Re: [TLS] TLS 1.3 (Re: TLS at IETF 88)
Dmitry Belyavsky <beldmit@gmail.com> Wed, 30 October 2013 22:32 UTC
Return-Path: <beldmit@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64B6121E8090 for <tls@ietfa.amsl.com>; Wed, 30 Oct 2013 15:32:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.933
X-Spam-Level:
X-Spam-Status: No, score=-0.933 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001, SARE_HTML_USL_OBFU=1.666]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mbu6iVkVsxoI for <tls@ietfa.amsl.com>; Wed, 30 Oct 2013 15:32:19 -0700 (PDT)
Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) by ietfa.amsl.com (Postfix) with ESMTP id 23FE421E8092 for <tls@ietf.org>; Wed, 30 Oct 2013 15:32:17 -0700 (PDT)
Received: by mail-la0-f48.google.com with SMTP id er20so1148886lab.35 for <tls@ietf.org>; Wed, 30 Oct 2013 15:32:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dRbdj/OglKKCFVGAGm7E4rcpOqgJPY1oRn3f8g1tVs4=; b=SHBxPRAyyt/8Kvg+1c0ZVfEwylmm6g+8NgR8z+0E9cYRWs7qhWupxY1ESVsoEp9kWO QKOprBBWFK/7XPObEvtGgK1aEO7Q1FJkWvaHlbFmrPBAXoPa/ewKKLqbSMAOCuXAS5kG ws7mmbV4E65stnLWYrkMDvSC4Op8y7xCW3ezBHIy4T8K7mhBCtfqvss202SAdqZ49I3B Tw2c3pUSeLF+89MipRaw38ML4tEzs8IHPceZGos8D68QmoFZOIzra6StHHP2jl/Lvbng ybLcWOPaNbKVcxBGQ0svWKfZfRKor6uTbxmSk/G6xJHPr2/Rnez2muOujflGYQkD1yEy HVKw==
MIME-Version: 1.0
X-Received: by 10.112.130.138 with SMTP id oe10mr445414lbb.1.1383172337124; Wed, 30 Oct 2013 15:32:17 -0700 (PDT)
Received: by 10.114.5.4 with HTTP; Wed, 30 Oct 2013 15:32:17 -0700 (PDT)
In-Reply-To: <52712A6C.4050306@pobox.com>
References: <A95B4818FD85874D8F16607F1AC7C628F81FFA@xmb-rcd-x09.cisco.com> <1FC1B479-ECB7-46AD-83BE-BE0066AF70F5@vpnc.org> <52712A6C.4050306@pobox.com>
Date: Thu, 31 Oct 2013 02:32:17 +0400
Message-ID: <CADqLbzLLAUr4YR86+BCD-1ti66afh8d3P8zF+iJNqrQPiwHF_A@mail.gmail.com>
From: Dmitry Belyavsky <beldmit@gmail.com>
To: Michael D'Errico <mike-list@pobox.com>
Content-Type: multipart/alternative; boundary="047d7b3a88dad14b5304e9fce77a"
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 (Re: TLS at IETF 88)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Oct 2013 22:32:20 -0000
Hello! In Russia we have some more authentication mechanisms and at least two cipher/MAC combinations. On Wed, Oct 30, 2013 at 7:49 PM, Michael D'Errico <mike-list@pobox.com>wrote: > Paul Hoffman wrote: > >> On Oct 29, 2013, at 11:16 AM, Joseph Salowey (jsalowey) < >> jsalowey@cisco.com> wrote: >> >> The TLS working group will meet at IETF 88 >>> Tuesday,November 5, 2013 from 1610 to 1840 PST >>> >>> The latest Agenda can be found here: https://datatracker.ietf.org/** >>> meeting/88/agenda/tls/<https://datatracker.ietf.org/meeting/88/agenda/tls/> >>> >> >> So we can come prepared: What will the topics for the hour of "TLS 1.3" >> be? >> > > I won't be at the meeting, but the one change I'd like to see in TLS 1.3 > is a separation of cipher suites into two parts - authentication mechanism > and encryption/mac algorithms. There are currently only 21 authentication > mechanisms defined: > > DH_anon > DH_DSS > DH_RSA > DHE_DSS > DHE_PSK > DHE_RSA > ECDH_anon > ECDH_ECDSA > ECDH_RSA > ECDHE_ECDSA > ECDHE_PSK > ECDHE_RSA > KRB5 > PSK > PSK_DHE > RSA > RSA_PSK > SRP_SHA > SRP_SHA_DSS > SRP_SHA_RSA > > and 31 combinations of encryption algorithm and MAC: > > 3DES_EDE_CBC_MD5 > 3DES_EDE_CBC_SHA > AES_128_CBC_SHA > AES_128_CBC_SHA256 > AES_128_CCM > AES_128_CCM_8 > AES_128_GCM_SHA256 > AES_256_CBC_SHA > AES_256_CBC_SHA256 > AES_256_CBC_SHA384 > AES_256_CCM > AES_256_CCM_8 > AES_256_GCM_SHA384 > ARIA_128_CBC_SHA256 > ARIA_128_GCM_SHA256 > ARIA_256_CBC_SHA384 > ARIA_256_GCM_SHA384 > CAMELLIA_128_CBC_SHA > CAMELLIA_128_CBC_SHA256 > CAMELLIA_128_GCM_SHA256 > CAMELLIA_256_CBC_SHA > CAMELLIA_256_CBC_SHA256 > CAMELLIA_256_CBC_SHA384 > CAMELLIA_256_GCM_SHA384 > NULL_MD5 > NULL_SHA > NULL_SHA256 > NULL_SHA384 > RC4_128_MD5 > RC4_128_SHA > SEED_CBC_SHA > > Thus there could be 31 x 20 = 620 usable cipher suites, but we have only > defined 286 of the possible combinations. > > Less-supported authentication mechanisms tend to have fewer options > available to them. For example SRP is usable only with 3DES and AES_CBC > at present since those are the only defined suites. Separating cipher > suites into two values would allow any encryption/mac combo to be used > with any authentication mechanism. > > I've noticed that there is current interest in adding more encryption > algorithms (e.g. Salsa, Chacha) and MACs (UMAC, VMAC, Poly1305) to TLS. > It seems to me that there'd be great value in only having to define a > single code point for each encryption/mac combination and having them > become immediately available for use with any authentication mechanism. > > Mike > ______________________________**_________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/**listinfo/tls<https://www.ietf.org/mailman/listinfo/tls> > -- SY, Dmitry Belyavsky
- [TLS] TLS at IETF 88 Joseph Salowey (jsalowey)
- Re: [TLS] TLS at IETF 88 Paul Hoffman
- Re: [TLS] TLS at IETF 88 Martin Rex
- [TLS] TLS 1.3 (Re: TLS at IETF 88) Michael D'Errico
- Re: [TLS] TLS 1.3 (Re: TLS at IETF 88) Dmitry Belyavsky