Re: [TLS] Deprecating more (DSA?) (was Re: Deprecating RC4 (was: draft-ietf-tls-encrypt-then-mac))
Tom Ritter <tom@ritter.vg> Tue, 15 April 2014 21:25 UTC
Return-Path: <tom@ritter.vg>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFB8F1A0499 for <tls@ietfa.amsl.com>; Tue, 15 Apr 2014 14:25:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.321
X-Spam-Level:
X-Spam-Status: No, score=0.321 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mX0OYTHmbFGW for <tls@ietfa.amsl.com>; Tue, 15 Apr 2014 14:25:13 -0700 (PDT)
Received: from mail-pb0-x22d.google.com (mail-pb0-x22d.google.com [IPv6:2607:f8b0:400e:c01::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 463B21A0488 for <tls@ietf.org>; Tue, 15 Apr 2014 14:25:13 -0700 (PDT)
Received: by mail-pb0-f45.google.com with SMTP id uo5so10007315pbc.18 for <tls@ietf.org>; Tue, 15 Apr 2014 14:25:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=msR2qCyM12jTbjMxNUyYbeXRtW4ZTtTN+NK724rp26E=; b=Y/cnJEzSLXVqtYG8rkoTaNhGIAii8BkE92jq5KChu/S0FnpqoDYWTXo49AXRCwVlme VxAY9ko1pu0gwSlmyz0g98uIAHXDKIN6RquR26GJhJiRdsTjVgC5RYno75274ds+ALD9 9eme15+ZKMkLpUYw2h8mxcUfG6AyZuEKAvlF4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=msR2qCyM12jTbjMxNUyYbeXRtW4ZTtTN+NK724rp26E=; b=aceq5JFuw0wNKujf4hGAtYxSI/K8aKCZAhHxiTSOkr2YuUm3z5bH4r8+8eYQrIIUG7 fyF5NoST/GcefFqWSK2n4n5PIL4gs4xqCN759Abnwm9A+YoZm5NXGT1q19AoNcaG0t6y Srp9eIY8S7h11MYTVY6ApwO65XcdP6E1YRWw8k9uqph8rwy2jwfSkgafWQ5NHlJTrWBF 2TvACzohPcKvea2nY3BpvHhHCzK3V//K2oiG3weHkq4fJnUr8IXrwHa+Ygk15Qotj0Sn g0LBj9TEnLSz6iCJfsf7wdvkmHlAPamdnkcc1s+bpDPnkJ2/RXKb/oO/FkCQjRo4gMcy KO+A==
X-Gm-Message-State: ALoCoQmAvK+eYVD0YqSINZAAVSYQa00vrcsIalZ7+Tpbn9xBXjNiWcOJH5fDKOgB2qOokVkkVmMB
X-Received: by 10.68.132.68 with SMTP id os4mr4348309pbb.129.1397597110364; Tue, 15 Apr 2014 14:25:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.198.68 with HTTP; Tue, 15 Apr 2014 14:24:50 -0700 (PDT)
In-Reply-To: <20140415210255.62e9fc65@hboeck.de>
References: <CABcZeBOvxL7Zws0UNowViBWGaVBgfm3zXt8=dNPKffGfN3q2gA@mail.gmail.com> <20140415153435.7f82b3a0@hboeck.de> <500CA3F0-86D2-4C60-8762-4481C1400479@gmail.com> <20140415160327.7dd88945@hboeck.de> <534D772F.5020908@fifthhorseman.net> <20140415210255.62e9fc65@hboeck.de>
From: Tom Ritter <tom@ritter.vg>
Date: Tue, 15 Apr 2014 17:24:50 -0400
Message-ID: <CA+cU71nRATUs8rq-E4dCb1yyo7FMpzdQAj6cDpiKwfns9E3mtQ@mail.gmail.com>
To: Hanno Böck <hanno@hboeck.de>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/GNEMZYQdNGbWWXOuCJQYKP-cPOA
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Deprecating more (DSA?) (was Re: Deprecating RC4 (was: draft-ietf-tls-encrypt-then-mac))
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Apr 2014 21:25:17 -0000
On 15 April 2014 15:02, Hanno Böck <hanno@hboeck.de> wrote: > But basically, the whole discussion about DSA's security is missing the > point. It's probably possible to implement DSA in a secure way. But > what I really want to achieve is getting TLS simpler. > I think there's wide agreement that DSA if done correctly has a > security comparable to RSA. However, in TLS everyone uses RSA, nobody > uses DSA. > And I think unused code is dangerous. Because nobody cares, nobody > tests it, nobody looks at it but it still can bite you when it comes to > security. That I think is a lesson we should've learned from > Heartbleed. And therefore I think we should identify unused parts of > the TLS spec and deprecate it. I think that's a reasonable approach. I have no problems with removing DSA (but keeping ECDSA around). I also have a strong preference to saying that any implementation of DSA/ECDSA MUST use deterministic DSA. I would love to get NIST* or whatever other standard body we need to bless it so that people will accept that recommendation. (And to be clear, I don't want them to just bless it, I want them to poke and prod at it and try and figure out if they can come up with any attacks, and then bless it.) -tom * I hope that people's distrust of NIST would not go so far as to say that an algorithm developed by a community contributor and blessed by NIST is no longer trustworthy. If so, the new tool of the NSA would be to have NIST bless all the secure algorithms leaving us with just insecure ones ;)
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Matt Caswell
- [TLS] Deprecating RC4 (was: draft-ietf-tls-encryp… Eric Rescorla
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Martin Thomson
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Kurt Roeckx
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Daniel Kahn Gillmor
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Peter Yee
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Andrei Popov
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Stephen Checkoway
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Yoav Nir
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Geoffrey Keating
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Jim Schaad
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Manuel Pégourié-Gonnard
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Johannes Merkle
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Stephen Farrell
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Richard Hartmann
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Yoav Nir
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Warren Kumari
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Eric Rescorla
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Martin Rex
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Martin Thomson
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Martin Rex
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Watson Ladd
- Re: [TLS] Deprecating RC4 (was: draft-ietf-tls-en… Bill Frantz
- [TLS] Deprecating more (DSA?) (was Re: Deprecatin… Hanno Böck
- Re: [TLS] Deprecating more (DSA?) (was Re: Deprec… Yoav Nir
- Re: [TLS] Deprecating more (DSA?) (was Re: Deprec… Hanno Böck
- Re: [TLS] Deprecating more (DSA?) (was Re: Deprec… Daniel Kahn Gillmor
- Re: [TLS] Deprecating more (DSA?) (was Re: Deprec… Hanno Böck
- Re: [TLS] Deprecating more (DSA?) (was Re: Deprec… Tom Ritter
- Re: [TLS] Deprecating more (DSA?) Alyssa Rowan
- Re: [TLS] Deprecating more (DSA?) Joseph Salowey (jsalowey)
- Re: [TLS] Deprecating more (DSA?) Watson Ladd
- Re: [TLS] Deprecating more (DSA?) Alyssa Rowan
- Re: [TLS] Deprecating more (DSA?) Johannes Merkle
- Re: [TLS] Deprecating more (DSA?) Brian Sniffen
- Re: [TLS] Deprecating more (DSA?) Bill Frantz
- Re: [TLS] Deprecating more (DSA?) Watson Ladd
- Re: [TLS] Deprecating more (DSA?) Samuel Neves
- Re: [TLS] Deprecating more (DSA?) Bill Frantz