Re: [TLS] SHA-3 in SignatureScheme

"Salz, Rich" <rsalz@akamai.com> Fri, 02 September 2016 19:25 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B10B12B05E for <tls@ietfa.amsl.com>; Fri, 2 Sep 2016 12:25:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.249
X-Spam-Level:
X-Spam-Status: No, score=-3.249 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZAdoa152oMNt for <tls@ietfa.amsl.com>; Fri, 2 Sep 2016 12:25:53 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [23.79.238.175]) by ietfa.amsl.com (Postfix) with ESMTP id C5A9512B00C for <tls@ietf.org>; Fri, 2 Sep 2016 12:25:53 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 75F8E433492; Fri, 2 Sep 2016 19:25:53 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 5FD14433406; Fri, 2 Sep 2016 19:25:53 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1472844353; bh=HSzOgjt9TlBlTuHKcusFEWLzGPGp2nrSYEGq6go963A=; l=1266; h=From:To:CC:Date:References:In-Reply-To:From; b=sLfP36isoglKOMJrUiE1nSV/KJj5ulAvIRk4sxRKP+glDtr+TWyg7gHtf4pHdlWOO wSpv0NWYco6wBNAjj6oldKmklO6iAyekS5wc1rJ4ttOPanZ8WZvrpEpFHwim26IWhY 5J29Oo7FxaaqMT5qAaYjJaY49YSUIXVEDFFle7X8=
Received: from email.msg.corp.akamai.com (usma1ex-casadmn.msg.corp.akamai.com [172.27.123.33]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id 5CC4F1FC8E; Fri, 2 Sep 2016 19:25:53 +0000 (GMT)
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb2.msg.corp.akamai.com (172.27.123.102) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Fri, 2 Sep 2016 15:25:52 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1178.000; Fri, 2 Sep 2016 15:25:52 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Hubert Kario <hkario@redhat.com>, Yoav Nir <ynir.ietf@gmail.com>
Thread-Topic: [TLS] SHA-3 in SignatureScheme
Thread-Index: AQHSBHe0qyZ2E1iNQ0aEvtd/hM6Zb6BlKtOAgAAJZICAAAPaAIAAUWoAgAC0oICAAAl4AIAADc8AgABBQACAABuegIAAAK6AgAAF4gCAABO5gIAAC9wA//+9b5A=
Date: Fri, 02 Sep 2016 19:25:52 +0000
Message-ID: <9bf7c0632f3749fa86f9cfd36fe9a6b0@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <7755682.Cma8FBTrvx@pintsize.usersys.redhat.com> <4536302.2GJhFoeUiN@pintsize.usersys.redhat.com> <BC6013EC-26EF-4EF7-AE5C-37D70D9CFF50@gmail.com> <1489216.MHQYH3hEiU@pintsize.usersys.redhat.com>
In-Reply-To: <1489216.MHQYH3hEiU@pintsize.usersys.redhat.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.42.187]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/POxeaKrQj6vW93Cskz8uoC2TlW4>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] SHA-3 in SignatureScheme
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Sep 2016 19:25:55 -0000

> But then we have:
> * AES and ChaCha (two modes for the former one even)
> * RSA and ECDSA
> * NIST curves and Bernstein curves
> * ECDHE key exchange an DHE key exchange

This is a good point to bring up, but I think it can be resolved easily.  AES/ChaCha -- if only mobile you'll do chacha else you have hardware assist and will do AES.  RSA and ECDSA -- you'll only do one, depending on which cert you bought from your CA, and who even has commercial ECDSA certs yet?  NIST v Bernstein might be harder, but the performance of X25519 will win out.  ECDHE vs DHE?  Who would ever bother to do DHE these days?

Now, how can you give clear guidance on when to pick SHA2 over SHA3?   It's different from the others because it is truly a multiplicative choice; all of the others have clear guidance on when to pick which.

--  
Senior Architect, Akamai Technologies
IM: richsalz@jabber.at Twitter: RichSalz