IETF Logo Mail Archive

Re: [Curdle] Some work for the group

Phillip Hallam-Baker <phill@hallambaker.com> Fri, 09 December 2016 02:18 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64256129616 for <curdle@ietfa.amsl.com>; Thu, 8 Dec 2016 18:18:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G_RPPCVPHUPh for <curdle@ietfa.amsl.com>; Thu, 8 Dec 2016 18:18:41 -0800 (PST)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EF69129619 for <curdle@ietf.org>; Thu, 8 Dec 2016 18:18:41 -0800 (PST)
Received: by mail-wm0-x234.google.com with SMTP id a197so6089093wmd.0 for <curdle@ietf.org>; Thu, 08 Dec 2016 18:18:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=jJTw7JLq8fd2NhckupHazh1rc0DmGpgaN2eerdPjENE=; b=E+XESrbahJJmpKh+7zyRCrvzwK3EQ5dYDXOkSLMiXG4qZzBI4YHZLv9iZN6PLCkpcV mltHch9qsTyH/7LttV/KBvu/QsNXAJt9QzUOk3Ou+W6kBEfkQJkMCgWdrzhn4jgKnBz2 sCLH9zgegHyuKlKwrYXzlmc6bWiM/kvfMBV8pKDU1heUxROruUkNE7vFKTibMtJdXFFi CpamzVmDkuEr0i7D8WRkryFLgq3TeiOpXwX/iKboNqGreA0R4JHqft5VNAg+avoh/UMo v4ghnAukdTgeUKGXooG0nuHAcH5u/pEVmU61lihEP+ZTdIvNydFyhFLS/zKc4FbG25uR f2oA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=jJTw7JLq8fd2NhckupHazh1rc0DmGpgaN2eerdPjENE=; b=AdS0XlrJ88jgrFXqYWpZC8IpmVlFwE6YxI3uyc4F0f7SmKB1EF5LBCSbqRiFnpn+SU QKqWQMufcAjMtskljO0iXgEAgYMLUJfOMSqIWDl3KOGD9Ar6OMf5xZy+IDZKhzQE/cDD hgwAIWmtfasQlDuDNaVz88HAuRGnnspQrlgxMGoxWHEzYC4IECF6tcN0mKYAHx5B5FAH EWvnEuuc29TM/eN/zd0leZiF4cNuDnE3EP2uX9gDvoRNg5hs03KnTUrkb56H0HXUIvxF vae6H1qMRokYct3uAnaRdHME70Kah0QymTmceAwyGgh8TyyxoFgUWChinn6oXmto6Lgg QlgQ==
X-Gm-Message-State: AKaTC03hn4JvINpQpZ1o5wAORwd5VKT6EOJYA90LtIOXP+YfxwQQ5TO7A2v8urA77vXTJcwnvKsyEtvj2oeyVA==
X-Received: by 10.28.218.129 with SMTP id r123mr4291919wmg.137.1481249919606; Thu, 08 Dec 2016 18:18:39 -0800 (PST)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.194.83.101 with HTTP; Thu, 8 Dec 2016 18:18:38 -0800 (PST)
In-Reply-To: <ada1784daf4349afae3ec29414bb4444@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <ada1784daf4349afae3ec29414bb4444@usma1ex-dag1mb1.msg.corp.akamai.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 08 Dec 2016 21:18:38 -0500
X-Google-Sender-Auth: D34i0oFv7DWE5T7KAFZiXc5WNXs
Message-ID: <CAMm+LwjfkAg=mw6yME3uXYfkZ5V6C+Q8s_+s==UVX07mCUNqCw@mail.gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: multipart/alternative; boundary="001a114697bc4829fc0543305f6e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/rtxNTAP6zjGNDsdD7OD3L_I7VHE>
Cc: "curdle@ietf.org" <curdle@ietf.org>
Subject: Re: [Curdle] Some work for the group
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Dec 2016 02:18:45 -0000

I don't much care from a CA point of view unless there is going to be
difficult getting the hardware we need to implement the signatures. Since
that hardware does not currently exist and since we would assume that any
suppliers would make sure they support the required mode, I doubt that will
be an issue.

There is a modest efficiency hit.

As far as making the system more robust goes, we are going to have to drop
SHA-2 if there is any significant compromise regardless of whether this
detail makes an exploit infeasible. It is far more expensive to explain why
faulty algorithms are safe than to switch to a safe one.

We are not shutting down use of SHA-1 because there is a real risk of a
bogus cert being generated by a competent CA. The security justification
such as it is is that the system should be fail safe and require at least
two failures before a catastrophe.

What the collision resistance property does provide is a cushion that makes
a compromise during the transition highly unlikely. And given the refusal
to consider issue of code points for SHA-3, we will probably need quite a
cushion.



On Thu, Dec 8, 2016 at 7:23 PM, Salz, Rich <rsalz@akamai.com> wrote:

> Hi there!
>
>
>
> We are looking for feedback on the following items, my memory spurred by
> the draft minutes found here:  https://datatracker.ietf.org/
> doc/minutes-97-curdle/
>
>
>
> Please review the minutes by the end of the month.  Speak up on the list
> if anything’s wrong.  Thanks to Ben Kaduk for taking them.
>
>
>
> Has anyone (besides Kyle Rose) reviewed curdle-rsa-sha2 ?  Are we ready
> for WGLC?  Please respond within a week.
>
>
>
> The text in draft-ietf-curdle-pkix says CA’s MUST NOT use pre-hash version
> of signatures.  Does anyone object to this?  There is a mention of the
> trade-offs in doing that at the end of section 5.  Please respond within a
> week.
>
>
>
> curdle-ssh-ext-info, curdle-ssh-kex-sha2, curdle-ssh-modp-dh-sha2
>
> Has anyone read these?  Will one or more people commit to doing so within
> a week?  (Commit, not actually read)
>
>
>
> Contexts – has anyone got a use for signature contexts? See the minutes.
> If you’re opposed to the (slight) consensus, speak up.
>
>
>
> Thanks.
>
>
>
> --
>
> Senior Architect, Akamai Technologies
>
> Member, OpenSSL Dev Team
>
> IM: richsalz@jabber.at Twitter: RichSalz
>
>
>
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
>
>

v2.23.0 | Report a Bug | By Email