IETF Logo Mail Archive

Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01

David Mazieres <dm-list-tcpcrypt@scs.stanford.edu> Sun, 23 August 2015 19:42 UTC

Return-Path: <dm-list-tcpcrypt@scs.stanford.edu>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 688181B2AA1 for <tcpinc@ietfa.amsl.com>; Sun, 23 Aug 2015 12:42:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.989
X-Spam-Level:
X-Spam-Status: No, score=0.989 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xo31M7JkmQef for <tcpinc@ietfa.amsl.com>; Sun, 23 Aug 2015 12:42:18 -0700 (PDT)
Received: from market.scs.stanford.edu (www.scs.stanford.edu [IPv6:2001:470:806d:1::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5D251B2A9E for <tcpinc@ietf.org>; Sun, 23 Aug 2015 12:42:18 -0700 (PDT)
Received: from market.scs.stanford.edu (localhost.scs.stanford.edu [127.0.0.1]) by market.scs.stanford.edu (8.14.7/8.14.7) with ESMTP id t7NJgHPb022911; Sun, 23 Aug 2015 12:42:17 -0700 (PDT)
Received: (from dm@localhost) by market.scs.stanford.edu (8.14.7/8.14.7/Submit) id t7NJgG1h028230; Sun, 23 Aug 2015 12:42:16 -0700 (PDT)
X-Authentication-Warning: market.scs.stanford.edu: dm set sender to dm-list-tcpcrypt@scs.stanford.edu using -f
From: David Mazieres <dm-list-tcpcrypt@scs.stanford.edu>
To: Watson Ladd <watsonbladd@gmail.com>
In-Reply-To: <CACsn0cnq9cZdkn=yp8-GJfXDGMP8r1sib3qrQQEQYhF25kYZPg@mail.gmail.com>
References: <CABcZeBNEFVkDi38y3G-C2nQF=dzW2mGDsj5DVK_OKVkPwK=G0g@mail.gmail.com> <878u92oadf.fsf@ta.scs.stanford.edu> <CACsn0ckQskjLqo0=YfJrmBEsyCaq0jpcSzGUwKhRo0BzzQ=wDA@mail.gmail.com> <871teuo7nu.fsf@ta.scs.stanford.edu> <CACsn0ckn-QdoXmTgjW8gYQyVqZ0x9JHEYvZO5VHQkG9nKA3-Ew@mail.gmail.com> <87wpwmnenv.fsf@ta.scs.stanford.edu> <CACsn0cnq9cZdkn=yp8-GJfXDGMP8r1sib3qrQQEQYhF25kYZPg@mail.gmail.com>
Date: Sun, 23 Aug 2015 12:42:16 -0700
Message-ID: <87twrpokpz.fsf@ta.scs.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/-itgLBo9JDTvCRi_P-kzPtt_msQ>
Cc: tcpinc <tcpinc@ietf.org>
Subject: Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Aug 2015 19:42:20 -0000

Watson Ladd <watsonbladd@gmail.com> writes:

> Think of this "fixed ordering" as versioning, like HTTP/0.9, 1.0, 1.1,
> 2.0, etc. The idea is that we'd only introduce new versions when we
> knew they were stronger than the old ones.

Such a linear ordering would be very hard to achieve, given that
different parts of the world trust/mistrust different crypto algorithms.
Even among cipher suites discussed so far, how would we order
P-256/AES-128 vs. Curve25519/Chacha/Poly1305.  The former set is better
is the sense that it is more established.  The latter is better in the
sense that it is newer, potentially more efficient, and (for the
paranoid) less tainted by government involvement.  I think realistically
the preference has to be left to the individual host configuration
rather than the IETF.

David

v2.14.0 | Report a Bug | By Email