IETF Logo Mail Archive

Re: [saag] sntrup761x25519-sha512

Tero Kivinen <kivinen@iki.fi> Wed, 24 May 2023 21:17 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63014C1519BE for <saag@ietfa.amsl.com>; Wed, 24 May 2023 14:17:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iki.fi
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 96l1uRrqPF2J for <saag@ietfa.amsl.com>; Wed, 24 May 2023 14:17:04 -0700 (PDT)
Received: from meesny.iki.fi (meesny.iki.fi [IPv6:2001:67c:2b0:1c1::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60A1AC151B12 for <saag@ietf.org>; Wed, 24 May 2023 14:16:57 -0700 (PDT)
Received: from fireball.acr.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kivinen@iki.fi) by meesny.iki.fi (Postfix) with ESMTPSA id 4QRPBr22BlzyPY; Thu, 25 May 2023 00:16:51 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1684963012; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jfLw+ZRqSqhtImXApxTX3l2rJFUC/bDbdq/mSYLutiM=; b=eTxtSVfdbFmdMupfcLRQzKU6Zd6jQjLs2ZKzV7+S8TCK5R6AWViAUAfUQs3z9kidyTvB0/ 5HHWvsDsz5GsGvwWVvXN6tY0Qo2V3v+AHFtUKrzNG/5DpZhHJvsdwmuU4nurTaM7IfKUW4 2y7IM2ix96dnLGGHka86GHWPyrQkKDE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1684963012; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jfLw+ZRqSqhtImXApxTX3l2rJFUC/bDbdq/mSYLutiM=; b=KVL+QqhINkK/D8uBIqh8qOTSrGxLHZ0+26f3fnkgkjdF5sgiCFSLFI7ajR43qBjbyINN16 AlWVjUitaWNlxrDCylV+KnlpiGeO/ouMCHOZWhcm1Ln124LLVx2dY05r/BdEHk16mEFnhQ +JfeyQX7JRqplMMgQoEqKjx3P7BJ+rg=
ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=kivinen@iki.fi smtp.mailfrom=kivinen@iki.fi
ARC-Seal: i=1; s=meesny; d=iki.fi; t=1684963012; a=rsa-sha256; cv=none; b=ctbDNrKA7O0rcWzENkPoj+i7OWnBuxU+wQuUiVy1+MSx38sTzCA/hONpyG9xOUbIRlrTqg ZtsR/64WMdQaw1MzwFdn9JXzSq51IjeP/SSTCs+fZZO8aHpmH/ZzOkvt8zmrC4jbNDBSmf 0yE7oEwgnFxUHsQixk5vHjP9B+EP5XY=
Received: by fireball.acr.fi (Postfix, from userid 15204) id 35AEB25C1304; Thu, 25 May 2023 00:16:51 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <25710.32450.966653.66336@fireball.acr.fi>
Date: Thu, 25 May 2023 00:16:50 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, saag@ietf.org
In-Reply-To: <CABcZeBMobKFKjtFn3xt7DDD1rx0ZtvW2m5sq6Gz1q29ETp04rQ@mail.gmail.com>
References: <875y8y4ip2.fsf@kaka.sjd.se> <84296E62-5843-4E7A-BD43-430491A5A1F3@akamai.com> <874jo8ytgw.fsf@kaka.sjd.se> <f6aa133635084609b0032ab1cfbfb7ce@amazon.com> <87sfbny046.fsf@kaka.sjd.se> <CABcZeBME4CRjd+4kqFCzYOmaOEafUiabsBoUQ0Eqm8A7OD-46A@mail.gmail.com> <87fs7nxj9f.fsf@kaka.sjd.se> <b82f1264-3935-4ca0-918a-fdb7f819c2bf@app.fastmail.com> <877csyznd1.fsf@kaka.sjd.se> <CABcZeBMobKFKjtFn3xt7DDD1rx0ZtvW2m5sq6Gz1q29ETp04rQ@mail.gmail.com>
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 12 min
X-Total-Time: 11 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/CcpQSyqpryzdIxVdHU70jPdqemw>
Subject: Re: [saag] sntrup761x25519-sha512
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2023 21:17:08 -0000

Eric Rescorla writes:
> Without taking a position on this draft, I think it would be good if
> we loosened the policy for the SSH-KEX registry, as we have for TLS
> and some other protocols.

Note, that SSH actually has much looser registry policy than any of
the other protocols like TLS.

All names having @example.com are free for that organization to
allocate as they like. I.e. openssh has allocated several protocol
names from @openssh.com domain.

The reason names without @ require more checking is because those
are supposed to have some meaning, i.e., they are something that have
gone through the IETF consensus process, and because of that there
might be more people actually willing to use them.

There are several implementations who already implement openssh.com
specific names for different algorithms.

The idea is that if we go through the IETF consensus process then the
name to refer the algorithm will be different, i.e., it will not be
@open.ssh.com anymore, it will be name without @-sign, thus it will be
completely different entry point, and if the IETF did some changes to
the protocol then those implementations who want to support both IANA
allocated name and @openssh.com allocated name, needs to implement
both. If IETF does not make any changes, then implementations can
simply add alias to their existing @openssh.com name so it will point
to IANA allocated name.

Because of this I do not think it is good idea to relax the allocation
policies for the ssh registries even more. They already allow anybody
to allocate names very easily, and I think it is good idea to have bit
of difference between private names and IANA allocated names, i.e.,
bit more review done by IETF for IANA allocated names.

What I think would be possible to add a list of "known algorithms for
specific domains", i.e., list of known foo@example.com names and
pointer pointing them to the whatever stable reference those domains
are having for their own extensions with clear understanding that
IETF does has not checked those algorithms in any way, and does not
know whether they are secure or not. If the IANA page would have
something like this in the end that would be useful (separate from
normal IANA registries).

Having those documents going through AD sponsored role should not be
that big issue.
-- 
kivinen@iki.fi

v2.23.0 | Report a Bug | By Email