Re: [secdir] SECDIR review of draft-ietf-t cpinc-tcpcrypt-07
Stephen Kent <stkent@verizon.net> Tue, 24 October 2017 21:02 UTC
Return-Path: <stkent@verizon.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC45A13F841 for <secdir@ietfa.amsl.com>; Tue, 24 Oct 2017 14:02:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.901
X-Spam-Level:
X-Spam-Status: No, score=-4.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AL4KIfrAB56r for <secdir@ietfa.amsl.com>; Tue, 24 Oct 2017 14:02:32 -0700 (PDT)
Received: from omr-a017e.mx.aol.com (omr-a017e.mx.aol.com [204.29.186.68]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEB8513F846 for <secdir@ietf.org>; Tue, 24 Oct 2017 14:02:31 -0700 (PDT)
Received: from mtaout-mae02.mx.aol.com (mtaout-mae02.mx.aol.com [172.26.254.142]) by omr-a017e.mx.aol.com (Outbound Mail Relay) with ESMTP id B311B3800091; Tue, 24 Oct 2017 17:02:30 -0400 (EDT)
Received: from iMac.local (pool-173-48-69-73.bstnma.fios.verizon.net [173.48.69.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mtaout-mae02.mx.aol.com (MUA/Third Party Client Interface) with ESMTPSA id 285913800008F; Tue, 24 Oct 2017 17:02:29 -0400 (EDT)
To: Daniel B Giffin <dbg@scs.stanford.edu>
Cc: secdir@ietf.org, david.black@dell.com, krose@krose.org, ietf@kuehlewind.net, M.Handley@cs.ucl.ac.uk, dm@uun.org, eric.smith@kestrel.edu, sqs@sourcegraph.com
References: <a81a01d1-f5b8-ea3b-ebc2-2536aa08fb5f@verizon.net> <20171021013702.GB85636@scs.stanford.edu> <88e80c7a-0534-5ff0-deeb-c0bc5f3c9a09@verizon.net> <20171024070759.GA61933@scs.stanford.edu>
From: Stephen Kent <stkent@verizon.net>
Message-ID: <78cf97c4-daca-0ade-bf38-613622390c6c@verizon.net>
Date: Tue, 24 Oct 2017 17:02:36 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <20171024070759.GA61933@scs.stanford.edu>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
x-aol-global-disposition: G
x-aol-sid: 3039ac1afe8e59efaa656e45
X-AOL-IP: 173.48.69.73
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/roNQJA3uRPTOFB58Df8aw1UeYfI>
Subject: Re: [secdir] SECDIR review of draft-ietf-t cpinc-tcpcrypt-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Oct 2017 21:02:39 -0000
Daniel, > If you could let us know what protocols you mean, that would > be a helpful point of comparison. It looks like the main > TLS 1.3 document specifies only five symmetric algorithms, > but of course other documents could supplement this > arbitrarily; I guess I should look at OpenSSL or something > to see how many are actually supported. My comments are based on my experiences with IPsec (ESP and AH). If you look at RFCs 4305, 4835, and 7321, you see a set of algs that have been recommended, and ones that have been deprecated over many years. There are a fair number of them when one looks at the need to specify both an encryption alg and an integrity alg. We started with DEC-CBC and MD5, moved on to triple DES-CBC and several SHA-based MACs, then AES-CBC (in 3 key lengths) with SHA MACs, plus AES-GMAC (3 key lenghts) and AES-GCM (3 key lengths). Don't forget outliers like SKIPKACK, RC4, RC5, Blowfiosh, Twofish, Threefish, CAST, and IDEA. One might add Salsa20, ChaCha, Poly1305-AES to the list of more recent options, if anyone wanted to register them. Note that even when we deprecate an alg it may live on for a long time in implementations. > Concerning "nation-specific algorithms", do you mean that > the number of needed symmetric-encryption algorithms could > be on the same order as the number of countries in the > world? not likely, but potentially, and I would not like to have IANA rejecting a national alg because of limited ID space. In the IPsec arena, we had SEED (South Korea), GOST symmetric crypto and MAC algs (Russia), and Camilla (Japan) all defined for use ion the IPsec environment. Nothing makes for a good international incident like having the IETF reject some country's request for an alg ID. > If there's a need to mention how the code-space for > symmetric ciphers could be expanded, maybe we should > seriously consider allocating 16 bits to this; I just don't > have a good handle on the order of magnitude that is > plausibly needed. I'd prefer 16 bits, just to be safe, based on the IPsec experiences and a strong desire to NEVER reuse IDs. Steve
- [secdir] SECDIR review of draft-ietf-t cpinc-tcpc… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-t cpinc-… Daniel B Giffin
- Re: [secdir] SECDIR review of draft-ietf-t cpinc-… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-t cpinc-… Daniel B Giffin
- Re: [secdir] SECDIR review of draft-ietf-t cpinc-… Black, David
- Re: [secdir] SECDIR review of draft-ietf-t cpinc-… Stephen Kent