IETF Logo Mail Archive

Re: [Tls-reg-review] Request to register value in TLS bar registry

Yoav Nir <ynir.ietf@gmail.com> Fri, 01 February 2019 18:57 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1E9613110A for <tls-reg-review@ietfa.amsl.com>; Fri, 1 Feb 2019 10:57:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kpT4nGM53KOd for <tls-reg-review@ietfa.amsl.com>; Fri, 1 Feb 2019 10:57:34 -0800 (PST)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 696AA130E5B for <tls-reg-review@ietf.org>; Fri, 1 Feb 2019 10:57:34 -0800 (PST)
Received: by mail-wm1-x334.google.com with SMTP id m22so7291306wml.3 for <tls-reg-review@ietf.org>; Fri, 01 Feb 2019 10:57:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=AzNpXSLzh/LbZomI7k5sldcj+8+dqRb10W0xo8EwKbc=; b=GfSRYHVNKJ9INKyaQXCj9HGQnlydXIrAK/OvOVg7N1mp6sWKlAU8l8v2bloZWNbXEv v7vKsu2CBQ1FzSow82+gc3DOUt/Xke3pPVdLDFn+UkJ9HEBPFk4dgR4xDT2yo6hQUsz3 MoSEVXBrdKM2xrmh8ior9gn4lIIexy8XSQewxy4QmjLI6SNRbsNoV9iRuCWOg/PWTPxR mWCwwFTS07ID8WzW8Bjs4nWDLryQ/vfmwgiOMnC87c02zoPTljCmcXkn0VEhBydHloQb aU2GW9LhA6GdLql8aIOyLJW/KAM6tnv22aF+0xEF8Y1fJbr1wPHwXnirUNGvwAFAT9Wk NyKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=AzNpXSLzh/LbZomI7k5sldcj+8+dqRb10W0xo8EwKbc=; b=odKmHFlfbjaVRsGn2t7AmQLRpOyrmnckepP7B9+cV8uKuPeiHytNJYWKBypMRQjZXB UDe5/rq9N91gqNYtc1T35UDZRRFLLqyZ6SJtbYQQxu7gJszINQlni2oHhfww25jgicjR 7PSG8Lt3iXjdLyLKxlnlh273LnGLmfy12zlGcplY1P82cvhbyP3Im5Os3YsdiSdPJq9B M3tTdudN4FwK0ZUdJaFphY8kxzSE9iwwicsSjbrgkls4DREPmT8q7rwRf4Tj3XGBLkym Q4yldYIqDAQQrWTO4HIoyIrDwSC3Cbp7olS1iAcz2BLI+KOUi/yUN0Mtp4H34wwbtrGI gR/A==
X-Gm-Message-State: AHQUAuYM7UKKFHLGsw4YuaFzYpfb8mgec+rtAsTKtRsRHNZzVu4/tc1h mccKtcEnPl4PYl7kLeeppKun7dqJ
X-Google-Smtp-Source: AHgI3IaLrgq+VARy3ChBv08N/U11Rsv4iEYoNcLIT5tJRtg2sv0jIk6R1YimMpetMC2XP1ZjaiE5uQ==
X-Received: by 2002:a1c:44d6:: with SMTP id r205mr3725920wma.50.1549047452846; Fri, 01 Feb 2019 10:57:32 -0800 (PST)
Received: from [192.168.1.12] ([46.120.57.147]) by smtp.gmail.com with ESMTPSA id e16sm17317581wrn.72.2019.02.01.10.57.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 01 Feb 2019 10:57:31 -0800 (PST)
From: Yoav Nir <ynir.ietf@gmail.com>
Message-Id: <DA944331-8E53-445A-BB3B-58D1317519DB@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_EEA798A0-7C17-4D67-B2A9-94A9AE0CCE90"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Fri, 1 Feb 2019 20:57:27 +0200
In-Reply-To: <d665d166418d468c8c24bc45719d7e07@cryptopro.ru>
Cc: =?utf-8?B?0JXQstCz0LXQvdC40Lkg0JDQu9C10LrRgdC10LXQsg==?= <geni-cmc@mail.ru>, "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>, =?utf-8?B?0KHQvNGL0YjQu9GP0LXQstCwINCV0LrQsNGC0LXRgNC40L3QsCDQodC10YA=?= =?utf-8?B?0LPQtdC10LLQvdCw?= <ess@cryptopro.ru>, =?utf-8?B?0JrQvtC70LvQtdCz0LjQvSDQnNCw0LrRgdC40Lwg0JTQvNC40YLRgNC40LU=?= =?utf-8?B?0LLQuNGH?= <kollegin@cryptopro.ru>, =?utf-8?B?0JDQu9C10LrRgdC10LXQsiDQldCy0LPQtdC90LjQuSDQmtC+0L3RgdGC0LA=?= =?utf-8?B?0L3RgtC40L3QvtCy0LjRhw==?= <alekseev@cryptopro.ru>, =?utf-8?B?0JHQtdC70Y/QstGB0LrQuNC5INCU0LzQuNGC0YDQuNC5?= <beldmit@cryptocom.ru>
To: =?utf-8?B?0KHQvNGL0YjQu9GP0LXQsiDQodGC0LDQvdC40YHQu9Cw0LIg0JLQuNGC0LA=?= =?utf-8?B?0LvRjNC10LLQuNGH?= <svs@cryptopro.ru>, iana-matrix-comment@iana.org
References: <1547039768.320095625@f553.i.mail.ru> <74E19738-0B8D-47EA-A684-A5A70E9BE487@gmail.com> <061D39FF-0538-498E-8485-33B92D6893AF@cryptopro.ru> <0408EA40-18F5-46A0-A5A8-BA667BFD4490@cryptopro.ru> <d665d166418d468c8c24bc45719d7e07@cryptopro.ru>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/yXtDmWeAaYIJizKQLhBMyqG0E3A>
Subject: Re: [Tls-reg-review] Request to register value in TLS bar registry
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Feb 2019 18:57:37 -0000

[Adding IANA]

Hi, Stanislav

Sorry for dropping this.  Yes, we’ve considered this, and you can definitely have the registration as described in your draft.

Yoav

https://tools.ietf.org/html/draft-smyshlyaev-tls12-gost-suites-04#section-9 <https://tools.ietf.org/html/draft-smyshlyaev-tls12-gost-suites-04#section-9>


> On 1 Feb 2019, at 9:28, Смышляев Станислав Витальевич <svs@cryptopro.ru> wrote:
> 
> Dear Yoav, Rich and Nick,
>  
> Do you have any additional questions about this request? Dmitry Belyavsky and I will be very happy to provide any clarifications, if needed.
>  
> Best regards,
> Stanislav Smyshlyaev, Ph.D.
> CISO, CryptoPro LLC
>  
> From: Смышляев Станислав Витальевич <svs@cryptopro.ru> 
> Sent: Wednesday, January 9, 2019 11:26 PM
> To: Yoav Nir <ynir.ietf@gmail.com>
> Cc: Евгений Алексеев <geni-cmc@mail.ru>ru>; tls-reg-review@ietf.org; Смышляева Екатерина Сергеевна <ess@cryptopro.ru>ru>; Коллегин Максим Дмитриевич <kollegin@cryptopro.ru>ru>; Алексеев Евгений Константинович <alekseev@cryptopro.ru>ru>; Белявский Дмитрий <beldmit@cryptocom.ru>
> Subject: Re: [Tls-reg-review] Request to register value in TLS bar registry
>  
> CC’ing Dmitry Belyavsky (in case he would like to add some other clarifications), who we discussed the IANA request for the GOST cipher suites with (in Bangkok).
>  
> Best regards,
> Stanislav Smyshlyaev
> 
> 
> 9 янв. 2019 г., в 22:52, Смышляев Станислав Витальевич <svs@cryptopro.ru <mailto:svs@cryptopro.ru>> написал(а):
> 
> Dear Yoav, 
>  
> Thank you very much for your comments!
> If you don’t mind, I’ll reply:
> 1) Yes, Kuznyechik is the new Russian cipher. It is defined in RFC 7801. 
> 2) There’s still work in progress on an AEAD mode to be standardized in Russia - and we can’t have a TLS 1.3 cipher suite without an AEAD mode. Currently the MGM mode (see https://tools.ietf.org/html/draft-smyshlyaev-mgm-09 <https://tools.ietf.org/html/draft-smyshlyaev-mgm-09>) is being carefully studied and tends to be the one. Valery Smyslov waits for it also - to be able to work on IKEv2 and ESP with GOSTs. 
> That’s why the current request (and the draft it refers to) is only about TLS 1.2 so far. 
> 3) Unfortunately, there is a misleading statement in the current version of the draft (thank you for pointing to it, Yoav!): actually, {0x00, 0x81} is used for the older cipher suite from https://tools.ietf.org/html/draft-chudov-cryptopro-cptls-04#section-5 <https://tools.ietf.org/html/draft-chudov-cryptopro-cptls-04#section-5>. The existing implementations of TLS_GOSTR341112_256_WITH_28147_CNT_IMIT use the number {0xFF, 0x85}
>  
> Best regards,
> Stanislav Smyshlyaev 
> 
> 9 янв. 2019 г., в 21:39, Yoav Nir <ynir.ietf@gmail.com <mailto:ynir.ietf@gmail.com>> написал(а):
> 
> Hi, Evgeny. 
>  
> We’ll give the answer in a few days. First, I’d like to ask a few clarifying questions:
> If I understand correctly, the Kuznyechik ciphers in this document is the new GOST algorithms, right?
> I have noticed that this is only for TLS 1.2.  Why not TLS 1.3?
> Section 10 mentions that there are existing implementations that use the value {0x00,0x81} for TLS_GOSTR341112_256_WITH_28147_CNT_IMIT.  I see in the IANA registry <https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-4> that this value is free.  Do you want to re-use it? 
>  
> Thanks
>  
> Yoav
> 
> 
> On 9 Jan 2019, at 15:16, Евгений Алексеев <geni-cmc=40mail.ru@dmarc.ietf.org <mailto:geni-cmc=40mail.ru@dmarc.ietf.org>> wrote:
>  
> Hello!
> 
> We would like to ask IANA to assign numbers in accordance with the IANA Considerations section of the "GOST Cipher Suites for Transport Layer Security (TLS) Protocol Version 1.2" document (https://tools.ietf.org/html/draft-smyshlyaev-tls12-gost-suites-04#section-9 <https://tools.ietf.org/html/draft-smyshlyaev-tls12-gost-suites-04#section-9>).
> 
> -- 
> Best regards,
> Evgeny Alekseev
> _______________________________________________
> tls-reg-review mailing list
> tls-reg-review@ietf.org <mailto:tls-reg-review@ietf.org>
> https://www.ietf.org/mailman/listinfo/tls-reg-review <https://www.ietf.org/mailman/listinfo/tls-reg-review>

v2.8.7 | Report a Bug | By Email