Re: [TLS] PR#345: IANA Considerations
Eric Rescorla <ekr@rtfm.com> Tue, 17 November 2015 17:52 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACF341B2CEE for <tls@ietfa.amsl.com>; Tue, 17 Nov 2015 09:52:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SR4r-5v-tY3f for <tls@ietfa.amsl.com>; Tue, 17 Nov 2015 09:52:13 -0800 (PST)
Received: from mail-yk0-x22f.google.com (mail-yk0-x22f.google.com [IPv6:2607:f8b0:4002:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CDE91B2D10 for <tls@ietf.org>; Tue, 17 Nov 2015 09:52:13 -0800 (PST)
Received: by ykdr82 with SMTP id r82so19078670ykd.3 for <tls@ietf.org>; Tue, 17 Nov 2015 09:52:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm_com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=DH73GwwyqrmLBHecRrGagMUmt5qwNt+xEFbDm+OEQ1I=; b=w6vSL5Fjg+utsJziEcIvSiOwU38nIZNy1vtxb8F9P8/5r4PpDrhDVsKzhwgQfB0Yfx gBYseRlbhRLUkWKPWuMTfXe+kBBVumMEU0nCiXNIZSpgb6EIDTZtSdVYScAAwDjHphfg yyqG3Bmx+71ZS1ZRd9RVibSVaMmpZj+42oC3rpZ8VnxXnPS0YOhpD+FSU13p3F6Ihocu XXCVY85AO8S08AB54RUnBbyrAC7jH2h3bmBvCA2h+zZ3A+crB5VUawRIojihX0v4FmaO VRC1ecg3IjNoOv06A0CHsXHMFNRNyrpovulEDUdnpfMd91+VDYaOyi9oM2o0sHo+4WWw OJBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=DH73GwwyqrmLBHecRrGagMUmt5qwNt+xEFbDm+OEQ1I=; b=BXbk2MkbxSGvltp2pc7pkZEdXzZhi3yvI/88MPFpidHrqrPtb1uwAzfMMUtZpBnxs+ LIgEA8SymyhVAQa+CBh+c4rUB5mNfEByRae2kgmMRouohI+e32oXLLI3+wAefZhCUYg/ EO+nPAJ7QB8ij9EbcNH9WNv1U7Oes96XhIZ1ccfKNO79LAp8P/KF336I4v6+0dVbv+Mm H5an2Dz2KIBXqhKRlEjfYpl6g0BhEjEcHyBDL/81XHYyrQ9YWJjFod2KwRQloBdMt5jq 37Rr9UdaBoj33qsbqeCMwHNphNn8LjN5SnksYXA4qSD+i+v5bD3hlZ0aynlapveyHGRA JHSA==
X-Gm-Message-State: ALoCoQkS+w3cD3wO5CNKY53bdeFXZw3IKGcEi/hkn9nRajVArF23W0mLxrcYHPXEWf9WxtaUS1Fc
X-Received: by 10.13.249.4 with SMTP id j4mr41048644ywf.129.1447782732263; Tue, 17 Nov 2015 09:52:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.13.221.203 with HTTP; Tue, 17 Nov 2015 09:51:32 -0800 (PST)
In-Reply-To: <7276DA5B-0563-4D70-A611-96A2E80CAECB@tableau.com>
References: <CABcZeBNMkJSQAm0gFZdecG8Nf+df+heP2V_u9pXGJmb7jV4BcQ@mail.gmail.com> <CABcZeBOD71keb_yE4EumgkOxXfOCnsniLrhDa3tHzsioE2E2bw@mail.gmail.com> <EAA07156-6F05-488B-A3E5-175100989449@sn3rd.com> <CABcZeBMn4BcpYLgoqFb=PuW92jnfhEK8cw7nStZEyh9RDdN6XQ@mail.gmail.com> <A61BBA75-2594-4DF7-8EF6-887B2F001DA1@sn3rd.com> <7276DA5B-0563-4D70-A611-96A2E80CAECB@tableau.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 17 Nov 2015 09:51:32 -0800
Message-ID: <CABcZeBMN3mL3KYjMEjBqeZ+33it5Oi4BvO8zdz-2aXcs479bTQ@mail.gmail.com>
To: Joe Salowey <jsalowey@tableau.com>
Content-Type: multipart/alternative; boundary="94eb2c0826e87822ea0524c02f2b"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/0fNuCoEdmR8Th7myHMtgS540L64>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] PR#345: IANA Considerations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2015 17:52:14 -0000
There are presently four categories of cipher suites vis-a-vis TLS 1.3.
1. MUST or SHOULD cipher suites.
2. Standards track cipher suites (or ones we are making ST, like
the ECC ones).
3. Non standards track cipher suites
4. Cipher suites you can't use at all with TLS 1.3, like AES-CBC.
I think we're all agreed that category #1 should be marked recommended
and that #3 and #4 should not be. This leaves us with category #2, which
includes stuff like:
- FFDHE
- CCM
My proposal is that we:
- List all the Standards Track cipher suites that are compatible with TLS
1.3 in Appendix A.
- Mark all the cipher suites that are listed in Appendix A as "Recommended"
-Ekr
On Tue, Nov 17, 2015 at 8:46 AM, Joe Salowey <jsalowey@tableau.com> wrote:
> I think the TLS 1.3 IANA considerations should just deal with setting up
> the recommended column and marking it for the cipher suites/extensions that
> are described in the 1.3 document. Other cipher suites/extensions can be
> marked as recommended through other documents.
>
>
>
>
> On 11/17/15, 6:54 AM, "TLS on behalf of Sean Turner" <tls-bounces@ietf.org
> on behalf of sean@sn3rd.com> wrote:
>
> >On Nov 17, 2015, at 16:40, Eric Rescorla <ekr@rtfm.com> wrote:
> >>
> >> > 1. The Cipher Suites "Recommended" column was populated based on
> >> > the Standards Track RFCs listed in the document (and I removed the
> >> > others).
> >>
> >> Isn’t it just the MTI suites listed in s8.1?
> >>
> >> Maybe I need to go check the minutes, but I thought it was the
> >> Standards Track ones, not the MTI ones that we agreed on.
> >> The difference here is largely the FFDHE cipher suites and CCM.
> >
> >From Jim’s notes in the etherpad:
> >
> >AOB
> >SPT: Requests for additional ciphers from others. Listing in A.4
> > Suggest thinning it down to the SHOULD/MUST list only.
> >EKR: Need to encourage support for PSK variants
> >EKR: Looking at the difference between the "good" list and the "safe"
> list and the "no opinion" list
> >EKR: Sample case would be 448 - not a MUST/SHOULD but still think it is
> good.
> >
> >spt
> >_______________________________________________
> >TLS mailing list
> >TLS@ietf.org
> >https://www.ietf.org/mailman/listinfo/tls
>
- [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Joe Salowey
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Benjamin Kaduk
- Re: [TLS] PR#345: IANA Considerations Russ Housley
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Viktor Dukhovni
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Ilari Liusvaara
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Viktor Dukhovni
- Re: [TLS] PR#345: IANA Considerations Salz, Rich
- Re: [TLS] PR#345: IANA Considerations Dave Garrett
- Re: [TLS] PR#345: IANA Considerations Hubert Kario
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Martin Rex
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Joseph Salowey
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Joseph Salowey