Re: [TLS] Consensus Call on MTI Algorithms
Yoav Nir <ynir.ietf@gmail.com> Wed, 01 April 2015 21:56 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C4441A8774 for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 14:56:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uusrPHP40fHf for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 14:56:42 -0700 (PDT)
Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 711571A8701 for <tls@ietf.org>; Wed, 1 Apr 2015 14:56:42 -0700 (PDT)
Received: by wixo5 with SMTP id o5so38280293wix.1 for <tls@ietf.org>; Wed, 01 Apr 2015 14:56:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=DSh+YdTry+gnUjsz7L4WyGCCVj+ypXj8dibyXuC47js=; b=0qgObRuxzhuyx02u1GyaSSbHbDXuSKPmEQ9hnGxL0RPGYRf5sydtJ3l3sTaNqf1FZg egYZbXeBFlmw7xqo5xUbWcRUTwksR9BRuZbPzr6uQmNpaaWnDDQzfxABha55ZxyDcW15 neUudxYTV/hRU9ZgLexruLxlFtUjj3/CTwynAamwajnnfsuXwdLglytu/m1Vk2pd4r/A hsnyOhcGYAMWlkwzjCwGR8qusV3YcHE99qLsj2qdA3CKR+/EI28aWP70pgtqRUFtHoh6 HDc8sweXd0ljNwpU1a3WFiUMo90mYU75TlMLXHELEABfYPhQQjATSu/x9Kok0jxXM4zi XxZQ==
X-Received: by 10.194.121.10 with SMTP id lg10mr89650403wjb.71.1427925401231; Wed, 01 Apr 2015 14:56:41 -0700 (PDT)
Received: from [192.168.1.17] ([46.120.13.132]) by mx.google.com with ESMTPSA id u10sm27254099wib.1.2015.04.01.14.56.40 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 01 Apr 2015 14:56:40 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_B978B24A-E1FD-4B0C-B36C-437F5E29FBF5"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com>
Date: Thu, 02 Apr 2015 00:56:38 +0300
Message-Id: <4EAF777A-0F04-400D-BFCA-AA1F13526770@gmail.com>
References: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/ABoiLDsEgrKp1SLAMf5XnxJVJY8>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call on MTI Algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 21:56:44 -0000
I support this. I think it’s kind of funny to make ChaCha20-Poly1305 a SHOULD-level requirement, when (a) there is no ciphersuite that uses this algorithm in the registry, and (b) the WG has not accepted any document that proposes such a ciphersuite. But it’s just funny, not bad. I’m sure we will adopt the document soon. Yoav > On Apr 1, 2015, at 9:12 PM, Joseph Salowey <joe@salowey.net> wrote: > > We did not get a chance to talk about MTI algorithms in Dallas, but the chairs would like to judge consensus for the algorithms discussed in the interim. The CFRG has closed or will close soon on ChaCha20 and curve 25519 recommendations so they are included. We will be calling for acceptance to bring drafts on these into the working group shortly. > > Keep in mind that mandatory to implement (MTI) is not mandatory to use and that it is expected that there will be profiles for specific environments. > > Below is the proposed algorithm list that had consensus at the Seattle Interim. Please reply on the TLS mailing list indicating whether or not you agree with the consensus. If not, please indicate why. This consensus call will close on April, 23, 2015. > > o Symmetric: > MUST AES-GCM 128 > SHOULD ChaCha20-Poly1305 > > o Hash: > MUST SHA-256 > > o Key Agreement: ECDH > MUST P-256 > SHOULD 25519 > > o Signature: > MUST ECDSA P-256 > MUST RSA > > Thanks, > > J&S > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Consensus Call on MTI Algorithms Joseph Salowey
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Dan Harkins
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Kurt Roeckx
- Re: [TLS] Consensus Call on MTI Algorithms Brian Smith
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Checkoway
- Re: [TLS] Consensus Call on MTI Algorithms Sean Turner
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Martin Thomson
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Rob Stradling
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Farrell
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Hubert Kario
- Re: [TLS] Consensus Call on MTI Algorithms Hanno Böck
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Rick Andrews
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Christian Huitema
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms James Cloos
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Daniel Kahn Gillmor