Re: [netconf] Supported algorithms lists
"Salz, Rich" <rsalz@akamai.com> Thu, 13 February 2020 18:48 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD79112081F for <netconf@ietfa.amsl.com>; Thu, 13 Feb 2020 10:48:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2yZNCSpfQkg0 for <netconf@ietfa.amsl.com>; Thu, 13 Feb 2020 10:48:36 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FED012081C for <netconf@ietf.org>; Thu, 13 Feb 2020 10:48:36 -0800 (PST)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 01DIlQuw001235; Thu, 13 Feb 2020 18:48:35 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=MYQ1Nc6uzIiUpIlCzsDp1H47UXdv/yEu+mh5g+oFh2U=; b=aJriYsGGEAkW+qXG1I1zT1OM6Qoyfo5SjvlxZRstYEZKPezegch3Nc7MpqjAl1vdhFAU KlfSK0hWJUOQlwYI6a9zktJg+lsfD9rwisrVrIO6GSU0pHr2Dq03UvfMfURpp4qWRufu kUIqkSceyQHIeBCbI2d10zo/MIQAYJgn1252S7Uup94z1CurpfXLgPj+Dog5XC+HmQGH bYuluNOi680uuic8cy0/cQjenziqpM07LFbfqQk3CmxY1BUja6UORb2hkNMBSwXq/m/4 ei8JO0laZqGiTRJ73Bv0jUOawxlyRQqfvBN/Ma7PijlRE0hJqIrqPgmhsOmkLr6aBU7u Fw==
Received: from prod-mail-ppoint5 (prod-mail-ppoint5.akamai.com [184.51.33.60] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 2y457y89xd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 13 Feb 2020 18:48:35 +0000
Received: from pps.filterd (prod-mail-ppoint5.akamai.com [127.0.0.1]) by prod-mail-ppoint5.akamai.com (8.16.0.27/8.16.0.27) with SMTP id 01DIlpRD014477; Thu, 13 Feb 2020 10:48:34 -0800
Received: from email.msg.corp.akamai.com ([172.27.123.31]) by prod-mail-ppoint5.akamai.com with ESMTP id 2y5bd680v5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 13 Feb 2020 10:48:34 -0800
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com (172.27.123.105) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 13 Feb 2020 13:48:33 -0500
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com (172.27.123.103) by usma1ex-dag1mb5.msg.corp.akamai.com (172.27.123.105) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 13 Feb 2020 13:48:33 -0500
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com ([172.27.123.103]) by usma1ex-dag1mb3.msg.corp.akamai.com ([172.27.123.103]) with mapi id 15.00.1473.005; Thu, 13 Feb 2020 13:48:33 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Kent Watsen <kent+ietf@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] Supported algorithms lists
Thread-Index: AQHV4pJRGz8wjkufPEeULUGrOkBPq6gZdz2A
Date: Thu, 13 Feb 2020 18:48:33 +0000
Message-ID: <3F865F3D-EEA6-4DAB-A1B3-7062C8496E4B@akamai.com>
References: <010001703f93981f-3ee1e05a-fa24-41c4-a168-f66af7d4176f-000000@email.amazonses.com>
In-Reply-To: <010001703f93981f-3ee1e05a-fa24-41c4-a168-f66af7d4176f-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.22.0.200209
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.115.35]
Content-Type: text/plain; charset="utf-8"
Content-ID: <414E1823B0B9F34EBB517B43EB24DCE3@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2020-02-13_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=861 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2002050000 definitions=main-2002130132
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-02-13_07:2020-02-12, 2020-02-13 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 lowpriorityscore=0 bulkscore=0 spamscore=0 mlxlogscore=843 malwarescore=0 mlxscore=0 priorityscore=1501 suspectscore=0 impostorscore=0 phishscore=0 clxscore=1011 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2002130131
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/Oj3YMA67oneRv_h3czebM8JFHks>
Subject: Re: [netconf] Supported algorithms lists
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Feb 2020 18:48:44 -0000
> it suggests a 3rd idea, which is to have an RPC that takes an XPath (to a key) and returns the list of supported algorithms for that key. I could be confused, but I don't know if this is a good idea. Suppose I have an RSA keypair; would I expect to get back every TLS 1.2 ciphersuite name that has RSA in it? There are around 30. And for TLS 1.3, where the identity is broken out separately from the bulk encryption -- the so-called "a la carte" approach -- it becomes rather difficult.
- [netconf] Supported algorithms lists Kent Watsen
- Re: [netconf] Supported algorithms lists Salz, Rich
- Re: [netconf] Supported algorithms lists Kent Watsen
- Re: [netconf] Supported algorithms lists Kent Watsen
- Re: [netconf] Supported algorithms lists Salz, Rich