Re: [TLS] I-D Action: draft-ietf-tls-chacha20-poly1305-00.txt

Dave Garrett <> Sat, 13 June 2015 03:57 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 998E31B2DFA for <>; Fri, 12 Jun 2015 20:57:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MfBDwUhcfJPD for <>; Fri, 12 Jun 2015 20:57:08 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1B6FB1B2DFF for <>; Fri, 12 Jun 2015 20:55:49 -0700 (PDT)
Received: by qkhg32 with SMTP id g32so26113974qkh.0 for <>; Fri, 12 Jun 2015 20:55:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=t1QIGyN3S3DiKE00NXqvYw4fHrrQTKvlvl6seABF1qw=; b=grZctce/1gUoNBzRit44RHXaTYSV8vnzJfxldn0z+wcL4TCTjMJNqkJX35a+eat681 X1Not8SuNadrIV3rGhOhlNpwRY8Z50rJl/dD+8vIPOa3qPsPm4XAWRSLQkOq5A0W5VNP w2sVjQTYD5T5tTiOi9pgUsyGoWQ/V7fwG7fhT6IzsHB1fttDlfoSq4KYNaS0ZlTZhEsC WhYg7nxw23PSZr52HjHK30dvTDGYP+ISJHADa531jYByeeRPHOw47AFo8GjfEBMR8S5B /54J8TsUecdWhOeVc18yYAZjknvO12c5u3EzVyi2TTB2U/NHjAk5yfG0x3K+LEZKh+Ka dXTg==
X-Received: by with SMTP id 6mr37213257qkz.13.1434167748462; Fri, 12 Jun 2015 20:55:48 -0700 (PDT)
Received: from dave-laptop.localnet ( []) by with ESMTPSA id i197sm2611628qhc.36.2015. (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 12 Jun 2015 20:55:47 -0700 (PDT)
From: Dave Garrett <>
To: Nikos Mavrogiannopoulos <>
Date: Fri, 12 Jun 2015 23:55:45 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <>
In-Reply-To: <>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <>
Archived-At: <>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-chacha20-poly1305-00.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 13 Jun 2015 03:57:09 -0000

After discussion earlier involving ECDHE_anon cipher suites, it occurred to me that it could be useful to define one for ChaChaPoly in this draft.

Is it viable to add a cipher suite name and codepoint for this? It didn't get brought up in the previous discussion on this list about which suites were desired here.


(preferably "ECDHE" instead of "ECDH" for consistency with newer suites, rather than the old anon suites)

At the moment, there are no AEAD ECDHE anon cipher suites currently standardized. The only AEAD DHE anon cipher suites are the two AES-GCM suites defined in RFC5288. TLS 1.3 requires AEAD, so this means it has very few anon choices, and no ECDHE anon yet.