Re: [TLS] call for consensus: changes to IANA registry rules for cipher suites
"Dan Harkins" <dharkins@lounge.org> Mon, 04 April 2016 01:24 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B33B212D18D for <tls@ietfa.amsl.com>; Sun, 3 Apr 2016 18:24:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9WsZTUNNwK9Z for <tls@ietfa.amsl.com>; Sun, 3 Apr 2016 18:24:03 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 4AAA412D11A for <tls@ietf.org>; Sun, 3 Apr 2016 18:24:03 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 6467D1022404C; Sun, 3 Apr 2016 18:24:02 -0700 (PDT)
Received: from 31.133.138.227 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Sun, 3 Apr 2016 18:24:03 -0700 (PDT)
Message-ID: <96b5aa358a8bcc0145dfcd935d20062b.squirrel@www.trepanning.net>
In-Reply-To: <20DDE657-E1A9-4705-936D-40673294C4EB@sn3rd.com>
References: <20DDE657-E1A9-4705-936D-40673294C4EB@sn3rd.com>
Date: Sun, 03 Apr 2016 18:24:03 -0700
From: Dan Harkins <dharkins@lounge.org>
To: Sean Turner <sean@sn3rd.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/FuPPCMEK6mos9n7CPT2LNCslmBs>
Cc: tls@ietf.org
Subject: Re: [TLS] call for consensus: changes to IANA registry rules for cipher suites
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2016 01:24:06 -0000
Hi Sean, In general I support this but.... A stable, publicly available document is basically an RFC. So when the TLS WG says no that means asking an AD to sponsor or putting it into the Independent Stream process. So what it looks like you're doing is punting this problem into the lap of whoever is gonna be the Independent Stream Editor for this stuff because he or she will start getting a steady stream of requests for publication of documents describing a fabulous new TLS ciphersuite after the ADs tell everyone to "pound sand". I wonder if you have thought this through or prepped the stuckee? regards, Dan. On Tue, March 29, 2016 6:53 pm, Sean Turner wrote: > Hi! > > In Yokohama, we discussed changing the IANA registry assignment rules for > cipher suites to allow anyone with a stable, publicly available, peer > reviewed reference document to request and get a code point and to add an > âIETF Recommendedâ column to the registry. This change is motivated > by the large # of requests received for code points [0], the need to alter > the incorrect perception that getting a code point somehow legitimizes the > suite/algorithm, and to help implementers out. We need to determine > whether we have consensus on this plan, which follows: > > 1. The IANA registry rules for the TLS cipher suite registry [1] will be > changed to specification required. > > 2. A new âIETF Recommendedâ column will be added with two values: > âYâ or âNâ. Y and N have the following meaning: > > Cipher suites marked with a âYâ the IETF has consensus on > and are reasonably expected to be supported by widely > used implementations such as open-source libraries. The > IETF takes no position on the cipher suites marked with an > âNâ. Not IETF recommended does not necessarily (but can) > mean that the ciphers are not cryptographically sound (i.e., > are bad). Cipher suites can be recategorized from N to Y > (e.g., Curve448) and vice versa. > > 3. We will add a âNote" to the IANA registry itself (i.e., on [0]) that > matches the above so that the same information is available to those who > donât read the IANA considerations section of the RFC. > > Please indicate whether or not you could support this plan. > > Thanks, > > J&S > > [0] In the last year, the chairs have received requests for: > > PSK: https://datatracker.ietf.org/doc/draft-mattsson-tls-ecdhe-psk-aead/ > AES-OCB: https://www.ietf.org/archive/id/draft-zauner-tls-aes-ocb-03.txt > Kcipher2: https://datatracker.ietf.org/doc/draft-kiyomoto-kcipher2-tls/ > dragonfly: https://datatracker.ietf.org/doc/draft-ietf-tls-pwd/ > NTRU: http://www.ietf.org/id/draft-whyte-qsh-tls12-01.txt > JPAKE: not sure they got around to publishing a draft. > > [1] > https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] call for consensus: changes to IANA registr… Sean Turner
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Yoav Nir
- Re: [TLS] call for consensus: changes to IANA reg… Daniel Kahn Gillmor
- Re: [TLS] call for consensus: changes to IANA reg… Dmitry Belyavsky
- Re: [TLS] call for consensus: changes to IANA reg… Henrick Hellström
- Re: [TLS] call for consensus: changes to IANA reg… Benjamin Kaduk
- Re: [TLS] call for consensus: changes to IANA reg… Eric Rescorla
- Re: [TLS] call for consensus: changes to IANA reg… Henrick Hellström
- Re: [TLS] call for consensus: changes to IANA reg… Daniel Kahn Gillmor
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Yoav Nir
- Re: [TLS] call for consensus: changes to IANA reg… Sean Turner
- Re: [TLS] call for consensus: changes to IANA reg… Sean Turner
- Re: [TLS] call for consensus: changes to IANA reg… Ilari Liusvaara
- Re: [TLS] call for consensus: changes to IANA reg… Daniel Kahn Gillmor
- Re: [TLS] call for consensus: changes to IANA reg… Yoav Nir
- Re: [TLS] call for consensus: changes to IANA reg… Dave Garrett
- Re: [TLS] call for consensus: changes to IANA reg… Benjamin Kaduk
- Re: [TLS] call for consensus: changes to IANA reg… Bill Frantz
- Re: [TLS] call for consensus: changes to IANA reg… Rick van Rein
- Re: [TLS] call for consensus: changes to IANA reg… Stephen Farrell
- Re: [TLS] call for consensus: changes to IANA reg… Eric Rescorla
- Re: [TLS] call for consensus: changes to IANA reg… Stephen Farrell
- Re: [TLS] call for consensus: changes to IANA reg… Martin Thomson
- Re: [TLS] call for consensus: changes to IANA reg… Rick van Rein
- Re: [TLS] call for consensus: changes to IANA reg… Hannes Tschofenig
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Dang, Quynh (Fed)
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Benjamin Kaduk
- Re: [TLS] call for consensus: changes to IANA reg… Hannes Tschofenig
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Benjamin Kaduk
- Re: [TLS] call for consensus: changes to IANA reg… Hannes Tschofenig
- Re: [TLS] call for consensus: changes to IANA reg… Benjamin Kaduk
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Eric Rescorla
- Re: [TLS] call for consensus: changes to IANA reg… Hannes Tschofenig
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Hannes Tschofenig
- Re: [TLS] call for consensus: changes to IANA reg… Eric Rescorla
- Re: [TLS] call for consensus: changes to IANA reg… Stephen Farrell
- Re: [TLS] call for consensus: changes to IANA reg… Rick van Rein
- Re: [TLS] call for consensus: changes to IANA reg… Andrei Popov
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Watson Ladd
- Re: [TLS] call for consensus: changes to IANA reg… Salz, Rich
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Peter Gutmann
- Re: [TLS] call for consensus: changes to IANA reg… Watson Ladd
- Re: [TLS] call for consensus: changes to IANA reg… Peter Gutmann
- Re: [TLS] call for consensus: changes to IANA reg… Phil Lello
- Re: [TLS] call for consensus: changes to IANA reg… Kaduk, Ben
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Phil Lello
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Adam Langley
- Re: [TLS] call for consensus: changes to IANA reg… Peter Gutmann
- Re: [TLS] call for consensus: changes to IANA reg… Adam Langley
- Re: [TLS] call for consensus: changes to IANA reg… Dan Harkins
- Re: [TLS] call for consensus: changes to IANA reg… Aaron Zauner
- Re: [TLS] call for consensus: changes to IANA reg… Sean Turner
- Re: [TLS] call for consensus: changes to IANA reg… Dang, Quynh (Fed)
- Re: [TLS] call for consensus: changes to IANA reg… Sean Turner