IETF Logo Mail Archive

Re: [Spasm] New Version Notification for draft-wconner-blake2sigs-00.txt

Russ Housley <housley@vigilsec.com> Sun, 30 April 2017 19:16 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C354412778D for <spasm@ietfa.amsl.com>; Sun, 30 Apr 2017 12:16:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.801
X-Spam-Level:
X-Spam-Status: No, score=0.801 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3bXRHf0fk3Eh for <spasm@ietfa.amsl.com>; Sun, 30 Apr 2017 12:16:22 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D52491200F1 for <spasm@ietf.org>; Sun, 30 Apr 2017 12:13:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 2F581300250 for <spasm@ietf.org>; Sun, 30 Apr 2017 15:13:55 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 28BA0bXGXzgx for <spasm@ietf.org>; Sun, 30 Apr 2017 15:13:54 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id 1386F300209; Sun, 30 Apr 2017 15:13:54 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <F2DE7842-511B-454D-9B05-A9E44E8A34F6@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_CEFEC4A9-DDF4-4BCE-8906-313ABE8075BB"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Sun, 30 Apr 2017 15:13:54 -0400
In-Reply-To: <000001d2c04d$46673770$d335a650$@augustcellars.com>
Cc: William Conner <wconner@google.com>, SPASM <spasm@ietf.org>
To: Jim Schaad <ietf@augustcellars.com>
References: <149218146333.15800.10260233763572420696.idtracker@ietfa.amsl.com> <CAFTQxQtMSzVNr8oae1U6Nbu_YjkYbTDxk6FJ2FkA4yH9vGnZ0g@mail.gmail.com> <000001d2c04d$46673770$d335a650$@augustcellars.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/9hBBZc9uqihEDPpYlpimYAV40lI>
Subject: Re: [Spasm] New Version Notification for draft-wconner-blake2sigs-00.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Apr 2017 19:16:24 -0000

Jim:

> Please don’t do PKCS v1.5 signatures.  We need to make these go away. 

I’d like to see the community move to better structures too, but I do not see that happening quickly.  TLS 1.3 discussed using RSA-PSS for signatures on the finished message, but it was felt that too many hardware security modules could not do that for quite some time.  The WG did not want RSA-PSS to be the thing that prevented wide deployment of TLS 1.3, so it continues to support PKCS#1 v1.5 signatures as well.

Russ

v2.23.0 | Report a Bug | By Email