Re: [TLS] WG adoption + early code point assignment: draft-mavrogiannopoulos-chacha-tls

Adam Langley <agl@imperialviolet.org> Wed, 20 May 2015 15:15 UTC

Return-Path: <alangley@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E4141A8771 for <tls@ietfa.amsl.com>; Wed, 20 May 2015 08:15:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.122
X-Spam-Level:
X-Spam-Status: No, score=0.122 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wqeslDjgEFaa for <tls@ietfa.amsl.com>; Wed, 20 May 2015 08:15:33 -0700 (PDT)
Received: from mail-la0-x22b.google.com (mail-la0-x22b.google.com [IPv6:2a00:1450:4010:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C73AA1A8755 for <tls@ietf.org>; Wed, 20 May 2015 08:15:32 -0700 (PDT)
Received: by lagv1 with SMTP id v1so79213465lag.3 for <tls@ietf.org>; Wed, 20 May 2015 08:15:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=tvhgvswzrFDrwtf2NpSMYbTVCNTil3SdLM1bFdwHvUQ=; b=i+fw8EHexZvIMF6Y4O8qNs/QmbIS9a5jn+ek+vuSkDVUO9M4lmU4cSLBqAgne9TxJj JcftAw7pCZBeyAQYQDhDdoH0qKP5ompzELdt9FxEoBnP6xkY5AnPAt6+K0leQaBjpIIQ zHAq9Hn0if0YNlTtTnj7wOwNZGOMW5+7M36fRO8X0YvGlhhqSW86vhWRUs6wkHiZ0heP x9zuPHIXGLqemoC0EETDDYiEMUv900gO8UPtPcRkyLanYcfAD3bUqf2M4xQYoXHE7axF YFrSBItexjSyg1Cz//YbACDSoKM8obQsL/oT6HNqKfcSEmxumLcd3tmbKgklb74tij+a Bs6w==
MIME-Version: 1.0
X-Received: by 10.112.242.40 with SMTP id wn8mr18082107lbc.57.1432134931208; Wed, 20 May 2015 08:15:31 -0700 (PDT)
Sender: alangley@gmail.com
Received: by 10.112.89.69 with HTTP; Wed, 20 May 2015 08:15:31 -0700 (PDT)
In-Reply-To: <86AF5010-12A3-410A-AE23-9A0643D536EE@gmail.com>
References: <FD8B7C3F-C3DD-4367-B84D-26B9907F1B9D@ieca.com> <CABcZeBOqnyXS5kp=ZiN2PpKYt_dOg1+L4_S__h-+YP=n6sHk3A@mail.gmail.com> <1269593170.1072986.1432104184832.JavaMail.zimbra@redhat.com> <CABcZeBNQQKgBzzoia0TWzbG8PycoOLT+ejOM7dwNNfgNoCqRtA@mail.gmail.com> <86AF5010-12A3-410A-AE23-9A0643D536EE@gmail.com>
Date: Wed, 20 May 2015 08:15:31 -0700
X-Google-Sender-Auth: thwphdLym26bStbUNJPX_1LsNCc
Message-ID: <CAMfhd9XvrhX3MgjMOQ+P=c8oydWT6F6AwUfFerbSWLgra2tbdw@mail.gmail.com>
From: Adam Langley <agl@imperialviolet.org>
To: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/E0qW0AsKdxiIhizyE9k0FhN6n2M>
Cc: IETF TLS Working Group <tls@ietf.org>
Subject: Re: [TLS] WG adoption + early code point assignment: draft-mavrogiannopoulos-chacha-tls
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 15:15:39 -0000

On Wed, May 20, 2015 at 8:13 AM, Yoav Nir <ynir.ietf@gmail.com>; wrote:
> Yes, there’s that. I think that we should leave the record IV (which this
> draft makes equal to the RSN, while RFC 5288 allows to be chosen in any way)
> in the record for TLS 1.2.
> In 1.3 we’re anyway planning to do it differently and omit the IV, so we
> should do it there for both algorithms
> It’s a waste of 8 bytes, but that will give us one more reason to implement
> 1.3, no?

Nope, not going waste 8 bytes per record for no reason. The world has
wasted enough network bandwidth on that in AES-GCM already.


Cheers

AGL

-- 
Adam Langley agl@imperialviolet.org https://www.imperialviolet.org