Re: [TLS] (selection criteria for crypto primitives) Re: sect571r1

Dave Garrett <davemgarrett@gmail.com> Tue, 21 July 2015 15:30 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFC7B1A8A1F for <tls@ietfa.amsl.com>; Tue, 21 Jul 2015 08:30:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u_ZOfiXwTaWz for <tls@ietfa.amsl.com>; Tue, 21 Jul 2015 08:30:18 -0700 (PDT)
Received: from mail-yk0-x235.google.com (mail-yk0-x235.google.com [IPv6:2607:f8b0:4002:c07::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2819C1A066C for <tls@ietf.org>; Tue, 21 Jul 2015 08:30:18 -0700 (PDT)
Received: by ykay190 with SMTP id y190so168501352yka.3 for <tls@ietf.org>; Tue, 21 Jul 2015 08:30:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=USE61AowHuZBBv172zfl5qHgK6NRGQmgmi+Clwpff/w=; b=kpV8N5CCqI4HL7ZAQb+KAj8ilchB8x5TmxGMvfYbY/f9lpy7WMFIxI8WNZuVWM0h9+ BBx291KbNXTVtrjr/tR9gCQsUkAlXqqsY6FIUdncbH0Oy8o9oERCV6DnNZbPnpNVrrVg z3DYyjcpCEQ9VboZg9zuKNKcDxg73LzW9dOUb8qxrqKbSaCsJM+sqoW+UBltl9VkOL6Z zwh3Gs2hF1T4FjZh1cvysXzCFC6H5eiPK6S4Mx8wU1fcJDgpUP44aaAsFs2wHSdgWLKX ab9cXK3fswlddlQWN0mwKMgUFaLclTM/vZ09J/YkHT9rT6JeyjB8T3mncRrqM4Dc12jU KDqA==
X-Received: by 10.129.74.135 with SMTP id x129mr34093934ywa.98.1437492617569; Tue, 21 Jul 2015 08:30:17 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by smtp.gmail.com with ESMTPSA id x22sm3428746ywd.46.2015.07.21.08.30.16 (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 21 Jul 2015 08:30:17 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Tue, 21 Jul 2015 11:30:15 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <20150716002056.8BD691A1E9@ld9781.wdf.sap.corp> <55AE5995.7060600@secunet.com> <20150721144705.GA24492@LK-Perkele-VII>
In-Reply-To: <20150721144705.GA24492@LK-Perkele-VII>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201507211130.15582.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Bn7kZUOdpSXIRMpGyMVokoizZU0>
Subject: Re: [TLS] (selection criteria for crypto primitives) Re: sect571r1
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2015 15:30:22 -0000

On Tuesday, July 21, 2015 10:47:05 am Ilari Liusvaara wrote:
> I thought that Brainpool curves weren't removed (even if those aren't
> explicitly in), which are random prime curves.
> 
> Also, the security of binary curves seems quite questionable.

Brainpool curves aren't in the TLS 1.3 draft, but they're not prohibited either.

If there's no strong objection, I'd like to add them to the list, if just to document the current NamedGroup registry. I could add a recommendation to stick to standards track, for those worrying about them.

https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8


Dave