Re: [TLS] Should CCM_8 CSs be Recommended?

Robert Cragie <robert.cragie@gridmerge.com> Thu, 05 October 2017 16:58 UTC

Return-Path: <robert.cragie@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99A76126D0C for <tls@ietfa.amsl.com>; Thu, 5 Oct 2017 09:58:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcbalXmWaH0r for <tls@ietfa.amsl.com>; Thu, 5 Oct 2017 09:58:01 -0700 (PDT)
Received: from mail-lf0-x22f.google.com (mail-lf0-x22f.google.com [IPv6:2a00:1450:4010:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1478C133344 for <tls@ietf.org>; Thu, 5 Oct 2017 09:58:01 -0700 (PDT)
Received: by mail-lf0-x22f.google.com with SMTP id n140so15397544lfn.4 for <tls@ietf.org>; Thu, 05 Oct 2017 09:58:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:sender:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bthB8iBdtB1Z5G3AcZWrzXcQsyPj71/5Y8L8td++5yo=; b=bJ6xani5RZ23JE/Bq0SgYWzZU4veCLbqRvE1JPr7tUG4i3SSgYbs4FbywJWO9Gch4w d6QhAbihmgFcT4ljWO3Mt691FfCVjk1U4kxeq7gK1ZjHXWAJLI+6cEwUKLPjl7kcS5Mf yFZvEVNP2ni+r54gKIVLsF/ANTIKcEitj7KxQ8U6FjaXR3gZ2Lkbq9hBOarmTywFMB94 lAAF/ZSxdqqxjgsUHwNt14OmX+FoehVNVGL8B5fHTaeNANmE7Ty85oM4P42r3YBD8K1N lfeXRUkey5rbh4EnMyp1LQOJ1vBjg2wcjXyuAsvhZCBlwYCcjytyvu5zaLpw72XinLRZ urnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:sender:in-reply-to :references:from:date:message-id:subject:to:cc; bh=bthB8iBdtB1Z5G3AcZWrzXcQsyPj71/5Y8L8td++5yo=; b=LtYK1meE3OZUAGTgGgnSNbTgh4AHGprUiWJmYYL9TEzrciAudar4qMdfZc1z9yfz7e 3Fz6YXqS1iz7D0S1hq2iz9FD5FtLijAouITYWLm+MqfQ7UEuz9oYRNN20nS3DVFp4ylR EJDJbcmf8DA9UWc8E5pWLrt93ZycMV+diOpDTS63eYNiK7p7llaQ+rYnxL4x5M0y2ah0 EybVsMHfXmKpozxYt4a4JtTTx57URiA/UR0PrTiPs88RoiwjlVb6l5mG7bEtY2fWZLm8 +EZ0iyu3gomVwX/rWUsmgMHEcn8yquJVnphlX5gJA3ulmmRMKzXzCD6VpfCGmAGzn39j lkQQ==
X-Gm-Message-State: AHPjjUjvI/zAWP+kU0wP/pLI5x+1kdGxH4eI/FEhHB8N0fwUo+nrAsi6 pPqEYt9IfCI4nRHSLrldUvTUwbDjn+3sJDhLLDGFgA==
X-Google-Smtp-Source: AOwi7QCfbF8iG4LVKlLnn+q5m05vXLEACAz/eqvZuDviWYS0LkFjn4p9ybAduWcrzL9kikMEw9bhAmKuiLSfe+GWeWo=
X-Received: by 10.46.23.25 with SMTP id l25mr11269924lje.178.1507222679288; Thu, 05 Oct 2017 09:57:59 -0700 (PDT)
MIME-Version: 1.0
Reply-To: robert.cragie@gridmerge.com
Sender: robert.cragie@gmail.com
Received: by 10.25.20.25 with HTTP; Thu, 5 Oct 2017 09:57:58 -0700 (PDT)
In-Reply-To: <04B47032-A6C6-4DDE-9C6E-E8A51303A320@sn3rd.com>
References: <CA26DC83-9524-4CDA-910A-7FDCBF73F849@sn3rd.com> <A77ED838-9A38-41AB-B063-FC6BE6996373@akamai.com> <CAOgPGoAH_-i8dpX0Df=bcrS9t_LMi0N+6T-tpr+ybkA3sfn8tg@mail.gmail.com> <CY4PR21MB0120E62327D33AD536BDD72E8C730@CY4PR21MB0120.namprd21.prod.outlook.com> <04B47032-A6C6-4DDE-9C6E-E8A51303A320@sn3rd.com>
From: Robert Cragie <robert.cragie@gridmerge.com>
Date: Thu, 5 Oct 2017 17:57:58 +0100
X-Google-Sender-Auth: wdf_oaEl2FlmkvDPwlGUBfNS64Y
Message-ID: <CADrU+dLhHq572HheOkv-m7CsvA+fyXrDNn_dML13bL7=GG0EMw@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>
Cc: Andrei Popov <Andrei.Popov@microsoft.com>, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c1a62b6657ebd055acfa05a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/9vncG4Xeqo8HtUBI6OlEeWr1AqU>
Subject: Re: [TLS] Should CCM_8 CSs be Recommended?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Oct 2017 16:58:05 -0000

The original requirement for the truncated (_8) authentication tags was
purely to save bytes. It makes very little difference re. processing as a
16 octet tag is always computed in AES-CCM-128 anyway.

I agree with the assessment that it is "limited applicability" in the grand
scheme of things although it may be more ubiquitous in IoT applications.

Robert

On 5 October 2017 at 17:45, Sean Turner <sean@sn3rd.com>; wrote:

> This is exactly how I think about it.
>
> spt
>
> > On Oct 4, 2017, at 12:11, Andrei Popov <Andrei.Popov@microsoft.com>;
> wrote:
> >
> > It seems that CCM_8 falls in the “limited applicability” bucket.
> However, there’s nothing wrong with IoT specs requiring these ciphers in
> their TLS profiles.
> >
> > Cheers,
> >
> > Andrei
> >
> > From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Joseph Salowey
> > Sent: Wednesday, October 4, 2017 11:42 AM
> > To: Salz, Rich <rsalz@akamai.com>;
> > Cc: <tls@ietf.org>; <tls@ietf.org>;
> > Subject: Re: [TLS] Should CCM_8 CSs be Recommended?
> >
> > The current editor's copy of the draft has the following text about the
> recommended column:
> >
> > The instructions in this document add a recommended column to many of
> the TLS registries to indicate parameters that are generally recommended
> for implementations to support. Adding a recommended parameter to a
> registry or updating a parameter to recommended status requires standards
> action. Not all parameters defined in standards track documents need to be
> marked as recommended.
> >
> > If an item is marked as not recommended it does not necessarily mean
> that it is flawed, rather, it indicates that either the item has not been
> through the IETF consensus process or the item has limited applicability to
> specific cases.
> >
> >
> > On Wed, Oct 4, 2017 at 4:58 AM, Salz, Rich <rsalz@akamai.com>; wrote:
> > ➢  We’re recommending that these five suites be dropped from the
> recommended list.  Please let us know what you think.
> >
> >
> > Does “recommended” mean for general use, in the public Internet?  Or is
> it “I know it when I see it” kind of thing?
> >
> > Either way, I support un-recommending them
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>