IETF Logo Mail Archive

Re: [Tls-reg-review] Request to register value in TLS bar registry

Смышляев Станислав Витальевич <svs@cryptopro.ru> Wed, 09 January 2019 19:52 UTC

Return-Path: <svs@cryptopro.ru>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 059C8131032 for <tls-reg-review@ietfa.amsl.com>; Wed, 9 Jan 2019 11:52:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.92
X-Spam-Level:
X-Spam-Status: No, score=-0.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IS5NQG8cvcxk for <tls-reg-review@ietfa.amsl.com>; Wed, 9 Jan 2019 11:52:19 -0800 (PST)
Received: from mx.cryptopro.ru (mx.cryptopro.ru [193.37.157.34]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80A3E131062 for <tls-reg-review@ietf.org>; Wed, 9 Jan 2019 11:52:16 -0800 (PST)
Received: from owacp.cp.ru (192.168.68.95) by pegas.cp.ru (192.168.68.231) with Microsoft SMTP Server (TLS) id 14.3.399.0; Wed, 9 Jan 2019 22:52:13 +0300
Received: from orion.cp.ru (192.168.69.205) by owacp.cp.ru (192.168.68.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1591.10; Wed, 9 Jan 2019 22:52:12 +0300
Received: from orion.cp.ru ([::1]) by orion.cp.ru ([::1]) with mapi id 15.00.1210.000; Wed, 9 Jan 2019 22:52:12 +0300
From: Смышляев Станислав Витальевич <svs@cryptopro.ru>
To: Yoav Nir <ynir.ietf@gmail.com>
CC: Евгений Алексеев <geni-cmc@mail.ru>, "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>, Смышляева Екатерина Сергеевна <ess@cryptopro.ru>, Коллегин Максим Дмитриевич <kollegin@cryptopro.ru>, Алексеев Евгений Константинович <alekseev@cryptopro.ru>
Thread-Topic: [Tls-reg-review] Request to register value in TLS bar registry
Thread-Index: AQHUqB1+hGzG2Vny/kOqHxsDsj7j46WnEs8AgABGlPA=
Date: Wed, 09 Jan 2019 19:52:11 +0000
Message-ID: <061D39FF-0538-498E-8485-33B92D6893AF@cryptopro.ru>
References: <1547039768.320095625@f553.i.mail.ru>, <74E19738-0B8D-47EA-A684-A5A70E9BE487@gmail.com>
In-Reply-To: <74E19738-0B8D-47EA-A684-A5A70E9BE487@gmail.com>
Accept-Language: ru-RU, en-US
Content-Language: ru-RU
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
Content-Type: multipart/alternative; boundary="_000_061D39FF0538498E848533B92D6893AFcryptoproru_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/C4lgbFFTSR8UG_y20LgNPcr-3Ug>
Subject: Re: [Tls-reg-review] Request to register value in TLS bar registry
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jan 2019 19:52:22 -0000

Dear Yoav,

Thank you very much for your comments!
If you don't mind, I'll reply:
1) Yes, Kuznyechik is the new Russian cipher. It is defined in RFC 7801.
2) There's still work in progress on an AEAD mode to be standardized in Russia - and we can't have a TLS 1.3 cipher suite without an AEAD mode. Currently the MGM mode (see https://tools.ietf.org/html/draft-smyshlyaev-mgm-09) is being carefully studied and tends to be the one. Valery Smyslov waits for it also - to be able to work on IKEv2 and ESP with GOSTs.
That's why the current request (and the draft it refers to) is only about TLS 1.2 so far.
3) Unfortunately, there is a misleading statement in the current version of the draft (thank you for pointing to it, Yoav!): actually, {0x00, 0x81} is used for the older cipher suite from https://tools.ietf.org/html/draft-chudov-cryptopro-cptls-04#section-5. The existing implementations of TLS_GOSTR341112_256_WITH_28147_CNT_IMIT use the number {0xFF, 0x85}

Best regards,
Stanislav Smyshlyaev

9 янв. 2019 г., в 21:39, Yoav Nir <ynir.ietf@gmail.com<mailto:ynir.ietf@gmail.com>> написал(а):

Hi, Evgeny.

We'll give the answer in a few days. First, I'd like to ask a few clarifying questions:

  *   If I understand correctly, the Kuznyechik ciphers in this document is the new GOST algorithms, right?
  *   I have noticed that this is only for TLS 1.2.  Why not TLS 1.3?
  *   Section 10 mentions that there are existing implementations that use the value {0x00,0x81} for TLS_GOSTR341112_256_WITH_28147_CNT_IMIT.  I see in the IANA registry<https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-4> that this value is free.  Do you want to re-use it?

Thanks

Yoav

On 9 Jan 2019, at 15:16, Евгений Алексеев <geni-cmc=40mail.ru@dmarc.ietf.org<mailto:geni-cmc=40mail.ru@dmarc.ietf.org>> wrote:

Hello!

We would like to ask IANA to assign numbers in accordance with the IANA Considerations section of the "GOST Cipher Suites for Transport Layer Security (TLS) Protocol Version 1.2" document (https://tools.ietf.org/html/draft-smyshlyaev-tls12-gost-suites-04#section-9).

--
Best regards,
Evgeny Alekseev
_______________________________________________
tls-reg-review mailing list
tls-reg-review@ietf.org<mailto:tls-reg-review@ietf.org>
https://www.ietf.org/mailman/listinfo/tls-reg-review

v2.23.0 | Report a Bug | By Email