Re: [TLS] Call for WG adoption of draft-mattsson-tls-ecdhe-psk-aead
Dave Garrett <davemgarrett@gmail.com> Tue, 26 April 2016 09:22 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A35212B069 for <tls@ietfa.amsl.com>; Tue, 26 Apr 2016 02:22:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2LrCw6TE3kWE for <tls@ietfa.amsl.com>; Tue, 26 Apr 2016 02:22:09 -0700 (PDT)
Received: from mail-qk0-x233.google.com (mail-qk0-x233.google.com [IPv6:2607:f8b0:400d:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C09812B01F for <tls@ietf.org>; Tue, 26 Apr 2016 02:22:08 -0700 (PDT)
Received: by mail-qk0-x233.google.com with SMTP id x7so3028439qkd.3 for <tls@ietf.org>; Tue, 26 Apr 2016 02:22:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-transfer-encoding:message-id; bh=SWUaooSwsPJiN3thJbyoOblQVcN7OG7JtHZG31atoUE=; b=J9p9S1cA9LGBBR4UxJzyifr/V/XjLWu8k+sOas2Rt/AY/upgUmqnHqOSnSSNdDbzxi SxTZ7KRkli3DGa9owzX6tKSD8fF1QEZpdEq0ShFtEDFwhSRVYGbA29QeFWzwzP65yRbh 9tTF9S5+n6qplNSP9JQCMX4yc8RMoFt4wWjJGFSRpsYCkmuEX5F3HVs4I1//I3xOuhz+ fQJuTMGlVJrHtkPLbxjaZyz1oAF537VQVlMYiLyEB22b/X8/rOJ7i+XTvZfgwopjLpKB AoaObPOHnaDnexNmmlqjxjJvzqQLj8WZ+6M4xICm6vAfLhr/bQ/FXuQAL37g/qAd6x6t KPTw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:user-agent:cc:references :in-reply-to:mime-version:content-transfer-encoding:message-id; bh=SWUaooSwsPJiN3thJbyoOblQVcN7OG7JtHZG31atoUE=; b=PRxezRaxWeqxcCBSAaEDgSgBmgqr8lvwzBkiKwUzF/BYtEWcqu0lGnZP7Ckj1tyzjx 6bFbb62uyot/1QOvdsavXX9JRZng4PlmVpTS2qIOmqcOVMp2FWiqn3RMGKw+fsHRDU2/ FW+SEfIw4wED/AVtSlb9yajzeJHhbJX4hLEt6sk6x/2tOkmDxXpWA5sOQadHKgpouaSS GYTapIrVD8a/TXz9HW6UVYCn1E/pwC5CP1ZTjCTjf5aZkkC2HOu8/5OQDe31dfcDsY7A nqtzkwbe/DalU7LMG4V3t3CrraRrh9tRJ+NmvAZ3KqxTKyqPvtNMt17LDfI9HMNNIvdC yyBg==
X-Gm-Message-State: AOPr4FV+gvvCIycE/BJ+FQBo0hdEojt032w04FSOyu7FuJhVzy3fZCiHXG+6Z/AdpxSQyQ==
X-Received: by 10.55.79.5 with SMTP id d5mr1184067qkb.30.1461662528104; Tue, 26 Apr 2016 02:22:08 -0700 (PDT)
Received: from dave-laptop.localnet (pool-72-94-36-244.phlapa.fios.verizon.net. [72.94.36.244]) by smtp.gmail.com with ESMTPSA id r18sm8524286qhb.35.2016.04.26.02.22.07 (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 26 Apr 2016 02:22:07 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Tue, 26 Apr 2016 05:22:05 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <E7FC2BE3-0BEF-4F1C-A394-73A54701803E@sn3rd.com>
In-Reply-To: <E7FC2BE3-0BEF-4F1C-A394-73A54701803E@sn3rd.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-Id: <201604260522.05723.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/ED71-ZE5M3snm-tUePlQMKa4rX4>
Subject: Re: [TLS] Call for WG adoption of draft-mattsson-tls-ecdhe-psk-aead
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Apr 2016 09:22:11 -0000
Just to make note on-list, I support adoption of the draft. I've already cited it in the current TLS 1.3 draft as a normative reference, and thus consider it required for completion of the new version. One objection to part of the current draft, though, which I think needs changing. It currently states that implementations have a MUST-level requirement to use no less than 255-bit curves with AES-128 and 384-bit curves with AES-256. Due to discussion on here a bit back, my current opinion is that the floor should be set to 255-bit for both. Yes, ideally you'd prefer comparable security levels, but AES-256 gives some PQ resistance and bigger ECC is just as dead there as with a smaller curve. Transitioning to stronger symmetric, over the long term, need not be held back by performance worries if some were required to use slower ECDHE, especially with some devices that may be using PSK for performance reasons. Also, I'd much prefer this be adopted as a separate draft and not merged fully into the TLS 1.3 draft. Dave On Monday, April 25, 2016 11:17:45 am Sean Turner wrote: > draft-mattsson-tls-ecdhe-psk-aead includes some cipher suites that are needed for TLS1.3. We need to get these officially registered so the chairs would like to hear whether there is WG support for adopting draft-mattsson-tls-ecdhe-psk-aead. Please let us know whether you: > > - Support adoption and are willing to review/comment on the draft by 201600429; the chairs still need people to review the draft to show there’s support for it as we process it down the path. > > - Object to the adoption of this draft as a WG item, please respond to the list indicating why by 201600429. > > Note 1: This draft will get published using the new rules we’ve been concocting on the list so the IANA considerations section will get tweaked as we settle on what words need to be included. > > Note 2: The other option is to put the registrations in the TLS1.3 spec, but that would add four pages that I’m pretty sure no implementer is going to read so there seems to be little point in included the registrations in the TLS1.3 spec. And, these cipher suites do apply to TLS1.2.
- [TLS] Call for WG adoption of draft-mattsson-tls-… Sean Turner
- Re: [TLS] Call for WG adoption of draft-mattsson-… Sean Turner
- Re: [TLS] Call for WG adoption of draft-mattsson-… Andrei Popov
- Re: [TLS] Call for WG adoption of draft-mattsson-… Dave Garrett
- Re: [TLS] Call for WG adoption of draft-mattsson-… Martin Thomson
- Re: [TLS] Call for WG adoption of draft-mattsson-… Nikos Mavrogiannopoulos
- Re: [TLS] Call for WG adoption of draft-mattsson-… Hannes Tschofenig
- Re: [TLS] Call for WG adoption of draft-mattsson-… Dave Garrett