Re: [TLS] tales from the TLS interim: TLS 1.3 MTI algorithms

Eric Rescorla <ekr@rtfm.com> Wed, 18 March 2015 21:06 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FFC71A9125 for <tls@ietfa.amsl.com>; Wed, 18 Mar 2015 14:06:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pM0PYfRmo9Ve for <tls@ietfa.amsl.com>; Wed, 18 Mar 2015 14:06:07 -0700 (PDT)
Received: from mail-we0-f178.google.com (mail-we0-f178.google.com [74.125.82.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DD5C1A90CD for <tls@ietf.org>; Wed, 18 Mar 2015 14:06:06 -0700 (PDT)
Received: by webcq43 with SMTP id cq43so42144259web.2 for <tls@ietf.org>; Wed, 18 Mar 2015 14:06:05 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=qX4iDmyUHk6lLREyTpmlkBY2F7aVgvfXD9ww2fUmgqE=; b=YVRyebE5PgnJeu4dM1ZHqxfVCv2iIfWPOKDzpbdCpr9eSiu0cud/j+9c6RwS+ZRs/B CRaMbfoEEaSV0It25osScSJ0xtBUgnM77qtj+rO5EU2sv7YZodX42JVNzsuUOGAoCsKC pIu6RXyPXutLxtBIGdrGrUHU5jKpeowj8rpzvnVXIFJbZ5LcEPeHGb2qlLX+5aENUG5x G0z0UrRpiOWbOz5RlRHrVceiLaqyIxJe7rKW1vmFCLPF8HPKxhwegcTSYD9kHkFDOdWJ Z3Be11Y1fE17gC8h0Y40ayxa9wx7DaHX9BMZ4A6WN8vAlQ4vCxoDHCe+Ke6t1jOn4sHn aXQw==
X-Gm-Message-State: ALoCoQlhG3sN4aQlZ2IzueJtjgEYfbrzGSHEhvwVSPKeouIDUjoNbq3HFDu9H7R1v4isgQYmbAaB
X-Received: by 10.180.98.67 with SMTP id eg3mr10476236wib.11.1426712765306; Wed, 18 Mar 2015 14:06:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.27.205.198 with HTTP; Wed, 18 Mar 2015 14:05:25 -0700 (PDT)
In-Reply-To: <55094150.2010800@comodo.com>
References: <7B0B2402-6D04-48B3-BB25-1B6FC6FBC61D@ieca.com> <90A9B6DC-A775-4E4C-BA58-E40260F9BF55@gmail.com> <55094150.2010800@comodo.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 18 Mar 2015 14:05:25 -0700
Message-ID: <CABcZeBMa_oCAGNaPaARvGgxVi5PO1JYk_RN+SviVuu674NGRFg@mail.gmail.com>
To: Rob Stradling <rob.stradling@comodo.com>
Content-Type: multipart/alternative; boundary=f46d0444025492aeb005119673eb
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/7AqwP0ogAGpSZb5miowi0IEg3MI>
Cc: "TLS@ietf.org \(tls@ietf.org\)" <tls@ietf.org>
Subject: Re: [TLS] tales from the TLS interim: TLS 1.3 MTI algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Mar 2015 21:06:09 -0000

On Wed, Mar 18, 2015 at 2:11 AM, Rob Stradling <rob.stradling@comodo.com>
wrote:

> On 18/03/15 07:38, Yoav Nir wrote:
>
>> On Mar 18, 2015, at 12:11 AM, Sean Turner <TurnerS@ieca.com> wrote:
>>>
>> <snip>
>
>> Please note that CFRG is already done with ChaCha20-Poly1305. The
>> document is approved and in the RFC Editor’s queue.
>>
>> The ball is not in this working group’s court. It’s time to decide about
>> draft-mavrogiannopoulos-chacha-tls.
>
>
I await the chair's action on this.

In the meantime, I see that we have developed a conflict between this draft
and

https://github.com/tlswg/tls13-spec/pull/155

Because this PR prescribes a specific mechanism for generating the nonce
(left-padding the record sequence number) which conflicts with the one for
this draft. Assuming that people feel that the approach we arrived at in
the interim is appropriate, we will probably want to adjust this draft prior
to acceptance.

-Ekr

Yoav,
>
> s/not/now/
>
> ?
>
>  Yoav
>>
>> http://tools.ietf.org/html/draft-mavrogiannopoulos-chacha-tls-04
>>
>
> --
> Rob Stradling
> Senior Research & Development Scientist
> COMODO - Creating Trust Online
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>