Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt
iang <iang@iang.org> Fri, 13 October 2017 16:24 UTC
Return-Path: <iang@iang.org>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38688133020 for <tcpinc@ietfa.amsl.com>; Fri, 13 Oct 2017 09:24:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bu-X0D_Kaijj for <tcpinc@ietfa.amsl.com>; Fri, 13 Oct 2017 09:24:28 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78746132076 for <tcpinc@ietf.org>; Fri, 13 Oct 2017 09:24:28 -0700 (PDT)
Received: from virulha.pair.com (localhost [127.0.0.1]) by virulha.pair.com (Postfix) with ESMTP id 38EFD6D50E; Fri, 13 Oct 2017 12:24:27 -0400 (EDT)
Received: from plata.local (iang.org [209.197.106.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by virulha.pair.com (Postfix) with ESMTPSA id E08EA6D4D2; Fri, 13 Oct 2017 12:24:26 -0400 (EDT)
To: tcpinc@ietf.org
References: <D38E22E9-FBB6-40D1-BF85-D5A77F5C2365@kuehlewind.net> <20170830223758.GA73969@scs.stanford.edu> <3a8ac0e0-cd41-57c8-85a4-79c5f179385f@kuehlewind.net> <20170929203434.GA73214@scs.stanford.edu> <D78092B0-4C01-47D6-9B5D-9DB1DA5EFA83@kuehlewind.net> <877ewgrtp8.fsf@ta.scs.stanford.edu> <20171004233140.GB84701@scs.stanford.edu> <BDB8460A-E193-4C9C-BCBA-99B805F93D0A@kuehlewind.net> <e2ae6028-6ed2-c547-2a1f-f3c170b0fb89@posteo.net>
From: iang <iang@iang.org>
Message-ID: <3879588f-d5ef-43c9-9d2c-7fe9c2657709@iang.org>
Date: Fri, 13 Oct 2017 17:24:18 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <e2ae6028-6ed2-c547-2a1f-f3c170b0fb89@posteo.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/8o5cpHtAEHgHJJrwp40-7Kln5M0>
Subject: Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Oct 2017 16:24:30 -0000
On 08/10/2017 00:33, Gregorio Guidi wrote: > ... > Having ECDHE-Curve25519 and ECDHE-Curve448 as MTI was suggested, but > the lack of implementations for Curve448 was mentioned. Unfortunately > this is still an issue: there are implementations available but no > stable and well-proved implementation of Curve448 is there yet, as > shown here: > https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations#Supported_elliptic_curves > > > Nonetheless, in the time passed since that exchange, the adoption of > Curve25519 has consolidated further, so the option to have > ECDHE-Curve25519 as the only MTI would not look so bad in my view. +1. The notion that we need two MTIs with one longer than 256 bits in an embedded optimistic half-measure needs some serious justification. And the one that fits best in kernel, isolated from external libraries, is likely best for attack surface. I'd put my money on Curve25519 every day of the month for that. iang
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Daniel B Giffin
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Mirja Kuehlewind (IETF)
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… David Mazieres
- [tcpinc] AD review of draft-ietf-tcpinc-tcpcrypt Mirja Kuehlewind (IETF)
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Daniel B Giffin
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Mirja Kühlewind
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Black, David
- [tcpinc] new drafts of TCP-ENO and tcpcrypt Daniel B Giffin
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt Mirja Kuehlewind (IETF)
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt Gregorio Guidi
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt dm-list-tcpcrypt
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt iang
- [tcpinc] Making ECDHE-Curve25519 the only MTI for… David Mazieres
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Kyle Rose
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Mirja Kühlewind
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Black, David
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Mirja Kuehlewind (IETF)
- [tcpinc] tcpcrypt MTI key exchange (speak now or … David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… Rene Struik
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… iang
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… iang
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… Gregorio Guidi