Re: [DNSOP] [saag] code points for brainpool curves for DNSSEC
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 09 December 2015 21:42 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBD8F1B2E18; Wed, 9 Dec 2015 13:42:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YYx9eLQgr5iF; Wed, 9 Dec 2015 13:42:02 -0800 (PST)
Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FE2E1B2E1B; Wed, 9 Dec 2015 13:42:01 -0800 (PST)
Received: by lbpu9 with SMTP id u9so38288690lbp.2; Wed, 09 Dec 2015 13:41:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=1XKaVUIvW0jvU0X8xFgIC4Fk9AKBggDj8DHgCtUNHww=; b=ayXMOzp+FuSNEw8402UmbtBSCaVq6qNxI2Uqdu4LRYsuJ/055s0EY/CJwoL6qHJGcy ZtPCLcHzsnM+xz0pSh8NW2f3af2UbNgiYU9Y8eB9QneMeYk2Bg0nr6FtCKNS3/zQnnTK kIvInLTMyiYdpQdHexmbEblCKgrWMeM8wfiiG4jmj6zxSqrEB3cCGttqDu8squazcBwc ohUUrLZ6byuoPjSaQJFX33oOd5NAvF6XOnRTCLu6ovyEVr7quEEhir0Y4Bxwp20ouS7T GVL9yFoy2dgNeVx05BPzT5gp1wWfFCu3RvY1kkq8dnP1oe7MPtPi/KioDkwdmJVVvGvq vviQ==
MIME-Version: 1.0
X-Received: by 10.112.182.8 with SMTP id ea8mr3551829lbc.114.1449697319726; Wed, 09 Dec 2015 13:41:59 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.1.227 with HTTP; Wed, 9 Dec 2015 13:41:59 -0800 (PST)
In-Reply-To: <56686C32.6090400@cs.tcd.ie>
References: <56686C32.6090400@cs.tcd.ie>
Date: Wed, 09 Dec 2015 16:41:59 -0500
X-Google-Sender-Auth: IzXVcHPLh7qbKiA86bqRa-2g8y4
Message-ID: <CAMm+LwgH9aROynttnvdQ8HNAf0ajRDZL5f-p8UiUcnVJKvs32A@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "dnsop@ietf.org" <dnsop@ietf.org>, curdle@ietf.org
Content-Type: multipart/alternative; boundary="001a11c37320c6392d05267df5ea"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/GhwFair0vpVsQWNi2Suf7VcqQiU>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [DNSOP] [saag] code points for brainpool curves for DNSSEC
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2015 21:42:04 -0000
Objections so far * The approach is dated (not fast prime rigid) and the randomness isn't established to be rigid. * DNSSEC requires a single algorithm for interop * The code points are 8 bit and thus scarce * We should do Curdle first. I am opposed to Brainpool for all the above and in addition, I am opposed because the biggest problem with ECC has been too many choices. If people are given one choice, they will do it. If they have two then they will probably do both. With ECC we were given 16 choices by NIST and then the same again from Brainpool and a few other folks. So what a lot of people did was to conclude ECC wasn't mature enough to implement right now and adopted a wait-and-see approach. Brainpool was a good idea at the time it was proposed but the world moved on and the effort is counterproductive now. Since ACME and Lets Encrypt have been proposed, we can hopefully get away from the bogus idea that the mission of DNSSEC was 'free' certs. The utility of DNSSEC lies in being able to sign and distribute security policy information so that applications can achieve 'secure on first contact' security rather than 'secure after first contact'. For that to work, DNSSEC has to be using the same set of algorithms that the applications are using. The other area we might potentially leverage DNSSEC is to allow encryption of the initial exchange in a TLS/2 by putting a 'host key' in the DNS. This would allow the SNI and certificate exchanges to be encrypted. For this to be practical, DNSSEC and TLS have to converge on the same algorithm and curve.
- [DNSOP] Fwd: code points for brainpool curves for… Stephen Farrell
- Re: [DNSOP] [saag] code points for brainpool curv… Phillip Hallam-Baker
- Re: [DNSOP] Fwd: code points for brainpool curves… Ólafur Guðmundsson
- Re: [DNSOP] code points for brainpool curves for … Patrik Fältström
- [DNSOP] Fwd: Re: [saag] code points for brainpool… Stephen Farrell
- Re: [DNSOP] Fwd: Re: [saag] code points for brain… Edward Lewis
- Re: [DNSOP] Fwd: Re: [saag] code points for brain… Edward Lewis