IETF Logo Mail Archive

Re: [Tls-reg-review] Question about the TLS cipher suite registry

"Salz, Rich" <rsalz@akamai.com> Thu, 05 March 2020 02:37 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F1AF3A0911 for <tls-reg-review@ietfa.amsl.com>; Wed, 4 Mar 2020 18:37:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V3sHhymFS6Q1 for <tls-reg-review@ietfa.amsl.com>; Wed, 4 Mar 2020 18:37:01 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AA433A090E for <tls-reg-review@ietf.org>; Wed, 4 Mar 2020 18:37:01 -0800 (PST)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 0252WFXa024145; Thu, 5 Mar 2020 02:36:59 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=D0SH3i9iOWZ4zXQ1nVWp32QmMneK6bNbwrEqsdL/b3Y=; b=gssWAlC0dufkYMIJFWOxc0dE2hsuem0y1tkDCHIs++nOkjTMR15qtwY162TAtMCqhrnV n/QwtznvjN/HrUJcURDuh3FkbRviCUqr1AjaSzC6uKlUgkurEniCDJV25GQ5p4Vsu/L/ Z/kgI850QyBF5jODTynMctNwQWvdeZFqp772ajr6GF0uhJxjW856Z0B6g3qgGy/qNYk5 HmVQdTGUGf+DYcLXjlCeFMxsBe/w15eNPMx7UNMBPaNN3lOtpmCLpxVQi0+bLrlyW3Od 5qO6wnoTJqVLCsM3hG0FBamQK4guEmPR2qWRKlHOB5h9P5fXFqqIbP/ah8NkYw18HBM2 nw==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 2yhb6stdfs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 05 Mar 2020 02:36:59 +0000
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.27/8.16.0.27) with SMTP id 0252IXeY003434; Wed, 4 Mar 2020 21:36:57 -0500
Received: from email.msg.corp.akamai.com ([172.27.123.33]) by prod-mail-ppoint2.akamai.com with ESMTP id 2yfm60edjv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 04 Mar 2020 21:36:56 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb6.msg.corp.akamai.com (172.27.123.65) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 4 Mar 2020 21:36:55 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1497.006; Wed, 4 Mar 2020 21:36:55 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Adam Foltzer <acfoltzer@fastly.com>, Mark Nottingham <mnot@mnot.net>, "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>
Thread-Topic: Question about the TLS cipher suite registry
Thread-Index: AQHV8oDW4I0U16X8GkKaSHOIfoP4wqg5SNsA
Date: Thu, 05 Mar 2020 02:36:54 +0000
Message-ID: <9ED5942D-EDA8-42C8-8786-EC16C4E2AD97@akamai.com>
References: <D8454EC5-D056-4627-934D-8BEB2A654B5D@mnot.net> <CAB8hvnH3ZPMXmSw7cC+m7r1JPrZjFpJpKm6O5wZ60V8Z_pjLZg@mail.gmail.com>
In-Reply-To: <CAB8hvnH3ZPMXmSw7cC+m7r1JPrZjFpJpKm6O5wZ60V8Z_pjLZg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.35.20022603
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.114.223]
Content-Type: multipart/alternative; boundary="_000_9ED5942DEDA842C88786EC16C4E2AD97akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-03-04_10:2020-03-04, 2020-03-04 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2002050000 definitions=main-2003050010
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-03-04_10:2020-03-04, 2020-03-04 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 malwarescore=0 lowpriorityscore=0 bulkscore=0 mlxscore=0 adultscore=0 clxscore=1011 phishscore=0 spamscore=0 suspectscore=0 priorityscore=1501 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2003050011
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/CzF5H-R_nJERKHfDdx4yLOjKEbc>
Subject: Re: [Tls-reg-review] Question about the TLS cipher suite registry
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2020 02:37:03 -0000

Using the tls-reg-review mail alias so that IANA sees this.

I don’t know how the csv or XHTML files are maintained.  Looking at https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4, I see this:
        0xFA,0x00-C9

Unassigned


Is that the range you mean?

From: Adam Foltzer <acfoltzer@fastly.com>
Date: Wednesday, March 4, 2020 at 6:58 PM
To: Mark Nottingham <mnot@mnot.net>
Cc: Yoav Nir <ynir.ietf@gmail.com>, Rich Salz <rsalz@akamai.com>, Nick Sullivan <nick@cloudflare.com>
Subject: Re: Question about the TLS cipher suite registry

Thanks, Mark!

Hi everyone,

I was working with the CSV of the cipher suite registry (https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.iana.org_assignments_tls-2Dparameters_tls-2Dparameters-2D4.csv&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=dpcjQ2TVZH5UswHqtHodv3nFO9QiYT-91jWev8I1OVg&s=oWGFQzXXyHhRfUn7HdSz_GjjhhIOk39VO5CKXJ1mG38&e=>) and noticed that the value range 0xFA,0xCA-F9 is missing both from the CSV and the XHTML table. As far as I can tell, this is the only missing range.

I wanted to bring this to your attention, as well as ask whether it'd be correct to treat these values as Unassigned for the time being.

Thank you!

Adam

On Wed, Mar 4, 2020 at 3:38 PM Mark Nottingham <mnot@mnot.net<mailto:mnot@mnot.net>> wrote:
Gents,

One of my colleagues, Adam (CC:ed) has a question about the TLS cipher suite registry.

Over to you, Adam!

Cheers,

--
Mark Nottingham   https://www.mnot.net/<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mnot.net_&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=dpcjQ2TVZH5UswHqtHodv3nFO9QiYT-91jWev8I1OVg&s=SHPGhce_r4u8Yg6qhyG0JBGpU5AMG_DFPiqHswyyPGc&e=>


--
Adam C. Foltzer | Senior Software Engineer
fastly.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__fastly.com&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=dpcjQ2TVZH5UswHqtHodv3nFO9QiYT-91jWev8I1OVg&s=VXi94D-mlhEn_pyKojowqvnn4s_EtDXYYUZAnU6uKwI&e=> | @fastly

v2.23.0 | Report a Bug | By Email