Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
"Kampanakis, Panos" <kpanos@amazon.com> Wed, 29 March 2023 04:44 UTC
Return-Path: <prvs=445ab9cfd=kpanos@amazon.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65F2BC15C2A7 for <tls@ietfa.amsl.com>; Tue, 28 Mar 2023 21:44:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.9
X-Spam-Level:
X-Spam-Status: No, score=-11.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xZP5pQda9DdF for <tls@ietfa.amsl.com>; Tue, 28 Mar 2023 21:44:11 -0700 (PDT)
Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 655DBC151710 for <TLS@ietf.org>; Tue, 28 Mar 2023 21:44:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1680065051; x=1711601051; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=yp/JxN76B1gg4x8f6ZHSteOj0F3sIRM24c8Zgo8oN9w=; b=l3AleERokwWa7GbB2/UPis4ximu73f2sHnC9UAtqu9d6yJchWonVA7n0 QtRK5CCUjTyk8MIqun4bCqu61HhIlP/2KA8QSioPlphzGCiXhgZwxkkir uTzNtc1X9Yx+NDvj+yTPTwFDtqYdallXg5cLX6+T/L51jruhDQeY939TR g=;
X-IronPort-AV: E=Sophos;i="5.98,299,1673913600"; d="scan'208,217";a="314423566"
Thread-Topic: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-iad-1a-m6i4x-93c3b254.us-east-1.amazon.com) ([10.43.8.2]) by smtp-border-fw-6001.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Mar 2023 04:44:08 +0000
Received: from EX19MTAUWC001.ant.amazon.com (iad12-ws-svc-p26-lb9-vlan2.iad.amazon.com [10.40.163.34]) by email-inbound-relay-iad-1a-m6i4x-93c3b254.us-east-1.amazon.com (Postfix) with ESMTPS id CE95EEB5F3; Wed, 29 Mar 2023 04:44:07 +0000 (UTC)
Received: from EX19D001ANA004.ant.amazon.com (10.37.240.187) by EX19MTAUWC001.ant.amazon.com (10.250.64.174) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.25; Wed, 29 Mar 2023 04:43:48 +0000
Received: from EX19D001ANA001.ant.amazon.com (10.37.240.156) by EX19D001ANA004.ant.amazon.com (10.37.240.187) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.26; Wed, 29 Mar 2023 04:43:47 +0000
Received: from EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055]) by EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055%5]) with mapi id 15.02.1118.026; Wed, 29 Mar 2023 04:43:47 +0000
From: "Kampanakis, Panos" <kpanos@amazon.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, Christopher Wood <caw@heapingbits.net>
CC: "TLS@ietf.org" <TLS@ietf.org>
Thread-Index: AQHZYeJoo/2XNtQVpUCzchjR+HjzC68RC7+AgAAf3KA=
Date: Wed, 29 Mar 2023 04:43:47 +0000
Message-ID: <6cf86afa53f348c69d5a22ed50ae6d4b@amazon.com>
References: <FBE87FDA-A407-4DC8-A2E8-F39AB475C87B@heapingbits.net> <8EFF0CA2-EFD5-4D37-A8C2-91097D286F24@amongbytes.com> <1376F6AE-2F18-4E35-A164-51E0D2AB08E5@ll.mit.edu>
In-Reply-To: <1376F6AE-2F18-4E35-A164-51E0D2AB08E5@ll.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.95.233.75]
Content-Type: multipart/alternative; boundary="_000_6cf86afa53f348c69d5a22ed50ae6d4bamazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/9C3DhQiXU45twY0p5D6QPG_8NRo>
Subject: Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 04:44:12 -0000
> I would also like secp384r1_kyber1024 option, please. Why do you up the ECDH curve sec level with Kyber1024? It adds unnecessary size to the keyshare. like secp384r1_kyber768 combines two equivalent security levels. Those that want to be extra conservative can go secp521r1_kyber1024 which won’t be much worse than secp384r1_kyber1024 in performance or size. From: TLS <tls-bounces@ietf.org> On Behalf Of Blumenthal, Uri - 0553 - MITLL Sent: Tuesday, March 28, 2023 10:40 PM To: Krzysztof Kwiatkowski <kris@amongbytes.com>; Christopher Wood <caw@heapingbits.net> Cc: TLS@ietf.org Subject: RE: [EXTERNAL][TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. Can we add secp256r1_kyber768 option for those who prefer NIST curves? I support this. I would also like secp384r1_kyber1024 option, please. Thanks
- [TLS] Consensus call on codepoint strategy for dr… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Patton
- Re: [TLS] Consensus call on codepoint strategy fo… Richard Barnes
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Loganaden Velvindron
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Hubert Kario
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Scott Fluhrer (sfluhrer)
- Re: [TLS] Consensus call on codepoint strategy fo… Watson Ladd
- Re: [TLS] Consensus call on codepoint strategy fo… John Mattsson
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Kampanakis, Panos
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Ilari Liusvaara
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski