IETF Logo Mail Archive

Re: [rtcweb] DTLS version

Justin Uberti <juberti@google.com> Sun, 20 July 2014 03:50 UTC

Return-Path: <juberti@google.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50D991B2B5A for <rtcweb@ietfa.amsl.com>; Sat, 19 Jul 2014 20:50:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3VYXr8yUIVd8 for <rtcweb@ietfa.amsl.com>; Sat, 19 Jul 2014 20:50:48 -0700 (PDT)
Received: from mail-vc0-x22d.google.com (mail-vc0-x22d.google.com [IPv6:2607:f8b0:400c:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68FBA1B2B53 for <rtcweb@ietf.org>; Sat, 19 Jul 2014 20:50:45 -0700 (PDT)
Received: by mail-vc0-f173.google.com with SMTP id hy10so10085321vcb.18 for <rtcweb@ietf.org>; Sat, 19 Jul 2014 20:50:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=3d6nAy3+AnRDnMqyjF17EozMhgbcN0qYxCAQTA99woQ=; b=TRNVXq3m41bDz2FUWUmcG0gKP7Yl352xRCaZcRY5HZhjr64F9QEoi7kp4G9bRwgT0e 8TDzzyErvyJvvlhhtq3y8MPddcAbKrIWNU++XmXwBQaqIcwCGBWjiSscBIsvwaiVWNRt d3xLOJHGFIMqBGBEM+z4aAeP7SUEEZe3U8EQ4keEqN3SDNrPzvQk1lLAsgcrc83uR1Qm 8kzCfqKjpNMKRozWVJOnOoDV3oYADRMqNbJfKuFxrLKE/JdAlY5bTOaNgXPmo6acIBfx eUurwPcmisUIV3hH3muyBV9/k2uUSqUAFmADim62xc/km2269CiYV9uUvySOHukE5gXa dEBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=3d6nAy3+AnRDnMqyjF17EozMhgbcN0qYxCAQTA99woQ=; b=L8okZqpQtDHpK1/Lx+qz2VMsG2ntzSSCLj4bHNMNYxIXdtQMAV/Fq7isaV8rlMewIh M2TGPj4+EqC29oPZK32KuJfSxBVuf1QasYSIN7qf0CbT6aj8nPa3lnGKJKFIN5OcvFL2 NyyICPhF+aQrG7sYTX6s+97s1IrnFfd15uibwucU0ah1q0a6dDnL5GnLHrQGk+7h48QD HqyZe8mbpe+uPyPh980tovHvURAFzdxz/KsaHotJx4gyGzVRvUCLKokOTtpclNz3ERFE nhBVH+sGn69PF4QyWmDMHV0QDES6gPiAEfZJ6BE5NPMtrwJKu5O1x8OpB0MFM2O2Ib4v HbVw==
X-Gm-Message-State: ALoCoQkQA/xyZkEqkx+LV0BmDfZKdgu4KX2Aw0QCO0GXl10QggbyYMxd3HlSTQQOJPC9HC1eaP97
X-Received: by 10.220.163.3 with SMTP id y3mr18367309vcx.7.1405828244170; Sat, 19 Jul 2014 20:50:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.66.242 with HTTP; Sat, 19 Jul 2014 20:50:24 -0700 (PDT)
In-Reply-To: <f46d1e4a7dc64267926d6e3e05e7196c@BLUPR03MB405.namprd03.prod.outlook.com>
References: <A963F527-57EB-4617-9583-6C0D63DDE4BD@lurchi.franken.de> <CAOW+2dvgg3zMU0C_EjozRnEEs9BmSy2k0u2PKExb3AeCF6in=Q@mail.gmail.com> <C52F606C-C7E3-4AF8-B249-07C16A474F52@lurchi.franken.de> <CABkgnnXszLWwXgfg=TOHuxrnnQMy3QBaFKS2SC+eOHiC90cFoQ@mail.gmail.com> <DBE402B8-82FF-41A8-A971-9BB71D9A4830@lurchi.franken.de> <6355614E-44DA-4729-97C2-E903548EBA8B@gmail.com> <949EF20990823C4C85C18D59AA11AD8B1FC18D@FR712WXCHMBA11.zeu.alcatel-lucent.com> <CABkgnnWBeeSDoeHDkbjGEwvpcJ+Ld6q1Fs_Fwckp3oW_Hzmcew@mail.gmail.com> <53B660BC.4090907@alvestrand.no> <949EF20990823C4C85C18D59AA11AD8B1FD11D@FR712WXCHMBA11.zeu.alcatel-lucent.com> <CABcZeBMTJpmriEnNNYwtah8ABjUvZMuuO2xHJ33Jc6_A1XsrMg@mail.gmail.com> <9D7AEC5F-2955-4044-B8DE-A80006994AEB@lurchi.franken.de> <CABcZeBOyXZ28NBHpWSHXNL=g+6d=XL_2UCm7EssKptyfEy=pvw@mail.gmail.com> <C219E7F1-4F2C-448F-969C-F4CDD3B019C3@lurchi.franken.de> <f46d1e4a7dc64267926d6e3e05e7196c@BLUPR03MB405.namprd03.prod.outlook.com>
From: Justin Uberti <juberti@google.com>
Date: Sat, 19 Jul 2014 23:50:24 -0400
Message-ID: <CAOJ7v-3nHo0AJ33b+1YnP-CySvOKiM1k72y_dxYMO41qsLMU3w@mail.gmail.com>
To: Shijun Sun <shijuns@microsoft.com>
Content-Type: multipart/alternative; boundary="001a1133da661c141004fe97e5eb"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/wq5rgSgoTi4DsGK0jKpeTruIYAk
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS version
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Jul 2014 03:50:50 -0000

I was thinking the baseline cipher suite would be
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (note RSA instead of ECDSA), as the best
choice that maintains 1.0 compatibility.

I think we could also have a SHOULD for
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 as the preferred TLS 1.2 ciphersuite.


On Mon, Jul 7, 2014 at 5:29 PM, Shijun Sun <shijuns@microsoft.com> wrote:

> There seems a preference on supporting DTLS 1.0 due to the widespread
> adoption.  There is also a desire of supporting ECDHE when ECC is on a
> Standards Track.  Hope we could reach a consensus in Toronto.
>
> To keep the discussions going, here is a proposal with a specific cipher
> suite based on DTLS 1.0.
>
>     All implementations MUST implement the cipher suite
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
>     based on DTLS 1.0 with P256 as the curve to be used with ECDHE and
> ECDSA.  The Implementations
>     MAY advertise additional cipher suites based on DTLS 1.0 and/or DTLS
> 1.2 definitions, for example,
>     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA with P256.
>
> We could keep DTLS 1.2 as an optional implementation decision for now and
> make that (and some corresponding new cipher suites) as required in the
> future.
>
> Thoughts?
>
> Best, Shijun
>
> -----Original Message-----
> From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Michael Tuexen
> Sent: Friday, July 4, 2014 2:28 PM
> To: Eric Rescorla
> Cc: rtcweb@ietf.org
> Subject: Re: [rtcweb] DTLS version
>
> On 04 Jul 2014, at 23:19, Eric Rescorla <ekr@rtfm.com> wrote:
>
> >
> >
> >
> > On Fri, Jul 4, 2014 at 2:11 PM, Michael Tuexen <
> Michael.Tuexen@lurchi.franken.de> wrote:
> > On 04 Jul 2014, at 21:48, Eric Rescorla <ekr@rtfm.com> wrote:
> >
> > > I made this change in the current draft at:
> > >
> > > https://github.com/rtcweb-wg/security-arch/commit/c2af2bf7fd032abd36
> > > 7dff8d4d16f7ec435fa663
> > If implementations MUST implement both DTLS 1.0 and 1.2, when will
> > they use 1.0? Wouldn't they always use DTLS 1.2?
> >
> > There are non-RTCWEB implementations of these protocols.
> OK. Any suggested test for the SCTP over DTLS spec? It currently says MUST
> be based on DTLS 1.0 (as you suggested).
>
> Best regards
> Michael
> >
> > -Ekr
> >
> > Best regards
> > Michael
> > >
> > > Note that the TLS WG is currently discussing whether to bring ECC onto
> Standards Track.
> > > If they do, we probably want ot require support of ECDHE. We should
> discuss in YYZ.
> > >
> > >
> > >
> > > On Fri, Jul 4, 2014 at 3:23 AM, DRAGE, Keith (Keith) <
> keith.drage@alcatel-lucent.com> wrote:
> > > This is the direction I am tending in as well.
> > >
> > > Although what or if the second statement needs from RFC 2119 language
> would need to be debated.
> > >
> > > Obviously, new versions are not being put out there just to make it
> look like the WG is performing. In any referencing (not just this issue), I
> would need a good technical reason why the latest version cannot be made
> the normative reference. I am not seeing that at the moment.
> > >
> > > There is always be non-conforming equipment on the market (as an
> example look at the number of SIP implementations that still use UDP for
> large messages, or that can at least be configured that way). Just because
> we mandate 1.2 does not mean that everyone will conform from day 1, but at
> least a marker is established for what should be addressed if
> interoperability issues are identified.
> > >
> > > Keith
> > >
> > > > -----Original Message-----
> > > > From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Harald
> > > > Alvestrand
> > > > Sent: 04 July 2014 09:07
> > > > To: rtcweb@ietf.org
> > > > Subject: Re: [rtcweb] DTLS version
> > > >
> > > > On 07/03/2014 07:58 PM, Martin Thomson wrote:
> > > > > On 3 July 2014 01:39, DRAGE, Keith (Keith)
> > > > > <keith.drage@alcatel-lucent.com> wrote:
> > > > >> Can someone elaborate what this massive apparent step
> > > > change is from 1.0 to 1.2?
> > > > > Actually, it's not a massive step.  TLS 1.2 (DTLS 1.2
> > > > depends on this,
> > > > > DTLS 1.0 depends on TLS 1.1) adds AEAD modes, but doesn't
> > > > > require their use, so you can pretty much just bump the version
> > > > > number and advertise 1.2.  That's exactly what we did with NSS,
> > > > > though NSS already supports TLS 1.2.
> > > > >
> > > > > That said, I agree with Jim about 1.0.  There's enough 1.0
> > > > out there
> > > > > now to make mandating 1.2 - as much as I might prefer that
> > > > - a little
> > > > > too aggressive.
> > > > >
> > > > >> Will those implementations that choose to stay with 1.0
> > > > still interwork with 1.2?
> > > > > That depends.  We could say "MUST NOT negotiate 1.0", which
> > > > > would prevent that.  I don't think that we're there.
> > > >
> > > > Sounds to me like MUST implement 1.2 (in order to move forward),
> > > > MUST accept 1.0 (in order to not lose the long tail).
> > > >
> > > > >
> > > > > _______________________________________________
> > > > > rtcweb mailing list
> > > > > rtcweb@ietf.org
> > > > > https://www.ietf.org/mailman/listinfo/rtcweb
> > > >
> > > > _______________________________________________
> > > > rtcweb mailing list
> > > > rtcweb@ietf.org
> > > > https://www.ietf.org/mailman/listinfo/rtcweb
> > > >
> > > _______________________________________________
> > > rtcweb mailing list
> > > rtcweb@ietf.org
> > > https://www.ietf.org/mailman/listinfo/rtcweb
> > >
> > > _______________________________________________
> > > rtcweb mailing list
> > > rtcweb@ietf.org
> > > https://www.ietf.org/mailman/listinfo/rtcweb
> >
> >
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>

v2.23.0 | Report a Bug | By Email