[TLS] Summary of MTI discussion

Joseph Salowey <joe@salowey.net> Tue, 19 May 2015 20:56 UTC

Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B45FC1AD0B4 for <tls@ietfa.amsl.com>; Tue, 19 May 2015 13:56:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AR0U0B1OtaYq for <tls@ietfa.amsl.com>; Tue, 19 May 2015 13:56:22 -0700 (PDT)
Received: from mail-qk0-f171.google.com (mail-qk0-f171.google.com [209.85.220.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 151171A90BF for <tls@ietf.org>; Tue, 19 May 2015 13:56:22 -0700 (PDT)
Received: by qkgx75 with SMTP id x75so18925200qkg.1 for <tls@ietf.org>; Tue, 19 May 2015 13:56:21 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=aVzT2gcXndkK4EbGBhdosHqVVJl/nz49Yjxu/Hcfh+o=; b=GuPqztLa77vzPe8TYySaloth5KF4oXFukbA102wY4fFQN9ubLKuu8N084KkXyUmUFR pqPA/SL4CvyrrrHT6H41sOJqayxRZr8UE9UrjjbLpL6VDdTJBe45KzIqoBXQTEF4qsMS LipfMQcr2j+QwzLkX0+6hohms9+YgeMa4iIv6FIYnOQYldS5wbEF6ZVU5WBSopys0DW0 lnT9hZIeM9CoNwMAHpx3imftjnkGxt764IBhy0OIgCq9H9OwMqauwzE0FJfiwir5nZYB K8htUZI8X5fgZ2fnn0ew3puQHrHRnBQgrX4TZwoEuG1RaiS0wL7bkQUQdjZ6HJBWS6j7 yzIw==
X-Gm-Message-State: ALoCoQkmxU/km8+ts6wh5bG95u9leRhdesJ68Zj+Fliva3clyDyy4PNwFHif2I+Na2rBeq46wDeU
MIME-Version: 1.0
X-Received: by 10.55.27.78 with SMTP id b75mr43201209qkb.7.1432068981305; Tue, 19 May 2015 13:56:21 -0700 (PDT)
Received: by 10.96.161.169 with HTTP; Tue, 19 May 2015 13:56:21 -0700 (PDT)
Date: Tue, 19 May 2015 13:56:21 -0700
Message-ID: <CAOgPGoCr0_+MNLSv4jsNjY_SciDta0pTp=keRuehy2g5Uw5FcA@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary=001a1147e48cecc7790516758a9b
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/VnQZ0FGmAkzqE2x5hH-gO4nry9E>
Subject: [TLS] Summary of MTI discussion
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 May 2015 20:56:23 -0000

Below is a summary of the current state of the MTI discussions.   I expect
the details will evolve over time, but some of the main actions are a call
for adoption for the ChaCha20 and Curve25519 drafts and removal of non
elliptic curve DSA from TLS 1.3.  The call for adoptions will come in
separate messages.

Thanks,

J&S

o Symmetric:
        AES-GCM 128 - Consensus  to Support MUST
        ChaCha20-Poly1305 - Consensus seems to be somewhere between a
SHOULD and a MUST
        AES-GCM-256 -  rough consensus for SHOULD to match UTA draft


o Hash:
        SHA-256 - Consensus for MUST
        SHA-384 - rough consensus for SHOULD to match UTA draft


o Key Agreement: ECDH
        P-256 - Consensus for MUST
        25519 - Consensus seems to be somewhere between a SHOULD and a MUST

o Signature:
        DSA - consensus to remove
        RSA - consensus for a MUST but need more detail on hash and
signature algorithms  Perhaps RSA-PSS with SHA-256 and SHA-384
        ECDSA P-256 - seems as if there is a consensus for a MUST, need
more detail on hash and signature algorithms - ECDSA with SHA-256 and
SHA-384
        Other signature algorithms are TBD

Cheers,

Joe