Re: [TLS] Consensus Call on MTI Algorithms
Watson Ladd <watsonbladd@gmail.com> Thu, 02 April 2015 05:32 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D7711A8822 for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 22:32:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_34=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WcmKl_5CZMhH for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 22:32:21 -0700 (PDT)
Received: from mail-wi0-x230.google.com (mail-wi0-x230.google.com [IPv6:2a00:1450:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C27001A0383 for <tls@ietf.org>; Wed, 1 Apr 2015 22:32:20 -0700 (PDT)
Received: by wizk4 with SMTP id k4so3229115wiz.1 for <tls@ietf.org>; Wed, 01 Apr 2015 22:32:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=GmurxFwHuDKaWYFXDFz1A59cBagmSl+UB6XnTyVtwTk=; b=pS2YplPYsHUkKFevjGDIHGOZNSaIu4C6VO84SLH1j/EBCKRqCAHwUeYu3U2Rsv1ZWi tHneP9llnORmGetqf3wrL4oJwXQCCDWvmdboB1LNPcHVvkXhlzPYT06zgKGYBAU48uES mx9f2WGhesWg1EpfyYYef0rYvP0avhWSn/1N7hvYN48t3DvnP0w9kGjDuj6vLTkmhcHF K2LMjbfUs9rRqbJlcTTWKLQwFgEhks0CWvEa/hFs9OUcWwuP4x+VRk6L5be/a3TYJdwI X9ZhRwAYAidZZDkcl0QRwgFSVhmaZT6CZ09CwzVw3j1PXYlRlseXza8v9ieLkZnjnMYe rSOA==
MIME-Version: 1.0
X-Received: by 10.180.86.162 with SMTP id q2mr21162438wiz.26.1427952739539; Wed, 01 Apr 2015 22:32:19 -0700 (PDT)
Received: by 10.194.136.233 with HTTP; Wed, 1 Apr 2015 22:32:19 -0700 (PDT)
In-Reply-To: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com>
References: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com>
Date: Wed, 01 Apr 2015 22:32:19 -0700
Message-ID: <CACsn0cnTJoGZq37=1FSQxaN5EiZg=NX0_qvpWh_1=KGDnhRsGw@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Joseph Salowey <joe@salowey.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/MkJYjMHb6CAuVCTCX65mbwXSAL4>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call on MTI Algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2015 05:32:22 -0000
On Wed, Apr 1, 2015 at 11:12 AM, Joseph Salowey <joe@salowey.net> wrote: > We did not get a chance to talk about MTI algorithms in Dallas, but the > chairs would like to judge consensus for the algorithms discussed in the > interim. The CFRG has closed or will close soon on ChaCha20 and curve 25519 > recommendations so they are included. We will be calling for acceptance to > bring drafts on these into the working group shortly. > > Keep in mind that mandatory to implement (MTI) is not mandatory to use and > that it is expected that there will be profiles for specific environments. > > Below is the proposed algorithm list that had consensus at the Seattle > Interim. Please reply on the TLS mailing list indicating whether or not you > agree with the consensus. If not, please indicate why. This consensus call > will close on April, 23, 2015. > > o Symmetric: > MUST AES-GCM 128 > SHOULD ChaCha20-Poly1305 > > o Hash: > MUST SHA-256 > > o Key Agreement: ECDH > MUST P-256 > SHOULD 25519 > > o Signature: > MUST ECDSA P-256 > MUST RSA > > Thanks, > > J&S I disagree with this consensus. Many devices have hardware accelerated AES, but not GCM. As it stands we don't have an efficient performer on these devices: AES+HMAC is probably the best option on these devices. I also don't like the idea of making non-interoperable profiles for different environments. Sincerely, Watson Ladd > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
- [TLS] Consensus Call on MTI Algorithms Joseph Salowey
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Dan Harkins
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Kurt Roeckx
- Re: [TLS] Consensus Call on MTI Algorithms Brian Smith
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Checkoway
- Re: [TLS] Consensus Call on MTI Algorithms Sean Turner
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Martin Thomson
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Rob Stradling
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Farrell
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Hubert Kario
- Re: [TLS] Consensus Call on MTI Algorithms Hanno Böck
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Rick Andrews
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Christian Huitema
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms James Cloos
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Daniel Kahn Gillmor