IETF Logo Mail Archive

Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01

Yoav Nir <ynir.ietf@gmail.com> Mon, 24 August 2015 17:44 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E8F11A89F6 for <tcpinc@ietfa.amsl.com>; Mon, 24 Aug 2015 10:44:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 49DY96wvzkZZ for <tcpinc@ietfa.amsl.com>; Mon, 24 Aug 2015 10:44:44 -0700 (PDT)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBAA71A8AE0 for <tcpinc@ietf.org>; Mon, 24 Aug 2015 10:44:43 -0700 (PDT)
Received: by widdq5 with SMTP id dq5so78884331wid.0 for <tcpinc@ietf.org>; Mon, 24 Aug 2015 10:44:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PUIaxm0kJwIhopjSKIWsWWQfqyOO9wx9ONEdQXGUrEo=; b=llAytc4QgXIYJP1gw09sdgtWadFy1VycgBTjG7SzM4f2okQvJn71ozPIx5hknx1R4g TL4/edRjhchzhEutAYcIhyf60dIRYvMkR/s6Rq6W5nVx8keTqzq52K6aKrpcoE35yNFH gLd2oPbWCCe2NFiQQoEV4aUQ2EGAi1iFD18a4yvQHkhUFCxZ5gXcrNrSBTAvoiZxCC4R 7xuNgU3MVjYY3VRRqo1KXq7yYplth1VyLp/+JJwK5tKq9RbM1SxEdUEXYoJgMUKTsOzM xFXYBsZBHzXFRfVff2I7ZKYMXvOH+jXU7aB89wxSgIadBAyQZVY+ecR0yk94T/rw37UL YqMg==
X-Received: by 10.194.221.4 with SMTP id qa4mr42890888wjc.145.1440438282570; Mon, 24 Aug 2015 10:44:42 -0700 (PDT)
Received: from [192.168.1.12] ([46.120.13.132]) by smtp.gmail.com with ESMTPSA id gt10sm17174326wib.20.2015.08.24.10.44.40 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 24 Aug 2015 10:44:41 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CACsn0c=h8sqXqQG5NXp9sc5TPhddPMui7Un1DYW8O4uxgwixHw@mail.gmail.com>
Date: Mon, 24 Aug 2015 20:44:38 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <BD77DB05-9252-41DE-9D05-D6F01FFD55A6@gmail.com>
References: <87wpwmnenv.fsf@ta.scs.stanford.edu> <CACsn0cnq9cZdkn=yp8-GJfXDGMP8r1sib3qrQQEQYhF25kYZPg@mail.gmail.com> <87twrpokpz.fsf@ta.scs.stanford.edu> <CACsn0ck2PfKQ8pkDLiSmuLH+81s2GzsBnKYH7e=5ga5nSJvo1Q@mail.gmail.com> <87io85ofkl.fsf@ta.scs.stanford.edu> <CACsn0cmna07KzCZme7pxRgCcAOJLXzup3KPJ+bRimL=n3mpPXg@mail.gmail.com> <87vbc5l8si.fsf@ta.scs.stanford.edu> <CACsn0c=cLj2F6JyFX848D1TuDt0A=kT7UMm8ZPRRu-X6ow4oTQ@mail.gmail.com> <87d1ycizeo.fsf@ta.scs.stanford.edu> <CACsn0c=SRaUR9okBAXaKBZG0wZ12h7aarxPFf7LYCtcQfG-nJg@mail.gmail.com> <20150824142948.GA23716@LK-Perkele-VII> <CACsn0c=h8sqXqQG5NXp9sc5TPhddPMui7Un1DYW8O4uxgwixHw@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/K7BL_iXpP0nucNEfIh91pN3AHBY>
Cc: tcpinc <tcpinc@ietf.org>, Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Subject: Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Aug 2015 17:44:45 -0000

> On Aug 24, 2015, at 5:31 PM, Watson Ladd <watsonbladd@gmail.com> wrote:
> 
> On Mon, Aug 24, 2015 at 7:29 AM, Ilari Liusvaara
> <ilari.liusvaara@elisanet.fi> wrote:
>> On Mon, Aug 24, 2015 at 07:22:23AM -0700, Watson Ladd wrote:
>>> On Mon, Aug 24, 2015 at 6:33 AM, David Mazieres
>>> 
>>> This is a misreading: I'm proposing that at any time there is only one
>>> suite that everyone uses, and versioning is just for transitions.
>> 
>> This becomes highly problematic when one needs to:
>> - Support multiple security levels.
>> - There isn't one technically (meaning, ignore legal constraints)
>>  superrior algorithm.
> 
> In case of point 2, why is there a need to use multiple algorithms?

Because I believe algorithm A is superior, you believe algorithm B is superior, but neither of us thinks the other algorithm is so bad that we might as well use cleartext.

So both of our implementations (or configurations) support both algorithms, but whichever one gets to choose chooses according to our preference.

AES-GCM vs ChaCha20/Poly1305. Which is superior?

Yoav

v2.23.0 | Report a Bug | By Email