IETF Logo Mail Archive

[TLS] consensus: remove DSA from TLS 1.3

Sean Turner <sean@sn3rd.com> Thu, 17 September 2015 01:05 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 300C21A90C6 for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 18:05:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5JRxs9ErGcX8 for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 18:05:28 -0700 (PDT)
Received: from mail-pa0-x230.google.com (mail-pa0-x230.google.com [IPv6:2607:f8b0:400e:c03::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FE1A1A90C5 for <tls@ietf.org>; Wed, 16 Sep 2015 18:05:27 -0700 (PDT)
Received: by pacfv12 with SMTP id fv12so3933978pac.2 for <tls@ietf.org>; Wed, 16 Sep 2015 18:05:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=xfC/rToP0XHFx1D2k6RRUQgwjgenOlxUDlOvaUSRr2I=; b=WAiQ3dCkYZAFfkVcaoZEgsEbnRpAgAGbaXgA2je4K6XJmung+VicwPm0DpIiNuHFQu nXtz92JlCYlNMJ9GS14FwprqHOIBRgiq7itWzClpw4S0aivmQK+/15S3Za1p4UETranr yldbLyo38trn19IX1EqDfofpUv3TgL5Iaz+60=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-type:content-transfer-encoding :subject:message-id:date:to:mime-version; bh=xfC/rToP0XHFx1D2k6RRUQgwjgenOlxUDlOvaUSRr2I=; b=kt5r/9sCpt6gxt9Toin5YIZwcNDat3e1m2V5B39ihRPl+Y7/ylspCNkTvLGRMHjeBD 4gcDnqSdBIqnWV1ZJNTVAJlMUVT/5W9AWHplYmU1YFwS0TrdzLIDFI0lsdeqjPGWVK0H WcgzU5L6DfxiLlQmh7UMstQmoInh+0Iz7DiKBcmhnvlWrTk/IA/IuU6C8NFaAJsYwOoN syqNHuCrDRphDSuxiJavHwLLzLMSXZjpESt2qU3HiSRKG72IEWvo2aANpJji0BzDuPFK UxcjzQ2uftiENp3CAmMIe+VF4pQa3ZwOjT9SS7b4wgzwJsl5QzgmBp22YA9oQqtMt9zw ZZbg==
X-Gm-Message-State: ALoCoQm+ILxU7J8XZcpY4DJo7QSFNC/rpspZ5xN4VxfFLI9y2YMgrPaUHygn/tk9/MI+oAWoGgNM
X-Received: by 10.66.234.138 with SMTP id ue10mr66832095pac.9.1442451926984; Wed, 16 Sep 2015 18:05:26 -0700 (PDT)
Received: from [10.0.0.131] (75-144-26-38-sfba-ca.hfc.comcastbusiness.net. [75.144.26.38]) by smtp.gmail.com with ESMTPSA id df2sm488378pad.19.2015.09.16.18.05.25 for <tls@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 16 Sep 2015 18:05:26 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Message-Id: <16B1FDBC-9584-4F0F-8695-FAEE49A3CD78@sn3rd.com>
Date: Wed, 16 Sep 2015 18:05:26 -0700
To: "<tls@ietf.org>" <tls@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Aj8hNxnN_JSTHFcr5lnEmtn7_r4>
Subject: [TLS] consensus: remove DSA from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2015 01:05:29 -0000

All,

For the purposes of TLS1.3 specification, it’s clear that there is WG consensus to remove support for DSA the same way many curves from NamedGroup (s6.3.2.2) were removed, i.e., we’re going to remove references, code, etc.  If there is interest documenting how to support DSA in TLS1.3, a separate draft will need to be produced and it’ll need to work it’s way through the WG process.

spt

v2.23.0 | Report a Bug | By Email