IETF Logo Mail Archive

Re: WG Review: CURves, Deprecating and a Little more Encryption (curdle)

Phillip Hallam-Baker <phill@hallambaker.com> Mon, 07 December 2015 20:53 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57C961A882B for <ietf@ietfa.amsl.com>; Mon, 7 Dec 2015 12:53:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z0GWTdHsM8Ks for <ietf@ietfa.amsl.com>; Mon, 7 Dec 2015 12:53:24 -0800 (PST)
Received: from mail-lf0-x22b.google.com (mail-lf0-x22b.google.com [IPv6:2a00:1450:4010:c07::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A39F51A87A4 for <ietf@ietf.org>; Mon, 7 Dec 2015 12:53:23 -0800 (PST)
Received: by lffu14 with SMTP id u14so150063442lff.1 for <ietf@ietf.org>; Mon, 07 Dec 2015 12:53:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=YkOLYzDtQnRMAFs70M7DwmbpTvU8qnseE7m4Xrh90n8=; b=eeqk3quj4casmvB72JvQgPU2ljI97Kd+WdtrfST/RtFG56cmUbuRHfFhvoNCXGEq1a aSmqp0rOxqlHpfnsOuiIlCHKviEZsIVxcBo4QmP0u7G71tIXUPSXTxlAlkWZDC6IHJrN egIfLoKqHPWjSZbz0ugq/yUJqDnApjMt8XFbbAMJAiOfsgFyBzdaxhSxAgiiVO9ch5aa WDNei/+G/jfEzWfA0NrRcjO2svjdPg0F4mKaPGG9NeH0EF65lwyLEPIs9jxS0TLm1dz2 kchlGX2x+G/FKlGdA3hpAn+yNLLRnlu1ZKpx5b2RgkzLZt8y4m3Io0Okl9rcl7LZNh3H ByYg==
MIME-Version: 1.0
X-Received: by 10.25.21.80 with SMTP id l77mr12229510lfi.43.1449521601776; Mon, 07 Dec 2015 12:53:21 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.1.227 with HTTP; Mon, 7 Dec 2015 12:53:21 -0800 (PST)
In-Reply-To: <5665C419.6060201@cs.tcd.ie>
References: <20151204170507.5160.44472.idtracker@ietfa.amsl.com> <56656C43.5070501@alvestrand.no> <56656DD2.9010609@cs.tcd.ie> <CAMm+LwhfJGvE-LvxJwRzRHjpcohQtSnhodF5a7rmbh_Foc5fBw@mail.gmail.com> <5665C419.6060201@cs.tcd.ie>
Date: Mon, 07 Dec 2015 15:53:21 -0500
X-Google-Sender-Auth: g7LSjZRIrS3qtmljf0fuIW3TFgI
Message-ID: <CAMm+LwhzJVOcTdHjaiXbXVFV3hu6wDKtfE1CovH7pzwGnf_oQQ@mail.gmail.com>
Subject: Re: WG Review: CURves, Deprecating and a Little more Encryption (curdle)
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="001a113dafb82b17950526550cf7"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/4b6XHo1wQY2La8Lnj4HXz1MPPDY>
Cc: Harald Alvestrand <harald@alvestrand.no>, IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2015 20:53:25 -0000

On Mon, Dec 7, 2015 at 12:38 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> Hiya,
>
> On 07/12/15 16:44, Phillip Hallam-Baker wrote:
> > On Mon, Dec 7, 2015 at 6:30 AM, Stephen Farrell <
> stephen.farrell@cs.tcd.ie>
> > wrote:
> >
>
>
> CMS is in scope and noted as such. If more drafts are needed though
> then folks would need to write those soonish, assuming we end up with
> consensus for a short-lived WG.



Fair enough. I just want to make sure that this is inclusive.

One other related question is XML Encryption. given that all that is needed
to define code points in XML Encryption is to generate a URL, I suggest
that there be some sort of statement in the charter that allows that to
happen, whether through a liaison with W3C or just doing it.



> > I would like us to have a common format for presenting fingerprints of
> keys
> > across applications and at minimum use that for both SSH and OpenPGP.
>
> I would also like that but a) I don't think it's for curdle and b) while
> it'd be good, we (IETF) never seem to quite manage to avoid doing those
> in protocol-specific ways.
>

How about if I write up my UDF proposal as an independent submission or AD
sponsored draft or whatever and at least we can say that we tried.



> The reason I don't think it fits curdle is that it's not only a
> crypto algorithm - the hash input is the real issue there and that's
> not in scope as far as I can see.
>

In UDF I push that off to the MIME types registry. Whatever you want to
hash, you define a MIME type for it.


> I can't see much chance CURDLE comes up with consensus for a set of
> > algorithms that isn't acceptable to TLS. If that happened the WG has
> > failed. So the TLS chairs might as well consider CURDLE to be a way to
> take
> > default algorithm choices off their plate.
>
> Sure, if the TLS folks wanted the work to happen in the curdle WG
> that'd be no problem. I don't believe that is actually the case
> though, at least for TLS codepoints. (The PKI stuff needed for TLS
> does fit curdle for sure.)
>

TLS can certainly decide which of the 50+ possible permutations of the
algorithms that they want to identify suites for.

v2.23.0 | Report a Bug | By Email