Re: [TLS] WG adoption + early code point assignment: draft-mavrogiannopoulos-chacha-tls

Adam Langley <agl@imperialviolet.org> Wed, 20 May 2015 16:09 UTC

Return-Path: <alangley@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E6561A8958 for <tls@ietfa.amsl.com>; Wed, 20 May 2015 09:09:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z6hrkSvNMHPk for <tls@ietfa.amsl.com>; Wed, 20 May 2015 09:09:13 -0700 (PDT)
Received: from mail-la0-x22c.google.com (mail-la0-x22c.google.com [IPv6:2a00:1450:4010:c03::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F61D1A88E6 for <tls@ietf.org>; Wed, 20 May 2015 09:09:12 -0700 (PDT)
Received: by lagr1 with SMTP id r1so80898501lag.0 for <tls@ietf.org>; Wed, 20 May 2015 09:09:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=44hM/UkubB1bnhNgfeAANstJ0nsqmNaV4lU0KGjztqo=; b=Au9bNjQZpZFyKxHBRzo/lqIGNLBgKhxVCQHM2GJE8lXFrMg31jCC0NhMBSSChFtSh2 QslADO48VpjVQylI97GDfGTgCOhaPQk1wpVICmiK52eD3XZYzcCM3jTa2xBhsZmQMO0Y Y8dabvydiiEOTGbjadwVXMmWDuDQQEME29vl60fNA3e4XAvfIECz95g604fZL8r4EEc1 EF8Qaa+MwZ11gkEL+lptIyRgMcFDf1UOonZbbwJIOm9s8ujLpqm9TMXv/oPGs6odWvzS 2wPrdY8ie7vAi0YLnWZ4V9yF6H36Bo/Ji3lPj/VCnedDNlurSnZKo7cTv+LVhbtSMgFU GV/g==
MIME-Version: 1.0
X-Received: by 10.112.16.167 with SMTP id h7mr27014060lbd.124.1432138151140; Wed, 20 May 2015 09:09:11 -0700 (PDT)
Sender: alangley@gmail.com
Received: by 10.112.89.69 with HTTP; Wed, 20 May 2015 09:09:11 -0700 (PDT)
In-Reply-To: <CABcZeBNm4fYRQE+6-L9CF-x9hhwFQ4oZDDMTv4T9QURSzR7Jyw@mail.gmail.com>
References: <FD8B7C3F-C3DD-4367-B84D-26B9907F1B9D@ieca.com> <CABcZeBOqnyXS5kp=ZiN2PpKYt_dOg1+L4_S__h-+YP=n6sHk3A@mail.gmail.com> <1269593170.1072986.1432104184832.JavaMail.zimbra@redhat.com> <CABcZeBNQQKgBzzoia0TWzbG8PycoOLT+ejOM7dwNNfgNoCqRtA@mail.gmail.com> <86AF5010-12A3-410A-AE23-9A0643D536EE@gmail.com> <CAMfhd9XvrhX3MgjMOQ+P=c8oydWT6F6AwUfFerbSWLgra2tbdw@mail.gmail.com> <CABcZeBMB9ieZ2n4maCkJXAWKEto81XDEfFDnjY=X1G3fKNwjcw@mail.gmail.com> <CAMfhd9X6eKLw7Y9kQmrp9XQiMin2pS=npWdxcXsdK78zGgxvxQ@mail.gmail.com> <CABcZeBNm4fYRQE+6-L9CF-x9hhwFQ4oZDDMTv4T9QURSzR7Jyw@mail.gmail.com>
Date: Wed, 20 May 2015 09:09:11 -0700
X-Google-Sender-Auth: o6Y8xreEsp4UwAfxrYE7I1bv7Zo
Message-ID: <CAMfhd9W7Lbgf=PR_2s5_AVMa91THz3+SUtUhj2O2YZi_hKWyZA@mail.gmail.com>
From: Adam Langley <agl@imperialviolet.org>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/-t8Sn6dwTbYjOmYzhEuuoRcXuSg>
Cc: IETF TLS Working Group <tls@ietf.org>
Subject: Re: [TLS] WG adoption + early code point assignment: draft-mavrogiannopoulos-chacha-tls
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 16:09:14 -0000

On Wed, May 20, 2015 at 8:35 AM, Eric Rescorla <ekr@rtfm.com>; wrote:
> It will mean that we need a different set of code points than the current
> ones, right?

Not quite sure that I follow you here:

We will need a different set of code points than the ones currently
squatted for ChaCha (0xcc13 etc), but the draft already specifies
that. (And the AEAD construction is slightly different.)

However, if we specified the current TLS 1.3 nonce scheme for ChaCha
in TLS 1.2, but TLS 1.3 changed before it was final, I don't think the
code points would need to change again. It would just be the case that
the code points, when used in TLS 1.3, use whatever TLS 1.3 ends up
doing and, in previous versions, they use what TLS 1.3 does now.


Cheers

AGL

-- 
Adam Langley agl@imperialviolet.org https://www.imperialviolet.org