IETF Logo Mail Archive

Re: [Spasm] New Version Notification for draft-wconner-blake2sigs-00.txt

Jim Schaad <ietf@augustcellars.com> Sun, 30 April 2017 20:11 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7F1F127599 for <spasm@ietfa.amsl.com>; Sun, 30 Apr 2017 13:11:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.699
X-Spam-Level:
X-Spam-Status: No, score=0.699 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2LHxeP-2HCiE for <spasm@ietfa.amsl.com>; Sun, 30 Apr 2017 13:11:25 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADF7D1293F5 for <spasm@ietf.org>; Sun, 30 Apr 2017 13:08:58 -0700 (PDT)
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0092_01D2C1FE.494B20C0"
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1493582937; h=from:subject:to:date:message-id; bh=vnM6CfWLUuM3SAkvqy1xGTFfLtz63+KvisHLhK/vjK4=; b=UNY31uXaiF0ve2kYPRP5Xrh4mSOleGv0ApHjNoUFHeaqaD7xrfOZxNGMI7v/rILsKAFzxdzqabI jy73ajiHQFyfT1TvH5RkQ9rcTXq/E+FefSPibS/U+d7rX67NNB1NSz3CaHSQXCih/qgvbZgoed77L olyiS0RJIdk6WjLUkWbaWnUjJXW0ESekiy2c82e/HCC3b/qcCxFzgNvptRQjZ9hkcdLTkbmFYCVmS AmW3PmUdryDxRE8ToZmUEPuw82+KPA1+vVMnbqgQjOuericmlIucpnYf1SCx+gP2w/jgl6xYqhy/9 5MZWsJ9+2r+l0qkhthgFmf/UkRRvSZhxMPKA==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sun, 30 Apr 2017 13:08:56 -0700
Received: from Hebrews (193.253.56.155) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sun, 30 Apr 2017 13:08:46 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Russ Housley' <housley@vigilsec.com>
CC: 'William Conner' <wconner@google.com>, 'SPASM' <spasm@ietf.org>
References: <149218146333.15800.10260233763572420696.idtracker@ietfa.amsl.com> <CAFTQxQtMSzVNr8oae1U6Nbu_YjkYbTDxk6FJ2FkA4yH9vGnZ0g@mail.gmail.com> <000001d2c04d$46673770$d335a650$@augustcellars.com> <F2DE7842-511B-454D-9B05-A9E44E8A34F6@vigilsec.com>
In-Reply-To: <F2DE7842-511B-454D-9B05-A9E44E8A34F6@vigilsec.com>
Date: Sun, 30 Apr 2017 22:08:20 +0200
Message-ID: <009101d2c1ed$85c18d70$9144a850$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQDDZz1qAuXyhgyMEs+1C58pozIThAKEdXKIAso7izABaJvrIqPHUd4w
X-Originating-IP: [193.253.56.155]
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/7fpSUQi2QykWkY2Sp8-KF0ogYq4>
Subject: Re: [Spasm] New Version Notification for draft-wconner-blake2sigs-00.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Apr 2017 20:11:27 -0000

I think that that is a regrettable but understandable opinion for an existing signature algorithm.  I find it less convincing for a new signature algorithm.

 

Jim

 

 

From: Russ Housley [mailto:housley@vigilsec.com] 
Sent: Sunday, April 30, 2017 9:14 PM
To: Jim Schaad <ietf@augustcellars.com>
Cc: William Conner <wconner@google.com>; SPASM <spasm@ietf.org>
Subject: Re: [Spasm] New Version Notification for draft-wconner-blake2sigs-00.txt

 

Jim:

 

> Please don’t do PKCS v1.5 signatures.  We need to make these go away. 

 

I’d like to see the community move to better structures too, but I do not see that happening quickly.  TLS 1.3 discussed using RSA-PSS for signatures on the finished message, but it was felt that too many hardware security modules could not do that for quite some time.  The WG did not want RSA-PSS to be the thing that prevented wide deployment of TLS 1.3, so it continues to support PKCS#1 v1.5 signatures as well.

 

Russ

v2.23.0 | Report a Bug | By Email