[TLS] AD review of draft-ietf-tls-hybrid-design-12
Paul Wouters <paul.wouters@aiven.io> Tue, 27 May 2025 22:27 UTC
Return-Path: <paul.wouters@aiven.io>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id CA91F2D937C1 for <tls@mail2.ietf.org>; Tue, 27 May 2025 15:27:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=aiven.io
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mclpwvWteEWg for <tls@mail2.ietf.org>; Tue, 27 May 2025 15:27:29 -0700 (PDT)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B2E7F2D937BA for <tls@ietf.org>; Tue, 27 May 2025 15:27:29 -0700 (PDT)
Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-ad572ba1347so680835166b.1 for <tls@ietf.org>; Tue, 27 May 2025 15:27:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aiven.io; s=google; t=1748384849; x=1748989649; darn=ietf.org; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=wVE77rmeUHimOst1ifcvrexWTMeSIXn0I9Dq/Rm5MI8=; b=kc1PVQDhLcZC9TugZaMhpteOIOzAHuMrCeZhIxIGQ0/3NBBLJElIsxoRbySYDBOxU3 nDHlqArXHM//oT3nEND/csXzBbhHhmE6h5jFIKhWPHrb5HaOcBWdVbftYb/wEMjHUlEC tfvWvTbr88j2LZdnVtcgUHQbZZvb8+/EdVDIs=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748384849; x=1748989649; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=wVE77rmeUHimOst1ifcvrexWTMeSIXn0I9Dq/Rm5MI8=; b=u8DnL5Qdv2p9uYT7rXnLVSzXSERlleqYOlVEKPVKbV124gVJQKVzZ19XQrPOV6mc4U 6tb+Tl6QjtT1gK51H/l1aAvAFt4xNvz3f+g/el9m1IQ98Ih/9134wmNRl4kY+RzhvLen //WQu7JruRmR7zfRPN9qv6hvvENIDBektrPwy4wrdMNfD5IdpzD0Zdt8BTqy9evoCu4o TSKQOou1ascpMMXznd7HOrJgxpnxjLqeTaQg5T2ucmwGkg4j7XAhjUDRVhsE8reVZ5j5 tCyMVM8H7jj2/Olm2r1I2Z1ervKXH2A3gmmMW75wUV8Bxfc+dM4yqV0JjSLsRKDs+Tgg Dp8w==
X-Gm-Message-State: AOJu0YyuBD2Q4+5hd34EM8YEsIvdVAlYsu6F1bW7SL4zIBvkEAi7e+4v 6ej7tk2WYaK7Nl34AfNVVkAQVMUtxQe2EPWTbbalh7+H14hx9vjegGMskD6DIgvN5pp1GYhp8R6 bM4Lw7dXS/5x+ET0xEnMmoyzVNQpA3sZoIYjKMd5Ak9vKlkrdkzFOO54=
X-Gm-Gg: ASbGncsh0GZHAPHvw8fMFa6XwaO/KJouLzOpodke2hJNpUp8oVAim3M4z+zd2SSjyvt AEQ0OyPoPKAl0bZit7iFc/rVUec2TMG38MsAIuu4aWw5QUIIU+U4wAUlsQqu298Fos/ds/JpKhu LgT4NlA30JzL5sGbZbGXxnTrT7voIv2CvtSxo=
X-Google-Smtp-Source: AGHT+IEOFRvIi/w753tOVnummOSDv/zy7bDjkdeVKkGNiCKr9hIqibZ98mv+kqnDCxPbq/CcAcyJhM+QHCBjSblj+5w=
X-Received: by 2002:a17:907:9404:b0:ad8:9ab7:a270 with SMTP id a640c23a62f3a-ad89ab7a2d1mr171246466b.38.1748384848718; Tue, 27 May 2025 15:27:28 -0700 (PDT)
MIME-Version: 1.0
From: Paul Wouters <paul.wouters@aiven.io>
Date: Tue, 27 May 2025 18:27:17 -0400
X-Gm-Features: AX0GCFswiNVsBiZugUId0fw-QnkmOuq9eoehb0C5mQ404Fk6k409cg5Yep8HE9Y
Message-ID: <CAGL5yWY4EK00tJPhmtoFqVT4mmp=jUH5dZQ9YNwDRfR8QgPH2A@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d6d507063625912c"
Message-ID-Hash: 2IWAVJUMXVFF6SUCDPZ6KXKSI5LVZEKY
X-Message-ID-Hash: 2IWAVJUMXVFF6SUCDPZ6KXKSI5LVZEKY
X-MailFrom: paul.wouters@aiven.io
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dstebila@uwaterloo.ca, shay.gueron@gmail.com
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] AD review of draft-ietf-tls-hybrid-design-12
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DG4DOcJI4mSebuIsQ-skKkiLdDk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Hi,
I have some comments/questions regarding this document.
Selecting which next-generation algorithms to use in TLS 1.3, or
algorithm identifiers or encoding mechanisms for next-generation
algorithms. This selection will be based on the recommendations
by the Crypto Forum Research Group (CFRG), which is currently
waiting for the results of the NIST Post-Quantum Cryptography
Standardization Project [NIST].
Can we remove the sentence "This selection will be based on ..." or if we
want
to leave the CFRG part in there, remove the part "which is currently......".
I don't think this document should speculate on how selections will be
made. The latter
part additionally will age poorly (and seems already quite out of date
right now). Just
stating this document is not doing it is enough.
Finite-field and elliptic-curve Diffie-Hellman key exchange
methods used in TLS 1.3 satisfy this criteria.
Can we note that Finite-field DH is however, being deprecated in
draft-ietf-tls-deprecate-obsolete-kex. Or perhaps just not even mention
finite-field groups anymore?
Why is the document describing and registering(!) hybrids in Section 3.1
with Finite Field DHE?
Please move the text in section 3.1 from "Specific values shall be
registered by IANA in the TLS
Supported Groups registry." to the end of the section to the actual IANA
Considerations Section.
Please also format things properly for the IANA entries, and specify that
the RECOMMENDED
column should be N, and the DTLS-OK column should be Y (presumably)
Paul
- [TLS] AD review of draft-ietf-tls-hybrid-design-12 Paul Wouters
- [TLS] Re: AD review of draft-ietf-tls-hybrid-desi… Eric Rescorla
- [TLS] Re: AD review of draft-ietf-tls-hybrid-desi… Paul Wouters
- [TLS] Re: AD review of draft-ietf-tls-hybrid-desi… Douglas Stebila
- [TLS] Re: AD review of draft-ietf-tls-hybrid-desi… Paul Wouters