Re: [Curdle] Which curves are MUST and SHOULD ?

denis bider <denisbider.ietf@gmail.com> Fri, 11 December 2020 07:53 UTC

Return-Path: <denisbider.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26D663A07F5 for <curdle@ietfa.amsl.com>; Thu, 10 Dec 2020 23:53:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y9RIVTxg5mUY for <curdle@ietfa.amsl.com>; Thu, 10 Dec 2020 23:53:01 -0800 (PST)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EE4A3A074B for <curdle@ietf.org>; Thu, 10 Dec 2020 23:53:01 -0800 (PST)
Received: by mail-ot1-x334.google.com with SMTP id h18so7467008otq.12 for <curdle@ietf.org>; Thu, 10 Dec 2020 23:53:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RwO6lfjg5Atl26hCBiTNwHTmYv8BVk/ZHwyjaPLNCtc=; b=OxZxEhR98bLPR+cAGuXQyPg5751INYJMZVk6O3wQj5tx4U8mBi1qykdqsD2eklvDbW Z+wYv54Wcu3ADY4M3ZpJZnmztVNdtGmZE5FXia2Pz1kG0rGKlFoDTg85bepvjYS9EXZf 65KPp9jcwdYSjmiS5W+hB4qdel4eWT0GbMDbRfsv2FfWZcatIuwrom5jXgVCBfjybxp1 WevrFfPkL5UIdbrzaFCtFKLHKujbvGpLBgJN4p8v7xwCejiUYCFKbm7XqzIGJ6cdMdO0 DvbrqLoeXtJuuRdW3fWC1BxDxfWV2uRdevx9JnodeuwsttjpslgR0cLyw6SXwilLtwOZ QlDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RwO6lfjg5Atl26hCBiTNwHTmYv8BVk/ZHwyjaPLNCtc=; b=WZZPtAmXIbdbYNHsfWuVAUyUcsB9OHC+Hwc8xSCfUgFhj2yyZVUOA7UqObCvLcKMiv KxxjLdhEwEwFYE8F1MZ0iDGYD4XVQd1o4bfsXlwd7o4VsnQtkgz9nZAhz/+OUgWloCub bjxjeJBsX8Sws94gaRxLY/pNaxFLNo1hn2r8PhSIWnDocaa/Cl8EosBStHnU2TyNrEdg dOqHeTAkHx7Uw1gzALIohjmXcFhTTRtGOjWUQkZ9MGSNDrStYjEWCYA+YQKoHdgywymt V3RcO4IKo7rTgk8RHqkggemZ+IDeEzLikzJZRYeJlRhidQIYyC8HcdPKWY+UJ4XhVRLz zsUg==
X-Gm-Message-State: AOAM532dkD2CwbG3Lz+PcL8GpjfJTx3aVgTGjrG3z2zzBNWbt0juQ5uw kW5nAAPTKG7FOWA44Ogr9SxHe0keYM5c8Wg1YnE=
X-Google-Smtp-Source: ABdhPJwznnuyuPpDpd5h3mXBY1uXVDoTFrvdkbwh7xzkL4Y9NpW3Kvw+/2l/HEJ/ffUs2z2FnSC4e+HibzgyA+lmrG8=
X-Received: by 2002:a05:6830:1e22:: with SMTP id t2mr8751209otr.85.1607673180685; Thu, 10 Dec 2020 23:53:00 -0800 (PST)
MIME-Version: 1.0
References: <2CCABC30-F757-4659-9FF3-5AADDD51EE30@akamai.com> <4b681efd49274f03c7e0521e127e031426632ad0.camel@redhat.com> <CADZyTkk--kCWqE7q0Xi5C40V92MuZBktDzQGt_vPSZPiBy7v9w@mail.gmail.com> <18479.1606885358@eng-mail01.juniper.net> <20201205194724.GB64351@kduck.mit.edu> <37691.1607621661@eng-mail01.juniper.net> <1607647129866.76532@cs.auckland.ac.nz>
In-Reply-To: <1607647129866.76532@cs.auckland.ac.nz>
From: denis bider <denisbider.ietf@gmail.com>
Date: Fri, 11 Dec 2020 01:52:49 -0600
Message-ID: <CADPMZDD1XQzEosJEtATknJ4rr=HAe3DtqUDEfvwPBpJy9ac+dQ@mail.gmail.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: "Mark D. Baushke" <mdb=40juniper.net@dmarc.ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, Rich Salz <rsalz@akamai.com>, Curdle Mailing List <curdle@ietf.org>, Daniel Migault <mglt.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000d9893d05b62b9462"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/zOFXHJKxc6rPheZQP5lp_XpotUM>
Subject: Re: [Curdle] Which curves are MUST and SHOULD ?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2020 07:53:04 -0000

The "group exchange" algorithm only negotiates group size, the actual group
parameters are not negotiated but simply dictated by the server. Servers
frequently generate groups which clients can't necessarily use,
specifically groups that fail FIPS tests. Therefore, the group exchange
algorithms are a major compatibility issue, in addition to that this one
also uses SHA-1.

On Thu, Dec 10, 2020 at 6:39 PM Peter Gutmann <pgut001@cs.auckland.ac.nz>
wrote:

> Mark D. Baushke <mdb=40juniper.net@dmarc.ietf.org> writes:
>
> >MAY diffie-hellman-group14-sha1
> >SHOULD NOT diffie-hellman-group-exchange-sha1
>
> Just wondering why the hardcoded group is MAY but the negotiated, and
> probably
> more secure, group is SHOULD NOT?  Is it because lots of legacy stuff will
> only do the hardcoded group?
>
> Peter.
>
>
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
>