Re: [TLS] AD review of draft-ietf-tls-negotiated-ff-dhe-08
Santiago Zanella <szanella@gmail.com> Wed, 15 April 2015 15:32 UTC
Return-Path: <szanella@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22ED21B35DE for <tls@ietfa.amsl.com>; Wed, 15 Apr 2015 08:32:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RhPVyGyRifMu for <tls@ietfa.amsl.com>; Wed, 15 Apr 2015 08:32:58 -0700 (PDT)
Received: from mail-la0-x22a.google.com (mail-la0-x22a.google.com [IPv6:2a00:1450:4010:c03::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6E5C1AC430 for <tls@ietf.org>; Wed, 15 Apr 2015 08:32:57 -0700 (PDT)
Received: by labbd9 with SMTP id bd9so35680273lab.2 for <tls@ietf.org>; Wed, 15 Apr 2015 08:32:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=NHSeJxr4sJ+bywSVBI+Sukg+/sF9QOMAZB53WzEwmDE=; b=UoBYqanH7apBqOsNyprILqxpQfWBzEdz+up8OnSuR21pgFp816ZxZTAp3tCdeQufEc 6lQAR42DZw3ETsmyfPOrlVgQasecWqaPKPYgkdpMeAhVd3L+1aFxy0pFCr73IRtcXyei y0ottVnbnZn+hASbkrA4KmlwSYyQV/VcMn6Z7QD1nAoaQn/UQYOcN3AQ7aMV9fRN2tqY m+A7NHzUpI8GqG1seuiuQhG448ycprVuejyCT09W76qqsoU9PjZnTq3D9LRclu64C+u8 mSzUKJVS1ttiM1juTHSOXwhhKDQyNuf4+Asyl6zXYeR74TJ+miTAr7ETz4Ei5l8v45S/ /aaA==
X-Received: by 10.112.210.230 with SMTP id mx6mr24512433lbc.64.1429111975994; Wed, 15 Apr 2015 08:32:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.112.172.196 with HTTP; Wed, 15 Apr 2015 08:32:15 -0700 (PDT)
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73AAFF967A@uxcn10-tdc05.UoA.auckland.ac.nz>
References: <9A043F3CF02CD34C8E74AC1594475C73AAFF967A@uxcn10-tdc05.UoA.auckland.ac.nz>
From: Santiago Zanella <szanella@gmail.com>
Date: Wed, 15 Apr 2015 17:32:15 +0200
Message-ID: <CALwgpw__fEjBXvxHNBYabNqrRq0RAuhWviWtH_qrOCZDst_sAQ@mail.gmail.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/M5UAVuRVh85OiKbFcE38025glb4>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] AD review of draft-ietf-tls-negotiated-ff-dhe-08
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2015 15:32:59 -0000
Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: > So... if 8.7% is the most widely-used group (since you qualify the > 7.8% one with "the most common with a modulus longer than 1024 > bits") That does not follow from what I said. The 8.7% group is the 4th most common, the top 3 have also 1024-bit moduli. > that means the most common group is one that the ff-dhe draft > doesn't allow you to specify, and the most common group with a > modulus longer than 1024 bits is... another one that the ff-dhe > draft doesn't allow you to specify. Yes, and rightfully so because we want to get rid of 1024-bit groups and have good reasons not to reuse groups from other protocols. But note that the draft reserves codepoints for private use that can be used locally to specify other groups. The minimum acceptable size was set at 2048 bits was a result of a straw poll: http://www.ietf.org/mail-archive/web/tls/current/msg14438.html --Santiago
- [TLS] AD review of draft-ietf-tls-negotiated-ff-d… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Martin Thomson
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Martin Rex
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Martin Rex
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Daniel Kahn Gillmor
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Daniel Kahn Gillmor
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Daniel Kahn Gillmor
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Geoffrey Keating
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Daniel Kahn Gillmor
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Peter Gutmann
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Santiago Zanella
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Santiago Zanella
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Peter Gutmann
- Re: [TLS] AD review of draft-ietf-tls-negotiated-… Santiago Zanella