Re: [TLS] Re: Draft for SM cipher suites used in TLS1.3
"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Fri, 16 August 2019 15:05 UTC
Return-Path: <prvs=3131b19307=uri@ll.mit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ADD5120052 for <tls@ietfa.amsl.com>; Fri, 16 Aug 2019 08:05:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.194
X-Spam-Level:
X-Spam-Status: No, score=-4.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xYP1dob2g2DP for <tls@ietfa.amsl.com>; Fri, 16 Aug 2019 08:05:39 -0700 (PDT)
Received: from llmx3.ll.mit.edu (LLMX3.LL.MIT.EDU [129.55.12.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EAC56120047 for <tls@ietf.org>; Fri, 16 Aug 2019 08:05:37 -0700 (PDT)
Received: from LLE2K16-MBX03.mitll.ad.local (LLE2K16-MBX03.mitll.ad.local) by llmx3.ll.mit.edu (unknown) with ESMTPS id x7GF5ZXQ047355 for <tls@ietf.org>; Fri, 16 Aug 2019 11:05:35 -0400
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: TLS <tls@ietf.org>
Thread-Topic: [TLS] Re: Draft for SM cipher suites used in TLS1.3
Thread-Index: AQHVVAJVK0PrqEdKSEeegSRe0UZt+Kb94BWA
Date: Fri, 16 Aug 2019 15:05:33 +0000
Message-ID: <CD858630-F612-4069-B48B-673594B80437@ll.mit.edu>
References: <3dfe43fe-b81c-4fc1-91af-3a1e8565794e.kepeng.lkp@alibaba-inc.com>
In-Reply-To: <3dfe43fe-b81c-4fc1-91af-3a1e8565794e.kepeng.lkp@alibaba-inc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1b.0.190715
x-originating-ip: [172.25.1.85]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3648798333_348709734"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-08-16_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908160159
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/IUtxraSIfLBcuF5VQUB9qU-j1l0>
Subject: Re: [TLS] Re: Draft for SM cipher suites used in TLS1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Aug 2019 15:05:42 -0000
AFAIK, all the ISO standards that IETF refers to, were defined elsewhere first, i.e., ISO defined them based on some open submissions, publications, etc. I fully agree with Rene – if you want the specs standardized, provide the complete specs, including the missing parts 1 and 3. From: TLS <tls-bounces@ietf.org> on behalf of Kepeng Li <kepeng.lkp@alibaba-inc.com> Reply-To: Kepeng Li <kepeng.lkp@alibaba-inc.com> Date: Friday, August 16, 2019 at 3:15 AM To: "rstruik.ext" <rstruik.ext@gmail.com>, TLS <tls@ietf.org> Subject: [TLS] Re: Draft for SM cipher suites used in TLS1.3 Hi Rene and all, > Since the ISO documents are not available to the general > public without payment, it would be helpful to have a freely available > document (in English) from an authoritative source. Having such a > reference available would be helpful to the IETF community (and > researchers). About the references to ISO documens, I think it is a general issue for IETF drafts. How does the other IETF drafts make the references to ISO documents? ISO documents are often referenced by IETF drafts. Thanks, Kind Regards Kepeng —————————————————————————————————————————————————————————————————— Re: [TLS] Draft for SM cipher suites used in TLS1.3 Rene Struik <rstruik.ext@gmail.com> Thu, 15 August 2019 15:34 UTCShow header Hi Paul: I tried and look up the documents GMT.0009-2012 and GBT.32918.5-2016 on the (non-secured) websites you referenced, but only found Chinese versions (and Chinese website navigation panels [pardon my poor language skills here]). Since the ISO documents are not available to the general public without payment, it would be helpful to have a freely available document (in English) from an authoritative source. Having such a reference available would be helpful to the IETF community (and researchers). Please note that BSI provides its specifications in German and English, so as to foster use/study by the community. If the Chinese national algorithms would be available in similar form, this would serve a similar purpose. FYI - I am interested in full details and some time last year I tried to download specs, but only Parts 2, 4, and 5 were available [1], [2], [3], not Parts 1 and 3. Best regards, Rene [1] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 5 - Parameter Definition (SEMB, July 24, 2018) [2] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 2 - Digital Signature Algorithm (SEMB, July 24, 2018) [3] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 4 - Public Key Encryption Algorithm (SEMB, July 24, 2018) On 8/15/2019 10:16 AM, Paul Yang wrote: > Hi all, > > I have submitted a new internet draft to introduce the SM cipher > suites into TLS 1.3 protocol. > > https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 > > SM cryptographic algorithms are originally a set of Chinese national > algorithms and now have been (or being) accepted by ISO as > international standards, including SM2 signature algorithm, SM3 hash > function and SM4 block cipher. These algorithms have already been > supported some time ago by several widely used open source > cryptographic libraries including OpenSSL, BouncyCastle, Botan, etc. > > Considering TLS1.3 is being gradually adopted in China's internet > industry, it's important to have a normative definition on how to use > the SM algorithms with TLS1.3, especially for the mobile internet > scenario. Ant Financial is the company who develops the market leading > mobile app 'Alipay' and supports payment services for Alibaba > e-commerce business. We highly are depending on the new TLS1.3 > protocol for both performance and security purposes. We expect to have > more deployment of TLS1.3 capable applications in China's internet > industry by this standardization attempts. > > It's very appreciated to have comments from the IETF TLS list :-) > > Many thanks! > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Re: Draft for SM cipher suites used in TLS1… Kepeng Li
- Re: [TLS] Re: Draft for SM cipher suites used in … Blumenthal, Uri - 0553 - MITLL