IETF Logo Mail Archive

[TLS] Require deterministic ECDSA

Joseph Birr-Pixton <jpixton@gmail.com> Sat, 23 January 2016 19:13 UTC

Return-Path: <jpixton@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 106E21A8FD4 for <tls@ietfa.amsl.com>; Sat, 23 Jan 2016 11:13:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QXQOwOlgR9r8 for <tls@ietfa.amsl.com>; Sat, 23 Jan 2016 11:13:41 -0800 (PST)
Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0ED11A8F37 for <tls@ietf.org>; Sat, 23 Jan 2016 11:13:40 -0800 (PST)
Received: by mail-oi0-x22d.google.com with SMTP id p187so66547805oia.2 for <tls@ietf.org>; Sat, 23 Jan 2016 11:13:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=967juKGbAiTjGRjOJODP7p5sE2OuR/hFv7mFi9b5P14=; b=n0sZhwABq4dglKcn5Qn7ypKPlNYIpjTEuEjANNHShzfXkgX74SRDmjmZ1caqnbidqo To2B3G+1mB41+an7R51ay8rw7Ey16iov0haCiJdm3Rr8WYEPBNb3/t3Ogt8l5Sqt6Mjc zqxFNTUdhfheig2Tbd1ijh3VWzJpJvWMGttx1MOrHQ9h/JXH02eJil0aAdEw4v/A3m26 Lm3SiJ5uYldrqsqjU4VUpsTAaIYdfX7EjQKDVkrlD2Ci9LD0NiycRsMejlph6TNklvVB p7yERCj56PqU3jk1dbRNPp1EzedshRO21e1bSEojSG/5yfbpSa+jnSYq7c0vpshkCqDO 8ZIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=967juKGbAiTjGRjOJODP7p5sE2OuR/hFv7mFi9b5P14=; b=IUNOFe9Tf/mpBzIjZ7nsKDuQVk/0VjbioZWyuR23wqQjh+EwMecLrsyfLHTX6mJndn bWCrhc7gEmnmccU3LvGGxuUFCeZ1WImZs/VX4/aFoMvO+TTGgSmxU7i22RtQ/VBbkcWh yYU4K3reTMfb7IvJa2/hAayV1+A6W0jIZ2LfXtfJt0A0WvWhFS1vg3THTnk/k7pOYW5A vrav2WjkGjKJ+mF/4oOzmG24U6HEN06CF1gh2kE8z6yQWgzqvEC8P3Y3bVduVtLA8AtK XlYo96oHswEaBa8e+uOQzHLvZ4D4iyhGYyhtXnVvUW5+PmIWDOIkyHYqCIEyUB64+U34 YChA==
X-Gm-Message-State: AG10YOSfWtY3cU78SppaK0mze0OYyBqV52RgPdav47AzsZIvpx6H4O/67FqKNfZZ3zSoNkQQTAlnFKGldt1eOw==
MIME-Version: 1.0
X-Received: by 10.202.87.77 with SMTP id l74mr7124981oib.96.1453576420156; Sat, 23 Jan 2016 11:13:40 -0800 (PST)
Received: by 10.182.196.104 with HTTP; Sat, 23 Jan 2016 11:13:40 -0800 (PST)
Date: Sat, 23 Jan 2016 19:13:40 +0000
Message-ID: <CACaGAp=-xJZN=L3av+DX_WQcki_k=L-_tc5dZnJNtM=M0W8MnQ@mail.gmail.com>
From: Joseph Birr-Pixton <jpixton@gmail.com>
To: tls@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/AZl_hvIB2O9VZUlodUUmsstxtvw>
Subject: [TLS] Require deterministic ECDSA
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jan 2016 19:13:42 -0000

Hi,

I'd like to propose that TLS1.3 mandates RFC6979 deterministic ECDSA.

For discussion, here's a pull request with possible language:

https://github.com/tlswg/tls13-spec/pull/406

Cheers,
Joe

v2.23.0 | Report a Bug | By Email