Re: [tcpinc] tcpcrypt MTI key exchange (speak now or forever hold your peace...)
Rene Struik <rstruik.ext@gmail.com> Tue, 24 October 2017 01:22 UTC
Return-Path: <rstruik.ext@gmail.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADE1F138BE2 for <tcpinc@ietfa.amsl.com>; Mon, 23 Oct 2017 18:22:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BLN0auCzrt9J for <tcpinc@ietfa.amsl.com>; Mon, 23 Oct 2017 18:22:53 -0700 (PDT)
Received: from mail-io0-x230.google.com (mail-io0-x230.google.com [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4C2913AAFF for <tcpinc@ietf.org>; Mon, 23 Oct 2017 18:22:52 -0700 (PDT)
Received: by mail-io0-x230.google.com with SMTP id j17so22138498iod.5 for <tcpinc@ietf.org>; Mon, 23 Oct 2017 18:22:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=dRacQoZxryYk850XJlvUDVZ5rIxyRoqOAaC74BVnJZM=; b=YxpUZfuoF3G3hAyZN+/TTS6LQIiPvhCv4O2qhAW9L2twEklo2ZvZ1uDLyof1pW0etG OZa0lX4OTyF2z69OOwWdwqF27IjQZSVdZYouPlRAhXliOizdcRLj+cvntmaMQUMfypDp OrDa3vob6yP8qqLpoiNHbFN9tkL0BhG9MSiQ9BpFnmI1nmVEIGGiC9Ujnf4J1VOnF/Gq seZ7qoxpkt34VPP+Tqk7sewphVvJ5J8j4tZpjiajMhMYhoO/MlHYBTYso4ugXcZeUhQ1 m0dfuAlRRIRODGTc8R/C0hX0X/Shaq5QjGD2/v/LdlD2EPWvYRddUlaIY8biBbyf9r8b JbuA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=dRacQoZxryYk850XJlvUDVZ5rIxyRoqOAaC74BVnJZM=; b=L8VlwMUs2m8hcO3ADV6YpwnZZScCdnqHX+zWWalOV1ckmYHwVrcQQSYI7bKP4QJvT1 d57HakXofE6byewOGkvwRms6668QxkI/zoJRIduIN51mdg9G/Ik6QAj/fTP04Ze2g5wR bOSIFVjsM0Zdl4j4zpo/2RoevSiglROTdcnAgJxgUGxaHtwmj4bAzf6njC3iLMrKWUK/ nTMcAiKDRVJxDk1mJ/oJBRscrcPMDB3z/xPrY06eCiFnxEYv5++yiKXs1oxlPQVcLRk3 5UJIWzhe61Som3KpvnPK885mbPpmOSe31FjsQG4o9Hqc4+rrm65aTwgLzlMDn+8O5e0c tVSA==
X-Gm-Message-State: AMCzsaUeqLV7siZpNBbrGlqSCjymHuARJEyxpCSzesj8HfeINap9nCav DBhprNyNaQCfycQcERj6Gu9Rhw==
X-Google-Smtp-Source: ABhQp+TxdiHyVJdmqIwWTWpnRn4SRfZyyLRzGynV7Ndy9wnecNBvVIVX3fzNaLF+JOo470S93rdpaQ==
X-Received: by 10.107.31.201 with SMTP id f192mr18916726iof.12.1508808171903; Mon, 23 Oct 2017 18:22:51 -0700 (PDT)
Received: from [192.168.0.14] (CPE7cb21b2cb904-CM7cb21b2cb901.cpe.net.cable.rogers.com. [99.230.209.238]) by smtp.gmail.com with ESMTPSA id x137sm146839itb.37.2017.10.23.18.22.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 23 Oct 2017 18:22:51 -0700 (PDT)
To: David Mazieres expires 2018-01-21 PST <mazieres-m3w8362yb4cc5hherzqjdkknf6@temporary-address.scs.stanford.edu>, iang <iang@iang.org>, Gregorio Guidi <greg_g@posteo.net>, tcpinc@ietf.org
References: <D38E22E9-FBB6-40D1-BF85-D5A77F5C2365@kuehlewind.net> <20170830223758.GA73969@scs.stanford.edu> <3a8ac0e0-cd41-57c8-85a4-79c5f179385f@kuehlewind.net> <20170929203434.GA73214@scs.stanford.edu> <D78092B0-4C01-47D6-9B5D-9DB1DA5EFA83@kuehlewind.net> <877ewgrtp8.fsf@ta.scs.stanford.edu> <20171004233140.GB84701@scs.stanford.edu> <BDB8460A-E193-4C9C-BCBA-99B805F93D0A@kuehlewind.net> <e2ae6028-6ed2-c547-2a1f-f3c170b0fb89@posteo.net> <3879588f-d5ef-43c9-9d2c-7fe9c2657709@iang.org> <87h8uylfgk.fsf@ta.scs.stanford.edu> <87h8upk3we.fsf@ta.scs.stanford.edu>
From: Rene Struik <rstruik.ext@gmail.com>
Message-ID: <8eb673b4-f7ff-456d-8623-30914d01503c@gmail.com>
Date: Mon, 23 Oct 2017 21:22:47 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <87h8upk3we.fsf@ta.scs.stanford.edu>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/jDPkGXan0n89iMm1xaBE51V2Jow>
Subject: Re: [tcpinc] tcpcrypt MTI key exchange (speak now or forever hold your peace...)
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Oct 2017 01:22:55 -0000
Hi David: This should be okay as long as people are painfully aware that implementations should take algorithm agility into account [1]. In particular, no complaining about vested interests down the road, in case a suite change should be required. The protocol should also support *now* algorithm agility, via indicator functions of the suite in question. Rene [1] RFC 7696 - Guidelines for Cryptographic Algorithm Agility and Selecting Mandatory-to-Implement Algorithms (November 2015) On 10/23/2017 4:25 PM, David Mazieres wrote: > We are considering the following proposal for MTI key exchange protocols > in tcpcrypt: > > 1. Implementations MUST support Curve25519. > > 2. Implementations SHOULD support Curve448 to the extent that suitable > implementations are available. > > 3. Implementations MAY support P256 and P521 (particularly since > hardware implementations are widely available for the former). > > (Obviously whatever algorithms are supported can always be disabled by > configuration--this is just about what the software MUST support, not > what everyone must use.) > > The security ADs have not 100% signed off on this approach yet, but seem > receptive to it. However, given the timeline, we would like to > parallelize things and find out *now* if there are any objections to the > proposal. Based on the working group discussion, I think everyone will > be happy, so please speak up now if you object. > > Thanks, > David > > _______________________________________________ > Tcpinc mailing list > Tcpinc@ietf.org > https://www.ietf.org/mailman/listinfo/tcpinc -- email: rstruik.ext@gmail.com | Skype: rstruik cell: +1 (647) 867-5658 | US: +1 (415) 690-7363
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Daniel B Giffin
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Mirja Kuehlewind (IETF)
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… David Mazieres
- [tcpinc] AD review of draft-ietf-tcpinc-tcpcrypt Mirja Kuehlewind (IETF)
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Daniel B Giffin
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Mirja Kühlewind
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Black, David
- [tcpinc] new drafts of TCP-ENO and tcpcrypt Daniel B Giffin
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt Mirja Kuehlewind (IETF)
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt Gregorio Guidi
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt dm-list-tcpcrypt
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt iang
- [tcpinc] Making ECDHE-Curve25519 the only MTI for… David Mazieres
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Kyle Rose
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Mirja Kühlewind
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Black, David
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Mirja Kuehlewind (IETF)
- [tcpinc] tcpcrypt MTI key exchange (speak now or … David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… Rene Struik
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… iang
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… iang
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… Gregorio Guidi