Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01

Watson Ladd <> Sun, 23 August 2015 20:54 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 30FF51B2C0E for <>; Sun, 23 Aug 2015 13:54:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id pr0LJka2FRj6 for <>; Sun, 23 Aug 2015 13:54:27 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8ACFA1B2C09 for <>; Sun, 23 Aug 2015 13:54:27 -0700 (PDT)
Received: by wijp15 with SMTP id p15so60510740wij.0 for <>; Sun, 23 Aug 2015 13:54:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=evjebu8pxIXWQhh0v1C1RmBLX/pe/u27EMEJmKCRQsY=; b=iw1lod6Ku8WfI1xFvw6UX5pSAWHZkNa8qBUToGLtcfRVCka52MOpK60c18fgrSkruq j/711/G/RCYRiMsklT3ItM7094Mf5T1viVycZ5SZggIEqrMOeG7Vz2Ewf0f8G758nYW2 o+2mnMooaTMKRLKSN2QWbZ9motWJAQrZJs95le+GmMRhHMUjTzX/UmNjYWxjdPaEFO7r eYYKIByZvWwhw4FqQIJ68vvBBJt/vy/Z3GyA27W1h+EcA8IsyeJOpk7wqRhh10X4ti5+ TR09/7pXmMKtYR6lentt12QYELM3KMtzj1anFiOQfm6+y0+jmffz8sQV4LN+RiUux4ID scEg==
MIME-Version: 1.0
X-Received: by with SMTP id t8mr23415604wix.18.1440363266285; Sun, 23 Aug 2015 13:54:26 -0700 (PDT)
Received: by with HTTP; Sun, 23 Aug 2015 13:54:26 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <>
Date: Sun, 23 Aug 2015 13:54:26 -0700
Message-ID: <>
From: Watson Ladd <>
To: David Mazieres <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Cc: tcpinc <>
Subject: Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 23 Aug 2015 20:54:29 -0000

On Sun, Aug 23, 2015 at 12:42 PM, David Mazieres
<> wrote:
> Watson Ladd <> writes:
>> Think of this "fixed ordering" as versioning, like HTTP/0.9, 1.0, 1.1,
>> 2.0, etc. The idea is that we'd only introduce new versions when we
>> knew they were stronger than the old ones.
> Such a linear ordering would be very hard to achieve, given that
> different parts of the world trust/mistrust different crypto algorithms.
> Even among cipher suites discussed so far, how would we order
> P-256/AES-128 vs. Curve25519/Chacha/Poly1305.  The former set is better
> is the sense that it is more established.  The latter is better in the
> sense that it is newer, potentially more efficient, and (for the
> paranoid) less tainted by government involvement.  I think realistically
> the preference has to be left to the individual host configuration
> rather than the IETF.

Let's consider what this actually means. Hosts that implement 1 of two
options because they don't trust the other one to provide adequate
security will not talk to the ones that make the wrong choice. Hosts
that implement both would be fine picking just one, in fact prefer it
as it reduces the amount of work they have to do.

But by having ranking preferences, we're in fact saying "you would be
fine with picking one for improved interop, but we're going to force
you to make a choice that complicates your implementation, because we
assume you are an expert in cryptanalysis research and we are not".
Picking one suite that's widely acceptable is far better than
providing a smorgasbord.

> David

"Man is born free, but everywhere he is in chains".