Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 29 March 2023 15:00 UTC

From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "Kampanakis, Panos" <kpanos@amazon.com>
CC: Christopher Wood <caw@heapingbits.net>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
Thread-Index: AQHZYeDBSoMA1EiGfEGGwyKmBvcb0q8RAJaA///IHQCAAGWkgIAArBQA
Date: Wed, 29 Mar 2023 14:59:51 +0000
Message-ID: <7B644960-382D-4270-95E8-CE5637347A62@ll.mit.edu>
References: <6cf86afa53f348c69d5a22ed50ae6d4b@amazon.com>
In-Reply-To: <6cf86afa53f348c69d5a22ed50ae6d4b@amazon.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: pUmXnUJ//RM3pi4a5k+qsjznotcJk/crU9+Wlhz+EuYmWtno7KuiiYtgYzms0NyTV0yNfF5hHswQ3m8RvUHRJTWCs5q3VUaa6GrYnFjt1y+qM7Gt3RhF+AnO9oy9T8fdaXmPX5sc8TUxn+9Wfh4aEXqBXDuCZCJ/MizOgzwTkbn/lTxH4h6WDEWpNsgGDX04LuXxTuiS5OTiA7qy7ZAR08IRk3/Mqt58qS7UFyBfxtIusTDrg66FQNh0jCksF/lraQcH4zEcQumhlh6/soZWgVyu8lmpdlBPmZl4plm0k9AP9f9d+yc54NC7cxCDeidB
Content-Type: multipart/signed; boundary="Apple-Mail-3E8742DC-4763-4B97-92E2-10CEC5D9E263"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 681ee5c9-5da6-45c1-9418-08db30663fac
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Mar 2023 14:59:51.5661 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1690
X-Proofpoint-GUID: P-jAEyUsjYQkagrum1JkK7K0_JuoBzi7
X-Proofpoint-ORIG-GUID: P-jAEyUsjYQkagrum1JkK7K0_JuoBzi7
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-29_08,2023-03-28_02,2023-02-09_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 mlxscore=0 bulkscore=0 suspectscore=0 adultscore=0 malwarescore=0 phishscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2303290117
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/J09zirT_V-dJtltBK1LofjRvID0>
Subject: Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 15:00:01 -0000

Because that’s what CNSA requires. 

Regards,
Uri

> On Mar 29, 2023, at 00:45, Kampanakis, Panos <kpanos@amazon.com> wrote:
> 
> 
>  
> > I would also like secp384r1_kyber1024 option, please.
>  
> Why do you up the ECDH curve sec level with Kyber1024? It adds unnecessary size to the keyshare. like secp384r1_kyber768 combines two equivalent security levels.
> Those that want to be extra conservative can go secp521r1_kyber1024 which won’t be much worse than secp384r1_kyber1024 in performance or size.
>  
>  
>  
> From: TLS <tls-bounces@ietf.org> On Behalf Of Blumenthal, Uri - 0553 - MITLL
> Sent: Tuesday, March 28, 2023 10:40 PM
> To: Krzysztof Kwiatkowski <kris@amongbytes.com>; Christopher Wood <caw@heapingbits.net>
> Cc: TLS@ietf.org
> Subject: RE: [EXTERNAL][TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
>  
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
> 
>  
> Can we add secp256r1_kyber768 option for those who prefer NIST curves?
>  
> I support this.
>  
> I would also like secp384r1_kyber1024 option, please.
>  
> Thanks

Attachment: smime.p7s

[TLS] Consensus call on codepoint strategy for dr… Christopher Wood
Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
Re: [TLS] Consensus call on codepoint strategy fo… Eric Rescorla
Re: [TLS] Consensus call on codepoint strategy fo… Christopher Patton
Re: [TLS] Consensus call on codepoint strategy fo… Richard Barnes
Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
Re: [TLS] Consensus call on codepoint strategy fo… Loganaden Velvindron
Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Consensus call on codepoint strategy fo… Hubert Kario
Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
Re: [TLS] Consensus call on codepoint strategy fo… Scott Fluhrer (sfluhrer)
Re: [TLS] Consensus call on codepoint strategy fo… Watson Ladd
Re: [TLS] Consensus call on codepoint strategy fo… John Mattsson
Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Kampanakis, Panos
Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Ilari Liusvaara
Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Eric Rescorla
Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski
Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski

Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design

Attachment: smime.p7s