Re: [TLS] Is Ed25519/Ed448 ok for use in DTLS1.2?

Matt Caswell <matt@openssl.org> Fri, 22 November 2019 16:01 UTC

Return-Path: <matt@openssl.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D5FC1208C8 for <tls@ietfa.amsl.com>; Fri, 22 Nov 2019 08:01:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vu5r71bF00Ip for <tls@ietfa.amsl.com>; Fri, 22 Nov 2019 08:01:45 -0800 (PST)
Received: from mta.openssl.org (xmpp.openssl.org [IPv6:2001:608:c00:180::1:e6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D938120018 for <tls@ietf.org>; Fri, 22 Nov 2019 08:01:44 -0800 (PST)
Received: from [10.3.10.6] (ip-50-84-52-196.southampton.uk.amsterdamresidential.com [196.52.84.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta.openssl.org (Postfix) with ESMTPSA id 4E684E4ECC for <tls@ietf.org>; Fri, 22 Nov 2019 16:01:41 +0000 (UTC)
To: tls@ietf.org
References: <fbd7b2cc-5cfc-3b30-270f-2ae312daa0d6@openssl.org> <F810173C-C693-4A4E-8450-2FE4A9490CAE@akamai.com> <4431e115-64ff-b660-87bb-b8bf3aa4ea15@openssl.org> <2D5349E3-D9FE-44B6-8A40-1F1AE1863A46@akamai.com> <a5821e1d-623d-5903-3820-8a6a76eee318@openssl.org> <20191120045843.GU20609@akamai.com> <7c4070ef-5ce9-9700-2e88-724d452096de@openssl.org>
From: Matt Caswell <matt@openssl.org>
Message-ID: <10fbb478-df04-de9e-074d-ef89a42c0259@openssl.org>
Date: Fri, 22 Nov 2019 16:01:40 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.2
MIME-Version: 1.0
In-Reply-To: <7c4070ef-5ce9-9700-2e88-724d452096de@openssl.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7Mjmu7mANU5l5mcJQKd3BAY0_3A>
Subject: Re: [TLS] Is Ed25519/Ed448 ok for use in DTLS1.2?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2019 16:01:47 -0000


On 21/11/2019 08:59, Matt Caswell wrote:
> If you take the line that "anything specified for TLSv1.2 is implicitly
> ok for DTLSv1.2 unless stated otherwise", then I at least think an RFC
> should have a minimal nod towards DTLS. At least to give the message
> that "yes, we have considered this in a DTLS setting and its fine". As
> you state above there are exceptions, so we do need to consider this on
> a case-by-case basis. In the case of RFC8422, as a minimum I would have
> expected that to be in the form of a sentence saying that those entries
> should have DTLS-OK against them in section 9 - especially as the
> following paragraph *does* say this for the "Intrinsic" HashAlgorithm
> registry entry (rather implying by omission that this doesn't hold for
> ed25519/ed448).

Is the correct way ahead with this to raise it as an erratum on the RFC?
I am still not entirely convinced that its not just an error in the
registry. But IMO *somewhere* between those two there is an error.

Matt