Re: [TLS] Consensus Call on MTI Algorithms
Nico Williams <nico@cryptonector.com> Thu, 02 April 2015 19:44 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B698F1A019B for <tls@ietfa.amsl.com>; Thu, 2 Apr 2015 12:44:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.666
X-Spam-Level:
X-Spam-Status: No, score=-1.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BnPs2XRsJkq6 for <tls@ietfa.amsl.com>; Thu, 2 Apr 2015 12:44:19 -0700 (PDT)
Received: from homiemail-a98.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id CA80E1A0193 for <tls@ietf.org>; Thu, 2 Apr 2015 12:44:19 -0700 (PDT)
Received: from homiemail-a98.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a98.g.dreamhost.com (Postfix) with ESMTP id 83090554062; Thu, 2 Apr 2015 12:44:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s= cryptonector.com; bh=c1NkEJbx34fnfRkoDmkQpwM3ZxM=; b=qBf2Jx7Z7jZ rOXi61LcPGEh4mn/Rzu1mS3sTk62EptFQtGgXiGO3SLAaYpKJ14B2DLBiR42aedj IQ9uxxEe7LdiSM+EV7t7iI5LgA/i+B8z4ZjkVZ3UeUJjSOzzeTk832DrAytPYEjo 2si4IJu1w3XyoKMg8kKvTjnq3t8lhp+c=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a98.g.dreamhost.com (Postfix) with ESMTPA id E8706554060; Thu, 2 Apr 2015 12:44:18 -0700 (PDT)
Date: Thu, 02 Apr 2015 14:44:18 -0500
From: Nico Williams <nico@cryptonector.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Message-ID: <20150402194417.GJ10960@localhost>
References: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com> <4EAF777A-0F04-400D-BFCA-AA1F13526770@gmail.com> <551C9170.8050708@gmail.com> <CABkgnnXAUnM6hy0mom5398RP9wJJwxxBxyuqUvdMG-PFAM+F7g@mail.gmail.com> <551D2D06.6000603@gmail.com> <551D3A87.5060801@cs.tcd.ie> <551D3B94.7070100@gmail.com> <20150402183622.GE10960@localhost> <FDDE70B3-6AB0-4702-A713-70B118CA22C1@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <FDDE70B3-6AB0-4702-A713-70B118CA22C1@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/73WaBZWIVM5rSC4dkaLlFOJ6Ako>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call on MTI Algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2015 19:44:20 -0000
On Thu, Apr 02, 2015 at 10:19:17PM +0300, Yoav Nir wrote: > > > On Apr 2, 2015, at 9:36 PM, Nico Williams <nico@cryptonector.com> wrote: > > > > On Thu, Apr 02, 2015 at 05:52:36AM -0700, Yaron Sheffer wrote: > >> On 04/02/2015 05:48 AM, Stephen Farrell wrote: > >>> But isn't it likely we revise the TLS BCP once TLS1.3 is done and > >>> implementations start to become common? We can make sure things > >>> all add up at that point in time, and are in-whack with what people > >>> are deploying, but we don't necessarily need to do so now I think. > >> > >> It entirely likely. But even then, I am not sure we'll be able to > >> convince people who went to AES-256 (presumably, for "compliance" > >> reasons) to move to ChaCha. And certainly not to AES-128... > > > > Must-implement != must-deploy. > > Hi, Nico. > > That’s a nice catch-phrase, but what does it mean? Suppose I am I should have completed the thought :/ And I probably misunderstood your point about compliance. What I'd meant to say is that if external-to-the-IETF "compliance" rules have anything to say on the matter, no problem: - external rules can demand additional algorithms - external rules can demand that some algorithms be disabled that we require to implement External rules could refer to: IoT realities, protocol-specific profiles of TLS, laws and regulations of various countries, corporate policies, ... My catch-phrase was about the latter. > implementing a TLS library specifically for the IoT space. Being a > standards-compliant implementation, my library and all its users will > of course conform to the profile in draft-ietf-dice-profile. That > means TLS_PSK_WITH_AES_128_CCM_8. Given this, why must I implement > AES-GCM? Why should I implement ChaCha? I and any other IoT > implementer will argue that the devices don’t have the memory for code > that will never run. This is a bit of a semantics game. Is an implementation of TLS that doesn't implement any of the required algorithms still TLS? Can we have profiles that specify different sets of required/recommended algorithms? The answers don't really matter. Suppose that you are implementing such a library, you don't implement the required algorithms, and that you call the result something like YoavTLS, or FooLangTLS ("TLS for the Foo programming language"). Will the IETF police drag you to the IETF jail for doing that? No. These requirements are really for general purpose TLS implementations. IoT is a bit of a special case for many reasons, not just their limited hardware capabilities. Nico --
- [TLS] Consensus Call on MTI Algorithms Joseph Salowey
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Dan Harkins
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Kurt Roeckx
- Re: [TLS] Consensus Call on MTI Algorithms Brian Smith
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Checkoway
- Re: [TLS] Consensus Call on MTI Algorithms Sean Turner
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Martin Thomson
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Rob Stradling
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Farrell
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Hubert Kario
- Re: [TLS] Consensus Call on MTI Algorithms Hanno Böck
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Rick Andrews
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Christian Huitema
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms James Cloos
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Daniel Kahn Gillmor