Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 19 September 2013 09:59 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 335CB21F850D for <tls@ietfa.amsl.com>; Thu, 19 Sep 2013 02:59:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.449
X-Spam-Level:
X-Spam-Status: No, score=-102.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wFLvxBhVgoY1 for <tls@ietfa.amsl.com>; Thu, 19 Sep 2013 02:59:11 -0700 (PDT)
Received: from mail-we0-x22d.google.com (mail-we0-x22d.google.com [IPv6:2a00:1450:400c:c03::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 7E11621F84F9 for <tls@ietf.org>; Thu, 19 Sep 2013 02:59:11 -0700 (PDT)
Received: by mail-we0-f173.google.com with SMTP id w62so7766493wes.32 for <tls@ietf.org>; Thu, 19 Sep 2013 02:59:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=51HhTY9gewNJ0R5qB1AFikXglm9dKgMhd7wHyCUUUF0=; b=RCf4YdID5/MLeV9aD6YuNHvI+/QqvEtyxboocf9w4g0+gJcpHQkjqwqi6nSpAkr9g6 2Iys7Ts3oUC5XvTmEem+je0iLTfbMnm2nTvOE+9DV7wsQuNtzZR0hCg79j7WIqQQWkkd 6MxdEh7jD2SP7GlxRqX0JBy7rk/Oxwn+LLy9nhS8hU+3/C55spD7U70PH3svapC617b5 vt4uFc5PIbGGhVi3DLKqYiCqjS6PdnVqPl0rS2M6+lRsjwCDcVwYLjpdw0bNlSOArbUV MLVB/xQymcc8PipvncCD8JVLlpm/Oou/kKqAxpeAqC+PfkOb39woHLJPES4lT5qqcG6M 5/VQ==
X-Received: by 10.180.210.243 with SMTP id mx19mr10752121wic.35.1379584750665; Thu, 19 Sep 2013 02:59:10 -0700 (PDT)
Received: from [10.0.0.8] ([109.64.175.213]) by mx.google.com with ESMTPSA id l9sm17550920wif.10.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 19 Sep 2013 02:59:10 -0700 (PDT)
Message-ID: <523ACAEC.6070801@gmail.com>
Date: Thu, 19 Sep 2013 12:59:08 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <9A043F3CF02CD34C8E74AC1594475C7355674007@uxcn10-6.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C7355674007@uxcn10-6.UoA.auckland.ac.nz>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2013 09:59:12 -0000

Hi Peter,

I think we've been through all these arguments (on both sides of the 
issue) over the last week, with the exception of "ECC brittleness". Can 
you please clarify what you mean by that?

Thanks,
	Yaron

On 09/19/2013 11:50 AM, Peter Gutmann wrote:
> Yaron Sheffer <yaronf.ietf@gmail.com> writes:
>
>> There are multiple issues with MODP DH in TLS (performance is just one of
>> them). So I'd like to recommend EC DHE instead - which makes this discussion
>> moot.
>
> There are even more issues with ECC, namely their brittleness, paranoia
> (whether justified or not) about NSA meddling, and patent issues.  DH is
> simple in comparison.
>
> Peter.
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>