IETF Logo Mail Archive

Re: [Tls-reg-review] Request to register TLS integrity only cipher suites for TLS 1.3

Yoav Nir <ynir.ietf@gmail.com> Tue, 11 December 2018 19:09 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CE09130F39 for <tls-reg-review@ietfa.amsl.com>; Tue, 11 Dec 2018 11:09:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oYQxbWrgVJgC for <tls-reg-review@ietfa.amsl.com>; Tue, 11 Dec 2018 11:09:17 -0800 (PST)
Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 919F1130F36 for <tls-reg-review@ietf.org>; Tue, 11 Dec 2018 11:09:17 -0800 (PST)
Received: by mail-wm1-x32f.google.com with SMTP id m1so2744578wml.2 for <tls-reg-review@ietf.org>; Tue, 11 Dec 2018 11:09:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=YRa9FeO9Ev9SJ52QP7c7WQgSOziAHKblAI1irSnIjps=; b=hlpr+Ec5O/TCeWnM9reeP+ktXO7A8JKJJyqCeEigqBIb77S5dG+bNDKWCryQKEdRfa eUuaxkpnKaEC6GTHdgTWXN9CMAN2DGdnA4dF7/PmvvLnkT86DtCSxT8IziA0M7+K/tjN j6vZhf2wqgXIxY9Px3MoISW2YPrHgM83Y3v7GTnPpqeljaxjpgj0VCKgUHoFr1j6kBq0 HE0G9mapUcccJ5U+eq/twbb/jB8XBGtVqU3b9PU/MYI9HJH1THtKYyXS+bzP+6FPTFhp 8JYjMGUaKNq5AMVDQzLSytu3zrx8mMBny5QoYHEOYE4dCvAyNXyrccZBaphFCyHFp371 a62g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=YRa9FeO9Ev9SJ52QP7c7WQgSOziAHKblAI1irSnIjps=; b=QBdyn7tAGguewolhqHJiNU/nmMMdbkffO65eGA28N1zoPJkyD9LXwCVpf2a+IVT5FD b41HKpDi7Gu55XZzUqIFN80r+j4zarDCw4JX20Y5KS+9p2BgIdJRMzZ+w4Op8A0e6gY4 5Doi/QbIs/gpNQWDr7qKZsevFMXG7V7rw1YXOugyGkcPw+ByNmXUCf2cMazFp2x2kGcT xSSWSLzZcVTbzGqdqoclX8tfsLssmLGMaZhSV3qlr5bx12XfkUc4jU3cQxdY703u0kdW kgYMFEwoNqV1JDMuZpgn9NU1+l17VENA2n1k2grngif56LQJeDUSroIr1kpODzPTEWKm ij8A==
X-Gm-Message-State: AA+aEWbITgDnquspq5WQKJkcGf4T0DYQ7L5faPy0kqVAPDJxY4sZq5OB pZ4BCeO9vWN4JSwBroSsd0o=
X-Google-Smtp-Source: AFSGD/XDJ0Y8Czfqt1rjDl2188yGOllqSL+iIxZAOEm+8K14K9l5vc0Pq1VRa99FhBwI7EYzgq19Kg==
X-Received: by 2002:a1c:a6d7:: with SMTP id p206mr3353162wme.143.1544555356015; Tue, 11 Dec 2018 11:09:16 -0800 (PST)
Received: from [192.168.1.12] ([46.120.57.147]) by smtp.gmail.com with ESMTPSA id q2sm16090362wru.56.2018.12.11.11.09.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Dec 2018 11:09:14 -0800 (PST)
From: Yoav Nir <ynir.ietf@gmail.com>
Message-Id: <F8333252-3515-4C41-8F3E-5A8E0825031A@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_AB32590D-BAEA-425A-9BA6-4D9BF9CEF31F"
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.101.1\))
Date: Tue, 11 Dec 2018 21:09:11 +0200
In-Reply-To: <CAFDDyk-p3s1k+zE=_aXO7qc9qoJz3wh3nRfRbeOS25v6Neqw9w@mail.gmail.com>
Cc: Rich Salz <rsalz@akamai.com>, tls-reg-review@ietf.org
To: Nick Sullivan <nick=40cloudflare.com@dmarc.ietf.org>
References: <CF6744AC-9E92-4E91-8652-790682B39EF8@akamai.com> <CAFDDyk-p3s1k+zE=_aXO7qc9qoJz3wh3nRfRbeOS25v6Neqw9w@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.101.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/7oVqm0kHxFm2rqk99L3h9dPEW7A>
Subject: Re: [Tls-reg-review] Request to register TLS integrity only cipher suites for TLS 1.3
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Dec 2018 19:09:21 -0000

My understanding is that *if* they do both encryption and authentication, then they need to be properly specified AEADs rather than having some method of rolling them together defined in TLS itself. 

But if you don’t want the encryption, you should be fine with just the MAC.   

I think this is fine.

> On 11 Dec 2018, at 20:37, Nick Sullivan <nick=40cloudflare.com@dmarc.ietf.org> wrote:
> 
> I guess there's no requirement for a TLS 1.3 ciphersuite to be literal AEAD, is there?
> 
> It should be fine to assign two "not recommended" points.
> 
> On Tue, Dec 11, 2018 at 6:32 PM Salz, Rich <rsalz@akamai.com <mailto:rsalz@akamai.com>> wrote:
> Seems legit to me.  Anyone else have a view?
> 
> On 12/5/18, 2:54 PM, "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com <mailto:ncamwing@cisco.com>> wrote:
> 
>         > Contact Name:
>         > Nancy Cam-Winget
>         > 
>         > Contact Email:
>         > ncamwing@cisco.com <mailto:ncamwing@cisco.com>
>         > 
>         > Type of Assignment:
>         > "Not Recommended" TLS Cipher suite assignment
>         > 
>         > Registry:
>         > TLS 1.3 cipher suite
>         > 
>         > Description:
>         > At least two IoT (ODVA and IEC) forums are requesting the need for
>         > enabling TLS 1.3 with integrity only protection in the data plane.
>         > Under security considerations, we are not recommending this cipher
>         > suite to be widely used and note that no privacy is provided when this
>         > cipher suite is used and several use cases have been noted where
>         > privacy is not required.
>         > 
>         > Additional Info:
>         > We have noted the use cases and security (and privacy) considerations
>         > in https://tools.ietf.org/html/draft-camwinget-tls-ts13-macciphersuites-01 <https://tools.ietf.org/html/draft-camwinget-tls-ts13-macciphersuites-01> as well as how the cipher suite would be used with
>         > TLS 1.3
> 
> 
> 
>     _______________________________________________
>     tls-reg-review mailing list
>     tls-reg-review@ietf.org <mailto:tls-reg-review@ietf.org>
>     https://www.ietf.org/mailman/listinfo/tls-reg-review <https://www.ietf.org/mailman/listinfo/tls-reg-review>
> 
> 
> _______________________________________________
> tls-reg-review mailing list
> tls-reg-review@ietf.org <mailto:tls-reg-review@ietf.org>
> https://www.ietf.org/mailman/listinfo/tls-reg-review <https://www.ietf.org/mailman/listinfo/tls-reg-review>
> _______________________________________________
> tls-reg-review mailing list
> tls-reg-review@ietf.org
> https://www.ietf.org/mailman/listinfo/tls-reg-review

v2.23.0 | Report a Bug | By Email