Re: [saag] AD review of draft-iab-crypto-alg-agility-06

Derek Atkins <derek@ihtfp.com> Mon, 20 July 2015 03:10 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F14C1B2F1A for <saag@ietfa.amsl.com>; Sun, 19 Jul 2015 20:10:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.408
X-Spam-Level:
X-Spam-Status: No, score=-0.408 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 44Qp0zasu82k for <saag@ietfa.amsl.com>; Sun, 19 Jul 2015 20:10:41 -0700 (PDT)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DC611B2F16 for <saag@ietf.org>; Sun, 19 Jul 2015 20:10:41 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 157FAE203A; Sun, 19 Jul 2015 23:10:40 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 14630-09; Sun, 19 Jul 2015 23:10:38 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [38.90.133.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 3969AE2039; Sun, 19 Jul 2015 23:10:38 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1437361838; bh=4gphZkeR/mWmqMH+/NNZ6aDPy7lrSF2LqLqVd6i+fQg=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=kS7GZHWWZwhjG/K+378ztNlrZvXgTGegSa/SRwVF52Sh35KNigTmTztsHiFYrio/E 3IGHpd1Vx0GkexskpmD3yiHOOYdewWux8Im0U3IvhZ8Nle6kWQ/EgeSFchK57m1GAM sYyN66UfnxY4gZtk7Trv/l0C3+Gkaizs71sEr0Bo=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t6JNO0If024803; Sun, 19 Jul 2015 19:24:00 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
References: <55A938F1.9090404@cs.tcd.ie> <CD936D80-BEA2-4918-828C-E3A392761EC5@gmail.com>
Date: Sun, 19 Jul 2015 19:24:00 -0400
In-Reply-To: <CD936D80-BEA2-4918-828C-E3A392761EC5@gmail.com> (Kathleen Moriarty's message of "Sat, 18 Jul 2015 10:30:19 +0200")
Message-ID: <sjmvbdf4tpr.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/tZfs8kIHRIujwUIpzas8tw4y0kM>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 03:10:42 -0000

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>; writes:

>> 2.9: I'm not really a fan of blessing weaker algs for OS, but I lost
>> that argument before. I wonder if we would get consensus if this
>> said that weak algs are better than no encryption but still MUST be
>> deprecated as soon as feasible?
>
> I don't think we've really debated this enough to get consensus.  I
> don't think weaker algs fit into our agreed definitions for OS.  I
> just recall your debate with Pete on another draft, but think a wider
> debate is needed to see what the consensus is.  I don't think weaker
> algorithms should fit into the definition.

What seems like a good algorithm today may become a weaker algorithm
tomorrow.  Similarly, a new, better algorithm may appear next week.  So
while I think we can all agree that no, we shouldn't use 1DES today, we
don't know if next week someone will find an attack against AES-128 or
ECC-P256.  What I'm saying that that qualifying "strong" and "weak" is,
unfortunately, a more subjective (vs objective) process.

> Best regards,
> Kathleen

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant