Re: [TLS] Do we need DH?
Alyssa Rowan <akr@akr.io> Fri, 02 January 2015 13:29 UTC
Return-Path: <akr@akr.io>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E16A1A874B for <tls@ietfa.amsl.com>; Fri, 2 Jan 2015 05:29:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zVms3CMSPDHL for <tls@ietfa.amsl.com>; Fri, 2 Jan 2015 05:29:51 -0800 (PST)
Received: from entima.net (entima.net [78.129.143.175]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54E9A1A1B43 for <tls@ietf.org>; Fri, 2 Jan 2015 05:29:51 -0800 (PST)
In-Reply-To: <DF638EB0-A163-4DBD-B095-43EEDA4D9DB1@gmail.com>
References: <CACsn0cmD=YA4i889f--e_b-OahUVoYdKyQUaiUN--QKOmqn8uA@mail.gmail.com> <54A252EA.1010905@iki.fi> <2348107.Lj21YcAO1u@pintsize.usersys.redhat.com> <DF638EB0-A163-4DBD-B095-43EEDA4D9DB1@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="UTF-8"
From: Alyssa Rowan <akr@akr.io>
Date: Fri, 02 Jan 2015 13:29:39 +0000
To: Yoav Nir <ynir.ietf@gmail.com>, Hubert Kario <hkario@redhat.com>
Message-ID: <676C7631-E080-4370-ADA2-BB8BBBBB023C@akr.io>
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/0c1m18BzDXw2F5pAdwFOvxIaGCQ
Cc: tls@ietf.org
Subject: Re: [TLS] Do we need DH?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jan 2015 13:29:53 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2 January 2015 13:08:07 GMT+00:00, Yoav Nir <ynir.ietf@gmail.com> wrote: >>> With regards to all eggs being in the same basket, AES is also something that really should have a realistic alternative standardized and deployed _before_ (/if) AES is broken. Like SHA-3 is coming around the corner while SHA-2 is still well alive and kicking. >> We do have Camellia ciphers defined, PFS AEAD included (RFC 6367). >That, and the ChaCha20+Poly1305 AEAD will be defined when http://tools.ietf.org/html/draft-mavrogiannopoulos-chacha-tls-04 is adopted. ...which is already deployed in BoringSSL, LibreSSL, Chromium, Google and a few other places, from the previous (agl) draft. (The AEAD itself is basically ready, going through IESG review process after clearing CFRG LC, I recall?) I actually don't think we have anything on the table for SHA-3 (or any post-SHA-2 hashes in general) - do we? Might be worth thinking of in due course, but I don't currently anticipate any urgency, as SHA-2 is still holding up quite well. - -- /akr -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1 iQI3BAEBCgAhBQJUpp1DGhxBbHlzc2EgUm93YW4gPGFrckBha3IuaW8+AAoJEOyE jtkWi2t6HzoQAIBh4/ZweXRFAqBK5WMRkgsP+f/EBpX2XcUId6RQmtOCI4769iV4 vrOQsKlnHd65XRVd9/GKQ6H349iDCvYOwze46CNRwTdCLzr7z4a+2OLmYbMkGu7l Rc+FrPHzH/4JXxr4245gkBOz2s6KcL80y2C+W8bCoI2nAHqK0JFvn1wofQpfaqqo 6h/lNjGuEEHYZAHiXzK8jv8dH94hV1HchFD4OQM9yrrvRCeiigpt3p0PwrGQA6Hs Y7XbpVNp4xUApK0VyrSL6rdezN0IcNQJqA9ADP6tW5teUrubq3KyLsk6V3KRcTtP s90qI+mxaF46tqmX1lILIcL1xr3t+YxiYq3Hhmc7O0AJNevjm7duw4Dfcq1r0PKv 9/U60ZiMn2fq4LtDvpwHvq6IPJGIyqblMRu3NgY3ohjPt+ayqMILNSh+DBQavzRV zOqhblrWEXIwFW3gVs8ePNvO4u/4cs4Wc7/Jfl3DFBGvP5OfYOsglF3xhQDec4Fx SitAND6eEXMlmqIlc9luLZW1a6KoW/QTUKG+WpYR0rfNlh8Wohk2ICqQTVLQrueu YIqe/+2AFqkNMNESXi7gwz3U/v+VFFQAnRyun3agNJg71BvP2JYk4OfpwZbHgVjD xXKd9y+nMu+C8w6xwZlxb3FDe2GRT0zLlL5UiCI3vucgML/q7DUA7JdH =evi3 -----END PGP SIGNATURE-----
- Re: [TLS] Do we need DH? Fedor Brunner
- Re: [TLS] Do we need DH? Tapio Sokura
- [TLS] Do we need DH? Watson Ladd
- Re: [TLS] Do we need DH? Alyssa Rowan
- Re: [TLS] Do we need DH? Yoav Nir
- Re: [TLS] Do we need DH? Peter Gutmann
- Re: [TLS] Do we need DH? Brian Smith
- Re: [TLS] Do we need DH? Maarten Bodewes
- Re: [TLS] Do we need DH? Hubert Kario
- Re: [TLS] Do we need DH? Yoav Nir
- Re: [TLS] Do we need DH? Alyssa Rowan
- Re: [TLS] Do we need DH? Nico Williams
- Re: [TLS] Do we need DH? Yoav Nir
- Re: [TLS] Do we need DH? Florian Weimer
- [TLS] Spec tls13 comments, handshake tampering, m… Michael Clark
- Re: [TLS] Spec tls13 comments, handshake tamperin… Michael Clark
- Re: [TLS] Spec tls13 comments, handshake tamperin… Nikos Mavrogiannopoulos