Re: [TLS] "Notes" column in draft-ietf-tls-rfc8447bis?
John Mattsson <john.mattsson@ericsson.com> Fri, 08 December 2023 09:30 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8B2DC15106B for <tls@ietfa.amsl.com>; Fri, 8 Dec 2023 01:30:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1wMMIbh8NwVZ for <tls@ietfa.amsl.com>; Fri, 8 Dec 2023 01:30:53 -0800 (PST)
Received: from EUR02-DB5-obe.outbound.protection.outlook.com (mail-db5eur02on2049.outbound.protection.outlook.com [40.107.249.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86641C15155C for <tls@ietf.org>; Fri, 8 Dec 2023 01:30:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cAPhend+e7Li0/WeFTRouRWcL0KdmxVu6IRF3RFmjD6to9tijn6rgCIzdg+XXBElTsva31sZUXVRV8q5tJ5VadehDfXfRrZRRdTzrZ1d25F9bq3C/ulhPtOTNtw7G4IiqxlZ4rJTNVf/l9bd7gHx44IBm1MjHJgAVzDVl4DDPfCAZwL6tdJE3btcQskTRdus7yVDzmZYNOI7pejD4o/be0+oYGhMrxKFFx75rkUXgmkHXQuFcTeHTLtBPVKLTmmPY8IGhzIh9AC5FfQNyWIuCQdGmEkgiDlR151ZPCtSIYQqrarPJpQp9PtGNcHJ82qYf0UFW8Zp8cdi0qFrGE9zlQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2IsbrPCA3eVBdchCHuALNI5OVivzmektQlwOe7LA0Y0=; b=bAaaVTbUv6fpHadRJziDBtKHiOrmJfXUmkzKl32iPXjmNlPb2T8lu4w+46tYxs1suUmdk914jj5TGFBsJdCh3Eyivz94oFBcE3twJuoyV1xc17Drnb+68RxWBcROOD4cKGgVQQi5qDhdzQ5YyfM8w15q4/0utiglLkTJ2pNjpdVLhv/EHd50fTms4BtLBZpeit4lYi0edTKDM6cK7+xl70XoP8xaT14U4DHG9L9n5XzR8LOYZow5G8AVeag56e94S/A+8Ocsmk2pyezSN2x+VxJ8sASAIPklCOXBKvhXr8g4hyyYt0f5kxNBDKQLHgLBDVMU1wTPapek36UncdQ7kg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2IsbrPCA3eVBdchCHuALNI5OVivzmektQlwOe7LA0Y0=; b=ouqrHd9DMxikybfG2wiU96NW7tkrU241O8u71fX0y2RFrw2wXjHIrDxHiAYhlxCn6amItcgXY39jzi078G+QB+vYzNipbsq2xOs6pEgK262tLnGNm9+tN+IkvhIE4KhAkK49wIFpa8fmLgPscP4HgEMjtq/1GzLbt/3XXDsJ6O6uglQLQf5Z36iQFsTf5DGfZwGah3mO9HqGhCTO8bV3ZjsTpplorOby76prkEeTM2mmcpeZsUGbi0uN6l6yI/FJZcpKS+A1WVZdo7E3VXhxAnnKd7kHaMHbB1AmgnPRIni73rE9lL+WMwAmFWEbkTcuszQgEuYemWZr0HRlfma59w==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by DU2PR07MB8111.eurprd07.prod.outlook.com (2603:10a6:10:270::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7068.28; Fri, 8 Dec 2023 09:30:50 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::5b7e:93e:145a:7cbb]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::5b7e:93e:145a:7cbb%2]) with mapi id 15.20.7068.026; Fri, 8 Dec 2023 09:30:50 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Valery Smyslov <smyslov.ietf@gmail.com>, 'Sean Turner' <sean@sn3rd.com>, "'Salz, Rich'" <rsalz@akamai.com>
CC: 'TLS List' <tls@ietf.org>
Thread-Topic: [TLS] "Notes" column in draft-ietf-tls-rfc8447bis?
Thread-Index: AQHZc7yk5dYhdyelckCbTfzFW/WfR7CdJieqgACtp4D//9xXgIAAHVwPgAAoO4CAApSmHQ==
Date: Fri, 08 Dec 2023 09:30:50 +0000
Message-ID: <GVXPR07MB96789CDCFF0F77243BAB2E01898AA@GVXPR07MB9678.eurprd07.prod.outlook.com>
References: <4E5AE0C0-E9FD-4BF8-8102-81F4A236C32B@akamai.com> <GVXPR07MB9678C46D361929DA5D14370B8984A@GVXPR07MB9678.eurprd07.prod.outlook.com> <18950AB7-02F8-4D3F-A786-AB233DC489A0@akamai.com> <3976BB0F-9649-4815-BE74-D433240D2833@sn3rd.com> <GVXPR07MB96786BB3FEA1EBC78B2C9ADA8984A@GVXPR07MB9678.eurprd07.prod.outlook.com> <009201da286e$9bd0d8c0$d3728a40$@gmail.com>
In-Reply-To: <009201da286e$9bd0d8c0$d3728a40$@gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|DU2PR07MB8111:EE_
x-ms-office365-filtering-correlation-id: ce876d41-c6a9-49e4-3119-08dbf7d05dd9
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hR4gKtb5DadnGfLq90clLUPc7BfU0sLKzFTnpzXAZ5e6INkrLJF4Sq+cwRW+WuPApz3IjoXTeHWcOE3iRGIAn0rjmL49ce5XAm/cTK0Hv6JJ2J+ChHYu+MXHNJty64zB0yk0f7FN0I6JKhGHA4NNwerBs8qOkHUcS0TknmctAHvjs56A+6RR4c23XeGAZUp0kMS+RM+5ovbQFqCXFOjWV4BSoW4jpqH7xDGxMgxi4dTrHPOt8uEB7YwLFE4DWUP54/C9ieCvgI74DuzpmRDBgXgcVkevkLwOEjfsec8PxzcstHZbrhN96bqX0Oi0uKL+JPdBsrMuUMCcROiRAeq7FnABiaPqa/S11WwcJKIfFeNKrua7xRhwUAabQAB3VdIAfgyw1nC9s5nNqbHRzUfUr7L+4D3XujcESoRv/+BLaJ+BpU8SkTwuZtDCX2JrkiJzjijXs2ZRQFyBwRWfdQkjWgDrcQK4/NpNlTQsxubQrSwYFgC3Q2cfj2KgbUUKo0Z85LfgWZateTyLR6AaedS+1v+eOfZScrIu86SG3ehgeu7vpfx+GOu/sRAiuPWlaxivBTrpLQJ0i79EEhiZVyEx+0bxRJzGz4bp7kYKTS+KQZEug8cSLA6+X3Wj2QDafCdLIEYFS8q4FgzsrpFf9+iHiwNSYEw359VyyR9UkjxA33aUfyGz4PZI0BxJbGIEm2ah
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVXPR07MB9678.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(39860400002)(376002)(346002)(396003)(366004)(230922051799003)(186009)(451199024)(64100799003)(1800799012)(5660300002)(8676002)(8936002)(4326008)(86362001)(44832011)(52536014)(38070700009)(41300700001)(2906002)(33656002)(55016003)(83380400001)(82960400001)(26005)(166002)(38100700002)(122000001)(66476007)(66556008)(64756008)(66946007)(66446008)(76116006)(110136005)(316002)(7696005)(6506007)(53546011)(71200400001)(9686003)(966005)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 6xmq8tBbh8fQJaLJVxffAdnLdJxAwTo89d85hjoyXjAHV4HGwtmZLHM8V5QIkq7rwtCXYfYjGJjqQNPJFo8PgudiMW3zEMKG9RPfa9yYzrKjBBFqTIIABYVUzFkfZOtRNBzImpo+VWPA2Lm6nn7Wn4B0XvXKkQVEijiE189ucRmAA0a+0XMb2NZnQ7vaZ6tDHVBvwDTSRAsY4BVquBuYWD1J/YvjjcMjuP4lgbPZcPNny326cWXSj4i6CvZ79qPN7zcfbTOzbSTXGg9t+v3VPbGqoW/6Fj4RiZkZqLYqY7t4p/jI2aun7lak8HdDMQ7U6ksZe9t0dtoweu/ykhvFFmS2yu6sDvMkTtYox+uoD/UaZQdsBZ9FuMPbq0HQ2I9FQwv8K01MRu3wRDCTVCaRqucIzz5ihrJVr2OrdaDsTU7AFzP6uoQZD10q7wv+JY0oOP8YwVyNoAcI2MPHXN5xVXLsB2C1XYw3e6tAOJl9euNiZD/Q4JMV40p/68MLj3lT2+A05lEhC7yoNp9ofwPsLEf9RhhpKRL0c4kaV+0COo6njZDKCrEFFG5iEvahAB8gDCR1hGD6PTIPJ8DV2kxqztiUMFEAVzWBMa0A/16C3+ZmfLmZV3NCUVqSZN+IpxPwhASxwnGNkqJ+VRrFYDvfHKCJi+sG9AkOf0YkE0l013DWyoS48Fow4BfuYdViykQRspg6x+P1uOFG3D+2CECJCGyjw9WOP2CduOKbRI9n8UTOY/WMxlSZJXGgj7eLEOBtcEcklTD4dpgy1IYe5lWBbPkNvp3MscRuX3lm69v1e3OYk6xm/fKZp1P/UcpYIC6o3WXjZi0g3tWc2FVRS37AmMHyu6ABat6tQfc+zY5JuDp2fx/hnLj94NurTAh8GE83gHZCPaqfE7tr1OdZTbp/ktSqVMw1tdYKINh9+d2/hk/hBNA271nq9lJtMhzyL8/lZV7f+YqBjpABeBVDVj0JPeFiwNgugH9vO3hJUr/fthDiGtOBZ4WDbSHl6DU7t779UiQuj/wKhOidw9XbLPjUdvvi/GJovs3zyFq1mNIRgrUbBUPlaEsZgw8Ebz/sA15YHp+3vwjgLqNZ2sl+kvv+MkGpu0h7xv4S6eq4Ox2hc6P2efg9+N+etOCYKuTRD70vFU/9D42xCYUSlfd417lcW+Hs2xX3ssqpOy31p/FwSmx+pB0XlUa9PxGWkz8aLL5jv2YN+PkSHW4CIXunNOn44qE6+NwGaQ2WJj0M3Cy93iuTzWxLIwxxD/CbJzCQlavWQQFiiKEsEB2EPM390fDvgNkifDkcWd8BcsdOZKlU88buynT9MOybHPoUotsQf7mCNN83SL8ah4takDqDmiPK6kCJJki6FX6QAU89Ai5vChVJPCYvRdB1Xry0RlfT+Gz994XhNuj64H/kdw5brfG6iuyypPsb//kXd32kW0EmOA0phfPKwnKwmTxTT9x8/NDgM7qmuHsR3gE/cg8lIgBX2zYUdE0If2qZu7ZBIHJRRzx1vzoCgs0vHWgxAm23Xmne/6Jo6XIzwEcb1pKkeiOYSDKrmOOrVYvQ1vM+QUXfwJUXwEp913UZ9t1Dl+Yc+VAqtjlWTuw5JBgtKRXA2W/l7oiyRA7h2T5Dso0Gh/eA50M=
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB96789CDCFF0F77243BAB2E01898AAGVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ce876d41-c6a9-49e4-3119-08dbf7d05dd9
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Dec 2023 09:30:50.2784 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: MMeZfxFBXJyba0Qq8AjwnLrd9rgm33LZ6QHZj7X2+9cuBE3Nzahv8bVTr0snoWaRfA5E98J8I70AlqWGIo3pWG9hCSKXIr6+xqCgI0/Xu7I=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR07MB8111
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/EY562B3QAYyl8jH3lg3x5Jj6agM>
Subject: Re: [TLS] "Notes" column in draft-ietf-tls-rfc8447bis?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Dec 2023 09:30:57 -0000
Hi, Valery Smyslov wrote: >No, they include only hash (GOSTR341112) and AEAD cipher (MAGMA_MGM or KUZNYECHIK_MGM). >Their order in the names is unusual (hash first, cipher second). Yes, my misunderstanding based on the weird naming order. So nothing weird technically. Ilari Liusvaara wrote: >Also, > >0x00,0xC6 TLS_SM4_GCM_SM3 >0x00,0xC7 TLS_SM4_CCM_SM3 > >Both are explicitly flagged as not OK for DTLS. However, using GCM/CCM >in usual way, so not difficult to define how those would work in DTLS >or QUIC (just copy what AES-128 does there). Yes, I agree that would be straightforward. But it has not been done yet. Ilari Liusvaara wrote: >If the _ECCPWD_ ones work for TLS 1.3, why wouldn't those work for DTLS >1.3 or QUIC? Those ciphersuites use AES in standard way, and DTLS/QUIC >do serialize the flights. Yes, you are correct that they should work. DTLS 1.3 and QUIC defined header protection for all cipher suites that use AES. Ilari Liusvaara wrote: >Well, _ECCPWD_ is just special snowflake as it modifies the key >exchange (I haven't checked if what it does actually works). Feels to me like it would have been good if _ECCPWD_ TLS 1.3 cipher suites had never been registered. What should have been done is to register TLS_AES_256_CCM_SHA384 together with some new key exchange or extentions.... Below is an updated table of TLS 1.3 cipher suites based on Ilari’s comments. One day I hope most of this info will be easy to extract from the IANA registry. Value Description DTLS 1.3 QUIC Comment 0x00,0xC6 TLS_SM4_GCM_SM3 N N Would be straightforward to specify use in DTLS 1.3 and QUIC 0x00,0xC7 TLS_SM4_CCM_SM3 N N Would be straightforward to specify use in DTLS 1.3 and QUIC 0x13,0x01 TLS_AES_128_GCM_SHA256 Y Y 0x13,0x02 TLS_AES_256_GCM_SHA384 Y Y 0x13,0x03 TLS_CHACHA20_POLY1305_SHA256 Y Y 0x13,0x04 TLS_AES_128_CCM_SHA256 Y Y 0x13,0x05 TLS_AES_128_CCM_8_SHA256 Y N QUIC RFC states MUST NOT use 0x13,0x06 TLS_AEGIS_256_SHA512 Y Y 0x13,0x07 TLS_AEGIS_128L_SHA256 Y Y 0xC0,0xB0 TLS_ECCPWD_WITH_AES_128_GCM_SHA256 Y Y 0xC0,0xB1 TLS_ECCPWD_WITH_AES_256_GCM_SHA384 Y Y 0xC0,0xB2 TLS_ECCPWD_WITH_AES_128_CCM_SHA256 Y Y 0xC0,0xB3 TLS_ECCPWD_WITH_AES_256_CCM_SHA384 Y Y 0xC0,0xB4 TLS_SHA256_SHA256 N N Impossible to use in DTLS 1.3 and QUIC as NULL encryption is used. 0xC0,0xB5 TLS_SHA384_SHA384 N N Impossible to use in DTLS 1.3 and QUIC as NULL encryption is used. 0xC1,0x03 TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L N N Not straightforward to specify use in DTLS 1.3 and QUIC due to per-packet rekeying 0xC1,0x04 TLS_GOSTR341112_256_WITH_MAGMA_MGM_L N N Not straightforward to specify use in DTLS 1.3 and QUIC due to per-packet rekeying 0xC1,0x05 TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S N N Not straightforward to specify use in DTLS 1.3 and QUIC due to per-packet rekeying 0xC1,0x06 TLS_GOSTR341112_256_WITH_MAGMA_MGM_S N N Not straightforward to specify use in DTLS 1.3 and QUIC due to per-packet rekeying Cheers, John From: Valery Smyslov <smyslov.ietf@gmail.com> Date: Wednesday, 6 December 2023 at 19:04 To: John Mattsson <john.mattsson@ericsson.com>, 'Sean Turner' <sean@sn3rd.com>, 'Salz, Rich' <rsalz@akamai.com> Cc: 'TLS List' <tls@ietf.org> Subject: RE: [TLS] "Notes" column in draft-ietf-tls-rfc8447bis? Hi John, just a clarification: The _GOSTR341112_ seems to include authentication and key exchange…. I did not think this was how TLS 1.3 cipher suites were supposed to be used. No, they include only hash (GOSTR341112) and AEAD cipher (MAGMA_MGM or KUZNYECHIK_MGM). Their order in the names is unusual (hash first, cipher second). Regards, Valery. Cheers, John Preuß Mattsson From: Sean Turner <sean@sn3rd.com> Date: Wednesday, 6 December 2023 at 14:55 To: Salz, Rich <rsalz@akamai.com>, John Mattsson <john.mattsson@ericsson.com> Cc: TLS List <tls@ietf.org> Subject: Re: [TLS] "Notes" column in draft-ietf-tls-rfc8447bis? > On Dec 6, 2023, at 08:02, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> wrote: > > Yes, I think information regarding if a cipher suite is for TLS 1.3 is very needed to have. I already asked for that in > https://mailarchive.ietf.org/arch/msg/tls/0gDKfXJvAemFDm7MWcS1DTDVIe8/ > > In addition, I would also like to information if the cipher suite can be used in QUIC. > > The 8447bis draft added a notes column to every TLS registry. The “1.2 is frozen” draft says to use it to indicate things like “for TLS 1.3 and later”. It’s a free-form text field, so we can direct IANA to put anything we want. :) Yep we added it via: https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-cc6bdfdfb39824c6&q=1&e=9148a29f-ecfe-46e0-869e-33ffd8475127&u=https%3A%2F%2Fgithub.com%2Ftlswg%2Frfc8447bis%2Fpull%2F48 spt
- [TLS] "Notes" column in draft-ietf-tls-rfc8447bis? Salz, Rich
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Salz, Rich
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… John Mattsson
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Salz, Rich
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Sean Turner
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… John Mattsson
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Salz, Rich
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Ilari Liusvaara
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Valery Smyslov
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… John Mattsson
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Valery Smyslov
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… John Mattsson
- Re: [TLS] "Notes" column in draft-ietf-tls-rfc844… Valery Smyslov