry, I meant not going to “MUST NOT” here. I’m good with “SHOULD
> NOT”, or perhaps even something stronger but qualified with the fact
> that ineroperability with older/slower devices should be considered.

Okay. so you would rather see the 1024-bit FFC prime used by
diffie-hellman-group1-sha1 with SHA1 moving from "MUST" to "SHOULD NOT"
rather than "MUST NOT".

What do other folks want for this one?

	Be safe, stay healthy,
	-- Mark