Re: [saag] AD review of draft-iab-crypto-alg-agility-06

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 26 August 2015 09:54 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A2131B2A04 for <saag@ietfa.amsl.com>; Wed, 26 Aug 2015 02:54:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DKCLXIHwzAM7 for <saag@ietfa.amsl.com>; Wed, 26 Aug 2015 02:54:47 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93B361B29F9 for <saag@ietf.org>; Wed, 26 Aug 2015 02:54:47 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 6BD45BDF9; Wed, 26 Aug 2015 10:54:46 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id viGWPXxr0O_M; Wed, 26 Aug 2015 10:54:46 +0100 (IST)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3CA8FBDCA; Wed, 26 Aug 2015 10:54:46 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1440582886; bh=zbuefdUZeS/9jY2UOkM/I8OUqVVl9Du69VGC4+CgSyk=; h=Date:From:To:CC:Subject:References:In-Reply-To:From; b=0plTGq5HdbaH0w+FBbkAGM72oyKNk+wP45XrRdgRdFAzSbaSToCGAB4GJJ7jSQHTD umyK4A1AUjNd2/Lhbh5EJY+YVSQMNJ5+rLQgzvGHHoHQn5BRYGdqLw5TUJ+wzsS/o6 6ODWrJ6sHtJEvEI/582QtyFO/bHkkpguAvBcW6Pw=
Message-ID: <55DD8CE6.9030508@cs.tcd.ie>
Date: Wed, 26 Aug 2015 10:54:46 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>, Yoav Nir <ynir.ietf@gmail.com>
References: <20150728013020.GO4347@mournblade.imrryr.org> <DM2PR0301MB0655CF099FA7C56E9B9D24A9A88D0@DM2PR0301MB0655.namprd03.prod.outlook.com> <20150728053035.GR4347@mournblade.imrryr.org> <CAHbuEH7B3_G9vAhw=U2tuz-Uh8mKMUfL6s=H+BOG96FDZaACig@mail.gmail.com> <20150824212907.GN9021@mournblade.imrryr.org> <619ffebb05ba4e2a9af03a6dcc768d6e@ustx2ex-dag1mb2.msg.corp.akamai.com> <20150824215037.GO9021@mournblade.imrryr.org> <9A043F3CF02CD34C8E74AC1594475C73F4AE62A1@uxcn10-5.UoA.auckland.ac.nz> <20150825134333.GX9021@mournblade.imrryr.org> <6b5167f3d0684a8a91caa6d37dec65e3@ustx2ex-dag1mb2.msg.corp.akamai.com> <20150825160627.GH9021@mournblade.imrryr.org> <55DC961A.903@cs.tcd.ie> <A25C2C97-2C03-459C-8167-475B85731D97@gmail.com> <55DCE960.4090801@cs.tcd.ie> <D202AB8E.5312F%kenny.paterson@rhul.ac.uk>
In-Reply-To: <D202AB8E.5312F%kenny.paterson@rhul.ac.uk>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/ymF6tEBRcjSWYO2I96Tw42s3kYw>
Cc: Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2015 09:54:48 -0000


On 25/08/15 23:53, Paterson, Kenny wrote:
> And it feels to me that, for RC4, the currently known public techniques
> are starting to run out of steam. 

Thanks. I wasn't aware of that.

The only thing I'd add to your mail is that when you say that we don't
know how attacks will evolve, that's not quite true. We do know that
the attacks always get better, but we don't know by how much or when.

S.