Re: [rtcweb] Open Security issue: Crypto algorithms

Sean Turner <turners@ieca.com> Wed, 20 May 2015 12:56 UTC

Return-Path: <turners@ieca.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C92C11A020B for <rtcweb@ietfa.amsl.com>; Wed, 20 May 2015 05:56:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.673
X-Spam-Level: *
X-Spam-Status: No, score=1.673 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, FSL_HELO_BARE_IP_2=1.675, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NUaQAG9hsndY for <rtcweb@ietfa.amsl.com>; Wed, 20 May 2015 05:56:29 -0700 (PDT)
Received: from gateway20.websitewelcome.com (gateway20.websitewelcome.com [192.185.54.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B0C41A0242 for <rtcweb@ietf.org>; Wed, 20 May 2015 05:56:28 -0700 (PDT)
Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway20.websitewelcome.com (Postfix) with ESMTP id 9807285A6F12 for <rtcweb@ietf.org>; Wed, 20 May 2015 07:56:27 -0500 (CDT)
Received: from [173.73.121.66] (port=62018 helo=192.168.1.6) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <turners@ieca.com>) id 1Yv3Xu-0005eL-PC; Wed, 20 May 2015 07:56:26 -0500
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <turners@ieca.com>
In-Reply-To: <CABkgnnVZvNTeFfSv09PuKEOFXZAM5dmjpp3Gg7SOuhXVG8QR9Q@mail.gmail.com>
Date: Wed, 20 May 2015 08:56:24 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <0FEF3981-063C-450C-9E6A-685696B4F5E0@ieca.com>
References: <5549E480.4030806@alvestrand.no> <CABkgnnUquwQVo+RO=96UVBVuJ-EhZQzsCA6vV7LBbEpCiGS=bQ@mail.gmail.com> <CA+9kkMAOu28ZmBPv2vPjU5EQsGF2isgMuw_KUKKroJ-P3Fn_LA@mail.gmail.com> <CABkgnnVZvNTeFfSv09PuKEOFXZAM5dmjpp3Gg7SOuhXVG8QR9Q@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source-IP: 173.73.121.66
X-Exim-ID: 1Yv3Xu-0005eL-PC
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (192.168.1.6) [173.73.121.66]:62018
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 9
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/YudKj0sK5R6VVjFQKWldZ8ioZEM>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Open Security issue: Crypto algorithms
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 12:56:30 -0000

On May 07, 2015, at 09:46, Martin Thomson <martin.thomson@gmail.com> wrote:

> On 7 May 2015 at 02:38, Ted Hardie <ted.ietf@gmail.com> wrote:
>> I am not chair with the particularly good position to collect feedback, but
>> I happen to know he's flying today.  My understanding of the current theory
>> is that we ask TLS what cipher suites and version numbers to mandate; if we
>> had a strong reason to disagree, we would need to document why we went with
>> something other than what they suggested.
>> 
>> He-who-is-in-the-air may tell me I've got it wrong, of course.
> 
> Sounds good, perhaps we should ask he-who-will-eventually-land to pass
> on the question, unless we both are wrong.

On it - albeit a little late. It’s worth noting that the UTA BCP195 (RFC 7525) (Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)) was recently published and recommends this set of algorithms:

   o  TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
   o  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
   o  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
   o  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

I also admit that I prefer ECDSA, primarily for smaller certs for comparable security, but acknowledge Martin’s point about the cert management APIs.

spt