Re: [IPsec] brainpool summary, suggested way ahead, and comments on draft
Sean Turner <turners@ieca.com> Tue, 16 October 2012 00:00 UTC
Return-Path: <turners@ieca.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1CB221F8859 for <ipsec@ietfa.amsl.com>; Mon, 15 Oct 2012 17:00:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.376
X-Spam-Level:
X-Spam-Status: No, score=-102.376 tagged_above=-999 required=5 tests=[AWL=-0.111, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15AxxPUv-ZZ8 for <ipsec@ietfa.amsl.com>; Mon, 15 Oct 2012 17:00:54 -0700 (PDT)
Received: from gateway02.websitewelcome.com (gateway02.websitewelcome.com [69.93.115.20]) by ietfa.amsl.com (Postfix) with ESMTP id 634A121F883D for <ipsec@ietf.org>; Mon, 15 Oct 2012 17:00:54 -0700 (PDT)
Received: by gateway02.websitewelcome.com (Postfix, from userid 5007) id 624644153F13C; Mon, 15 Oct 2012 19:00:54 -0500 (CDT)
Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway02.websitewelcome.com (Postfix) with ESMTP id 56D854153F11C for <ipsec@ietf.org>; Mon, 15 Oct 2012 19:00:54 -0500 (CDT)
Received: from [96.241.97.104] (port=61619 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from <turners@ieca.com>) id 1TNuab-0004H3-IO; Mon, 15 Oct 2012 19:00:53 -0500
Message-ID: <507CA3B4.1070303@ieca.com>
Date: Mon, 15 Oct 2012 20:00:52 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20121010 Thunderbird/16.0.1
MIME-Version: 1.0
To: Dan Harkins <dharkins@lounge.org>
References: <505C7784.3080803@ieca.com> <190d66e2795aa601c18bf6f6f73058c2.squirrel@www.trepanning.net> <50776898.5010103@ieca.com> <e87f417b1a77758dff663d793d346b3f.squirrel@www.trepanning.net>
In-Reply-To: <e87f417b1a77758dff663d793d346b3f.squirrel@www.trepanning.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator1743.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (thunderfish.local) [96.241.97.104]:61619
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 1
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20=
Cc: ipsec@ietf.org
Subject: Re: [IPsec] brainpool summary, suggested way ahead, and comments on draft
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Oct 2012 00:00:55 -0000
Hi Dan, See inline. spt On 10/12/12 2:32 AM, Dan Harkins wrote: > > Hi Sean, > > On Thu, October 11, 2012 5:47 pm, Sean Turner wrote: >> Dan, >> >> Thanks for the backfill (ack that's it's not just for SAE). >> >> Question: If Johannes's draft had gone through for IKEv1 you wouldn't >> have needed to make the request for the code points? > > Yes, that's correct because the code points would just be there and > the other protocols that use this registry would just blissfully start > to refer to them. This whole problem started because some people > decided that it was some sort of process issue to update this registry > (Note: it's not). > > Again, this could've been just like RFC 5114-- no fuss, no mess, > no hullaballo. If precedence has been followed, none of this nonsense > would've happened. > > These notes and pointers that people may or may not pay attention > to are just meta problems and they're all completely manufactured. > They will all just go away if we just follow the path that RFC 5114 blazed. Okay so I get it now. If a brainpool curves for IKEv1 was published the IEEE wouldn't have made the request. >> Because a clock is apparently ticking on the request I think we need to >> address the request in front of us not the combined issue. If at a >> later date, the registry is updated to add Brainpool curves then the >> "Group Description" rows for those can be updated. > > I don't understand your proposal. What is "the combined issue"? If > the registry is not updated now and, instead is updated at a later date, > then what is being done now? Sorry by combined issue I'm referring to waiting on figuring out whether the registry values will be included without the not for IKEv1 note. > I have a draft that will need to get updated and the clock is ticking on > that (cut-off date is 22 Oct). I need to know what you want my draft > to say. I should have an answer by Thursday. >> I'm going to run my proposal and Michael's by the IESG on an informal >> telechat to see which one's got the best chance of getting through the >> process to resolve the IEEE's request. > > Can you ask the IESG to just do what it has done in the past? That is, > just update the registry to include code points for new curves without > any bizarre notes or pointers? No fuss, no mess, just a few new rows > in a table. > > The worst that could happen if the IESG agrees to do that is that someone > somewhere might use a brainpool curve with IKEv1. The odds are slim, > but they're not zero. And if that happens then so what? Really. So what? The RFC 5114 example wasn't published to address another SDO request for a code point so I don't think it's the same situation. spt > Dan. > >> spt >> >> On 9/21/12 4:42 PM, Dan Harkins wrote: >>> >>> Hi Sean, >>> >>> There's some missing (pre)history and context. Let me try to fill it >>> in. >>> >>> Back in early July, Johannes Merkle sent a note to the list saying he >>> wanted to use the elliptic curves proposed by the ECC Brainpool with >>> IKE and IPsec. He asked a series of questions, one of which was: >>> >>> "Should we include IKEv1 in the specs as well?" >>> >>> I voiced support but there was some opposition along the lines of: >>> >>> * we cannot update the IANA registry of an obsoleted protocol. >>> * it is not appropriate for a protocol other than RFC 2409 to use >>> the IANA registry created by RFC 2409. >>> >>> Both of these are wrong. RFC 5114 updated this very same registry >>> after RFC 2409 was obsoleted and there was no hullabaloo over >>> that action. And RFC 5931 (EAP-pwd) uses that registry and it >>> got approved for publication long after RFC 2409 was obsoleted, >>> again without any hullabaloo. >>> >>> There is no valid process reason to not just let Johannes's draft >>> update the IKEv1 registry while it's updating the IKEv2 registry >>> (just like RFC 5114 did) and there is precedence which we could >>> just follow to avoid all this mess. >>> >>> In spite of that. it was decided to not update the IKEv1 registry >>> with the Brainpool curves. When IEEE got wind of this, they sent >>> a request, via the IEEE-to-IETF liaison, to please reconsider since >>> they have more than 1 protocol used in 802.11 that reference >>> that registry (i.e. it's not just SAE). The concern was that there >>> may be administrative or regulatory reasons for some entity to >>> desire or require using the Brainpool curves and 802.11 wants >>> to ensure that it can be used everywhere, or at least not >>> prohibited from being used because of a misguided effort by >>> the IETF to kill off use of a different protocol. >>> >>> It is the nature of this reconsideration-- forbid IKEv1 from using >>> the updated registry or create some new registry and forbid IKEv1 >>> from using it-- that is causing this whole kerfuffle. IEEE 802.11's >>> long (from our standpoint) revision schedule is not the cause of >>> the problem here. >>> >>> The reason to not just update the IKEv1 registry with the Brainpool >>> curves and to prohibit it's use with these curves is, apparently, >>> the concern that someone somewhere might actually use them with >>> IKEv1. It is not a certainty that that will happen and, furthermore, it >>> is not apparent to me what calamity will befall us all if somebody did. >>> >>> So my preference would be to follow existing precedence and let >>> Johannes's draft update both registries without any ridiculous notes. >>> If that were to happen we could let my draft die a natural death and >>> end the kerfuffle. If that just cannot be then I'll update my draft to >>> reflect your proposed edits, with the modification that this is not just >>> for SAE and not just for 802.11. Also, if you want to limit the number >>> of curves (item #4) you should coordinate with Johannes on his draft >>> for the IKEv2 registry as well as his TLS draft. >>> >>> regards, >>> >>> Dan. >>> >>> On Fri, September 21, 2012 7:19 am, Sean Turner wrote: >>>> I'd like to discuss the IEEE's request for brainpool code points >>>> additions in the Group Description registry >>>> (https://www.iana.org/assignments/ipsec-registry) on this mailing list. >>>> I realize it's not in scope of the WG, but all the right people are >>>> here so I'd like to ask for the wg chair's and member's indulgence on >>>> this matter. >>>> >>>> Here's the summary of events as I remember them: >>>> >>>> Stephen and I got an informal liaison from IEEE 802.11 requesting code >>>> point assignments in the Group Description section of >>>> https://www.iana.org/assignments/ipsec-registry. Since then we've >>>> received the official liaison. And we figured inviting Dorthy along to >>>> secir would cut down on some email. >>>> >>>> My initial thought was that adding anything to this registry was an >>>> update to IKEv1 and that was pretty much a no-go because IKEv1 is >>>> obsolete. But, the registry is RFC required so that's not strictly >>>> true. That is, other code points have been assigned after IKEv1 was >>>> obsoleted. >>>> >>>> The other thing that came to light was that the code points were in >>>> fact >>>> not going to be used by IKEv1 they were being used by another protocol, >>>> the IEEE 802.11 SAE (Simultaneous Authentication of Equals) protocol. >>>> >>>> I think it's fair to say that at the meeting most people weren't >>>> thrilled that IEEE plans to reuse the registry. We discussed setting >>>> up >>>> a new registry or pointing from the existing registry to a new >>>> registry, >>>> but the IEEE folks didn't like that because their spec is apparently >>>> not >>>> up for change until 2015 (Tero has submitted comments on this topic in >>>> IEEE). >>>> >>>> What I thought we came to was that Dan would publish a draft that >>>> requested the points and that the "notes" column would contain "not for >>>> IKEv1" - and then we'd talk about it. Dan submitted the draft >>>> requesting 14 code points with "not for IKEv1" in the notes column for >>>> each code point. I forwarded it to secdir and here we are. >>>> >>>> ^ >>>> | summary >>>> >>>> | way ahead discussion >>>> v >>>> >>>> From the discussion following publication, it's still clear the dual >>>> use of the registry is still unloved. I share that view. I think it >>>> comes down to this: >>>> >>>> - On the one hand, putting "not for IKEv1" in the notes column assumes >>>> that whoever consults the registry will make note of the note and not >>>> implement (or ask for them to be implemented) the code points in IKEv1. >>>> Concerns have been expressed that the note won't be enough to stop >>>> people asking for IKEv1 products to support these new code points - not >>>> thrilled about this prospect. >>>> >>>> - On the other hand, getting the IEEE spec to point to a new registry >>>> is >>>> (or might be) a no-go because of their publishing cycle. Assuming the >>>> IEEE spec can't be changed and we don't assign the code points, I'm >>>> sure >>>> some kind of inter-SDO struggle/spat will occur - not thrilled about >>>> this this prospect either. >>>> >>>> In this unfortunate situation, I'd like everyone to consider the (third >>>> surgically attached) hand that shares the burden: reserve the code >>>> points for 802.11 SAE in the Group Description registry, be very >>>> explicit about it in the draft/regstry, and then point from the Group >>>> Description registry to another registry (thanks to whoever suggested >>>> this at the secdir lunch we probably should have explored this more). >>>> The burden is then shared by the IETF assigning code points for >>>> something some despise/dislike and the IEEE implementers following an >>>> additional link from the registry they've already got to consult (they >>>> have to follow the link because the registry values aren't copied to >>>> their spec). The registry entries would appear as follows (well Value, >>>> Group, Reference, and Notes would normally appear on one line but it >>>> wraps in email and I thought this would be easier to follow): >>>> >>>> Value >>>> ----- >>>> 27-y >>>> >>>> Group >>>> ----------------------- >>>> Reserved for 802.11 SAE >>>> >>>> Description >>>> ------------------ >>>> This specification >>>> >>>> Notes >>>> ----------------------------------------- >>>> Not for use with IKEv1 - see xyz registry >>>> >>>> and then link 27-y to the curve names in the xyz registry (more on the >>>> number of code points at the end): >>>> >>>> Value Group Reference >>>> ----- ------------------------------ ------------------ >>>> 27 X-bit Brainpool: brainpoolPXr1 This specification >>>> ... ... .... >>>> >>>> >>>> Thoughts about this? >>>> >>>> >>>> | comments on draft >>>> v >>>> >>>> I'd like to make to the draft clearer about what's going on: >>>> >>>> #1) Retitle: >>>> >>>> OLD: >>>> >>>> Brainpool Elliptic Curves for the IKE Group Description Registry >>>> >>>> NEW: >>>> >>>> Brainpool Elliptic Curves for 802.11 SAE in the >>>> IKE Group Description Registry >>>> >>>> #2) tweak abstract: >>>> >>>> OLD: >>>> >>>> This memo allocates code points for fourteen new >>>> elliptic curve domain parameter sets over finite >>>> prime fields into a registry established by The >>>> Internet Key Exchange (IKE). >>>> >>>> NEW (where X is TBD at this point): >>>> >>>> This memo allocates code points for X new elliptic >>>> curve domain parameter sets over finite prime fields >>>> into a registry established by The Internet Key >>>> Exchange (IKE). These values are used by the IEEE >>>> 802.11 SAE (Simultaneous Authentication >>>> of Equals) protocol. The values found in this >>>> document are not for use in IKEv1. >>>> >>>> #3) tweak intro: >>>> >>>> OLD: >>>> >>>> IANA maintains a registry for [RFC2409] to map >>>> complete domain parameter sets to numbers. Other >>>> protocols, for example [IEEE802.11], refer to this >>>> registry for its convenience. Therefore, this memo >>>> instructs IANA to allocate new code points for the >>>> Brainpool curves defined in [RFC5639] to the registry >>>> established by [RFC2409]. >>>> >>>> NEW: >>>> >>>> [RFC2409] defined the Group Description registry that >>>> other protocols, for example [IEEE802.11], refer to for >>>> convenience. Non-IKE protocols referring to the registry >>>> is not ideal but also not a problem until the non-IKE >>>> protocol(s) want values added to the registry and these >>>> values are not for use by IKE. This is the case with the >>>> values in this document; they are not for use with IKEv1. >>>> The values in this document are for the Brainpool curves >>>> defined in [RFC5639] use with 802.11 SAE and the >>>> documents only purpose is to instruct IANA to allocate >>>> new code points. >>>> >>>> #4) Pick fewer curves. Not sure which ones but if we end up doing >>>> brainpool in TLS I'd like to see us pick the same ones. Not sure which >>>> ones those will be. I'm thinking like 3 - probably lining up with the >>>> 3 >>>> ECP groups. >>>> >>>> #5) Once we've settled on the format for the registry put it exactly as >>>> agreed in the IANA section. >>>> >>>> spt >>>> _______________________________________________ >>>> IPsec mailing list >>>> IPsec@ietf.org >>>> https://www.ietf.org/mailman/listinfo/ipsec >>>> >>> >>> _______________________________________________ >>> IPsec mailing list >>> IPsec@ietf.org >>> https://www.ietf.org/mailman/listinfo/ipsec >>> >> > >
- [IPsec] brainpool summary, suggested way ahead, a… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Paul Hoffman
- Re: [IPsec] brainpool summary, suggested way ahea… Yaron Sheffer
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Tero Kivinen
- [IPsec] brainpool summary, suggested way ahead, a… Tero Kivinen
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Tero Kivinen
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Tero Kivinen
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Dan Harkins
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner
- Re: [IPsec] brainpool summary, suggested way ahea… Tero Kivinen
- Re: [IPsec] brainpool summary, suggested way ahea… Sean Turner