IETF Logo Mail Archive

Re: [TLS] PR#345: IANA Considerations

Joseph Salowey <joe@salowey.net> Wed, 25 November 2015 19:05 UTC

Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A57DE1AD1A3 for <tls@ietfa.amsl.com>; Wed, 25 Nov 2015 11:05:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gb1yWQ_mpx77 for <tls@ietfa.amsl.com>; Wed, 25 Nov 2015 11:05:40 -0800 (PST)
Received: from mail-lf0-x232.google.com (mail-lf0-x232.google.com [IPv6:2a00:1450:4010:c07::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB7B41AD0EA for <tls@ietf.org>; Wed, 25 Nov 2015 11:05:39 -0800 (PST)
Received: by lfaz4 with SMTP id z4so72143523lfa.0 for <tls@ietf.org>; Wed, 25 Nov 2015 11:05:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=JAX3Ylzj8KryfIyLSBr1e0i0fVQv46Kw9ph5Dc8QHR0=; b=hiIv1Cff/1JbF+feStIQvuMS+PYoONxeegFdonTh3wGOXI1zSm5bN+iJFe5NHdB5yN y8oBO8tKSGEMOGhTOBQBWH3nlZ/Pfx+XQW45sHuDk6cIJ+UFqtJmSb+BLuNLzhpa452c J/GfQb0PsJ+Fh1fkkZ+3knYrt4kr1w2RuGDezkIBm6tRfgJo1tFExSaHHLlj57eSSKB2 7PBqiXN6XHRKhzblgun2om7aXxlzdYZVJZ6bNOOkxm1XlfZXqTnVhL1xLA9PoMfjKBSR WC8hyEAtZLDVC8Xoqo5MVy88h9iaOenxHXT9WAe92R2IbpiUF6rWDS//j5e6m0mJZgg1 oWKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=JAX3Ylzj8KryfIyLSBr1e0i0fVQv46Kw9ph5Dc8QHR0=; b=IetLXhAuqXO9rGonwRHWPNBroNegGFRV7ykAtY3zAET+4H15F+roq5o3SQJ24tPpwR LLi3OK94yuQKSVAmBLaTA4I5tgnCKDRJcMVMo3Pfq3Dq2Rf9x7Zt/pt02pQ702h9SSvE j4lKX0ypVFtMKXgIBUdsQ8KYvu5j6h/Gl4B4cLgVeJz+Sh/jF4n/z+DJVlI+DYtBRw4a Jy3tEkziCI3TW9FCdEx6cDHv27H/mZWsNEzSR7hJF6pnO9NTpNCpU7q/Y4U+/7Ybni4f 2aBnjw3HSf66A3s82IxFEzzzRuJQnK4C64F1h3Jew0EKZZ5PHbtxYPazqdgmVsGWA3h0 qS3w==
X-Gm-Message-State: ALoCoQkO1vbOKuQvByv8iX7vMtqrlMJ4Gql4j0L8WP15kIwxxiqn6gKTw/ywztTsZ8JrhjyjYFpa
MIME-Version: 1.0
X-Received: by 10.25.35.194 with SMTP id j185mr17522846lfj.62.1448478337849; Wed, 25 Nov 2015 11:05:37 -0800 (PST)
Received: by 10.112.24.131 with HTTP; Wed, 25 Nov 2015 11:05:37 -0800 (PST)
In-Reply-To: <CABcZeBMyfhWHAsyfM4xO9HMWnz3WWPjrnD9+ay3PDfvh6KAPRw@mail.gmail.com>
References: <CABcZeBMN3mL3KYjMEjBqeZ+33it5Oi4BvO8zdz-2aXcs479bTQ@mail.gmail.com> <20151119150312.E8CDA1A383@ld9781.wdf.sap.corp> <CABcZeBMyfhWHAsyfM4xO9HMWnz3WWPjrnD9+ay3PDfvh6KAPRw@mail.gmail.com>
Date: Wed, 25 Nov 2015 11:05:37 -0800
Message-ID: <CAOgPGoD3fT-7aGP08kqifFavA6-xtfJT+4-S=7HD62fwE6_HKA@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a113a9f04cb01a0052562241f"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/GhKgwUPU5TPX7W2ZhDaCcxbfRjc>
Subject: Re: [TLS] PR#345: IANA Considerations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2015 19:05:42 -0000

It looks like we have rough consensus to accept this PR. We can still have
discussion on the naming of the categories.  We will also have to define
the IANA registration policy for changing the "recommended" bit.   I'll
open an issue for this,  I think changing the bit to recommended should
require IETF consensus.

Cheers,

Joe

On Thu, Nov 19, 2015 at 7:10 AM, Eric Rescorla <ekr@rtfm.com> wrote:

>
>
> On Thu, Nov 19, 2015 at 7:03 AM, Martin Rex <mrex@sap.com> wrote:
>
>> Eric Rescorla wrote:
>> >
>> > There are presently four categories of cipher suites vis-a-vis TLS 1.3.
>> >
>> > 1. MUST or SHOULD cipher suites.
>> > 2. Standards track cipher suites (or ones we are making ST, like
>> >     the ECC ones).
>> > 3. Non standards track cipher suites
>> > 4. Cipher suites you can't use at all with TLS 1.3, like AES-CBC.
>> >
>> > I think we're all agreed that category #1 should be marked recommended
>> > and that #3 and #4 should not be. This leaves us with category #2, which
>> > includes stuff like:
>> >
>> > - FFDHE
>> > - CCM
>> >
>> > My proposal is that we:
>> >
>> > - List all the Standards Track cipher suites that are compatible with
>> TLS
>> > 1.3 in Appendix A.
>> > - Mark all the cipher suites that are listed in Appendix A as
>> "Recommended"
>>
>>
>> I'm slightly confused.
>>
>> rfc5288 is standards track and describes AES-GCM with static RSA keyex.
>>
>
> This isn't compatible with TLS 1.3 because TLS 1.3 removes static RSA.
>
>
> rfc5289 is only informational (i.e. _not_ standards track) and describes
>> AES-GCM with ECDHE keyex.
>
>
> We are re-labelling the AES-GCM ECDHE suites as standards track either in
> this document or in RFC4492bis.
>
> -Ekr
>
>
>>
>>
>>
>> -Martin
>>
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>

v2.23.0 | Report a Bug | By Email