IETF Logo Mail Archive

Re: [Spasm] Suggestions for draft-schaad-rfc5751-bis-00.txt

Russ Housley <housley@vigilsec.com> Fri, 29 April 2016 21:25 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F63312D572 for <spasm@ietfa.amsl.com>; Fri, 29 Apr 2016 14:25:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u1kPPpFfLk2V for <spasm@ietfa.amsl.com>; Fri, 29 Apr 2016 14:25:11 -0700 (PDT)
Received: from mail.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 526C212D0DA for <spasm@ietf.org>; Fri, 29 Apr 2016 14:25:11 -0700 (PDT)
Received: from localhost (ronin.smetech.net [209.135.209.5]) by mail.smetech.net (Postfix) with ESMTP id 954CEF2404B; Fri, 29 Apr 2016 17:25:10 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from mail.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id rZyyNpF5575R; Fri, 29 Apr 2016 17:08:57 -0400 (EDT)
Received: from [172.20.1.174] (c-73-99-75-174.hsd1.va.comcast.net [73.99.75.174]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.smetech.net (Postfix) with ESMTP id 24552F24036; Fri, 29 Apr 2016 17:25:00 -0400 (EDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <CAAFsWK1J3baG7=KHpD67q9Uzt48tja=Dejud5xJrUT0HWp=HBw@mail.gmail.com>
Date: Fri, 29 Apr 2016 17:24:59 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <BC14AACE-B0C5-4C32-B6D7-AD67084F0B49@vigilsec.com>
References: <CAFTDvC5g5CeY0V4xO3NahYc226BMOF5QCCK41_admqiz88ZZ3Q@mail.gmail.com> <CAAFsWK1J3baG7=KHpD67q9Uzt48tja=Dejud5xJrUT0HWp=HBw@mail.gmail.com>
To: Wei Chuang <weihaw@google.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/spasm/sHl-ajMGNyV05vDEuKOtcNg--wk>
Cc: spasm@ietf.org
Subject: Re: [Spasm] Suggestions for draft-schaad-rfc5751-bis-00.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Apr 2016 21:25:13 -0000

 
> As this update also adds AES-GCM, can draft-housley-cms-chacha20-poly1305-00 be considered too?  That would help authenticated encryption algorithm diversity.
> 
> Also does this means that updating algorithms in general will be covered in this pass?  If so, can keysize and algorithm deprecation occur e.g. drop md5?

The Security ADs have asked that algorithm work be done in the CURDLE WG.  So, I have asked that WG to adopt these three drafts:

	draft-housley-cms-eddsa-signatures
	draft-housley-cms-ecdh-new-curves
	draft-housley-cms-chacha20-poly1305

> For possible work much farther down the road, I would suggest that section 3.1 and details of wrapping messages in "message/rfc822" be clarified.

If clarification is needed, I’d like to roll it into the rfc5751bis work.

Russ

v2.23.0 | Report a Bug | By Email