[TLS] please review (was: Re: FFDHE and SHOULDs on usage)

Sean Turner <turners@ieca.com> Thu, 16 April 2015 15:03 UTC

Return-Path: <turners@ieca.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 6D7441A1A50 for <tls@ietfa.amsl.com>; Thu, 16 Apr 2015 08:03:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id h5_7xnqNZlWX for <tls@ietfa.amsl.com>; Thu, 16 Apr 2015 08:03:28 -0700 (PDT)
Received: from gateway34.websitewelcome.com (gateway34.websitewelcome.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED7101A00E0 for <tls@ietf.org>; Thu, 16 Apr 2015 08:03:08 -0700 (PDT)
Received: by gateway34.websitewelcome.com (Postfix, from userid 500) id EFB31726CC16; Thu, 16 Apr 2015 09:59:05 -0500 (CDT)
Received: from gator3286.hostgator.com (gator3286.hostgator.com []) by gateway34.websitewelcome.com (Postfix) with ESMTP id DFCD6726CBDF for <tls@ietf.org>; Thu, 16 Apr 2015 09:59:05 -0500 (CDT)
Received: from [] (port=60667 helo=[]) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <turners@ieca.com>) id 1YilFw-0002bs-AL for tls@ietf.org; Thu, 16 Apr 2015 09:59:04 -0500
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <turners@ieca.com>
In-Reply-To: <CABkgnnXJWv_-NQBJD_hT5p8V7gpBeQTOatirShSpi8wQ5=HB4A@mail.gmail.com>
Date: Thu, 16 Apr 2015 10:59:03 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <39536882-3644-497B-94ED-520A8DEFAD0B@ieca.com>
References: <CABkgnnVxLJhpm+vjUsaQTBGOQ7n=MDBiR3Pk+f7J0m_0rRGT+A@mail.gmail.com> <874mohqmk2.fsf@alice.fifthhorseman.net> <CABkgnnXJWv_-NQBJD_hT5p8V7gpBeQTOatirShSpi8wQ5=HB4A@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Exim-ID: 1YilFw-0002bs-AL
X-Source-Sender: ([]) []:60667
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 7
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Vr06o9B9fnIR-kHiOnRa8wUzX38>
Subject: [TLS] please review (was: Re: FFDHE and SHOULDs on usage)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2015 15:03:29 -0000

Top posting here to make sure folks not that Martin’s de-2119ing some of the text, but to me at least it looks like it expresses the same requirements.  Please let us know whether you disagree with this change by the 2015-04-25.


On Apr 15, 2015, at 15:05, Martin Thomson <martin.thomson@gmail.com> wrote:

> On 15 April 2015 at 11:22, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
>> -      <t>A client that offers any of these values in the elliptic_curves
>> -      extension SHOULD ALSO include at least one FFDHE ciphersuite in
>> -      the Client Hello.</t>
>> +      <t>A client that offers a "Supported Groups" extension
>> +      containing an FFDHE group should also include at least one FFDHE
>> +      ciphersuite in the Client Hello.</t>
> I apologize for not completing the
> It's been a while, so I went back and re-read this little bit,
> prompted largely by your choice to move to a lowercase should:
>   The compatible client that wants to be able to negotiate strong FFDHE
>   SHOULD send a "Supported Groups" extension (identified by type
>   elliptic_curves(10) in [RFC4492]) in the ClientHello, and include a
>   list of known FFDHE groups in the extension data, ordered from most
>   preferred to least preferred.  If the client also supports and wants
>   to offer ECDHE key exchange, it MUST use a single "Supported Groups"
>   extension to include all supported groups (both ECDHE and FFDHE
>   groups).  The ordering SHOULD be based on client preference, but see
>   Section 6.1 for more nuance.
>   A client that offers any of these values in the elliptic_curves
>   extension SHOULD ALSO include at least one FFDHE ciphersuite in the
>   Client Hello.
> This is a little over-2119-y for me.  How about:
> """
> A client that wants to negotiatiate strong FFDHE sends a ClientHello
> containing a cipher suite that uses DHE key exchange and a "Supported
> Groups" extension (identified by ...).  The "Supported Groups"
> extension contains the FFDHE groups the client will accept.  If the
> client also intends to accept ECDHE key exchange, the same "Supported
> Groups" extension is used for both FFDHE and ECDHE groups.
> Groups are ordered based on client preference, noting the additional
> ordering considerations in Section 6.1.
> """
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls