Re: [TLS] PR#345: IANA Considerations
Eric Rescorla <ekr@rtfm.com> Thu, 26 November 2015 23:18 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61D371B2CEF for <tls@ietfa.amsl.com>; Thu, 26 Nov 2015 15:18:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J8WfhTp116Rq for <tls@ietfa.amsl.com>; Thu, 26 Nov 2015 15:18:44 -0800 (PST)
Received: from mail-yk0-x22f.google.com (mail-yk0-x22f.google.com [IPv6:2607:f8b0:4002:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD8D91B2CEC for <tls@ietf.org>; Thu, 26 Nov 2015 15:18:43 -0800 (PST)
Received: by ykba77 with SMTP id a77so102146283ykb.2 for <tls@ietf.org>; Thu, 26 Nov 2015 15:18:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=NLugSFUGK1+pbZc4qG68ehT6AmPhpiK21kcMtqgNVfY=; b=OS32vTDwYDFm/QSCij7NS/s0O6pAyLdFYj8O1w9HJdD9yvSfAahhmkplNCfbJF5Pjm TOgOxYmTAQPbIdRtYUn3hMVrQtVjRa+0HLA3ppTTuhuMznfsSKgAqelMvMtOp1h8ff7K oBs547HFZtrvvhnnrteSDRnqp776KN4do5wwnDqrw+0EBDGxfXm5n/OSd7tm3E7S0dj/ 5EgOTUZG5YpghcoZTORG4kHwPG81f9uzgSd4LdZX0K1UKQvqocYp6zcqCG5bvB5JuNei ArO2tc/CoISnvD2Q1tqvC0vW+3ZT9okFjfwfPt/7/YfP02XzTfVTrpK8hYpKlsX7LYfW dtGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=NLugSFUGK1+pbZc4qG68ehT6AmPhpiK21kcMtqgNVfY=; b=HN3hXvUQk9Mrkqe8Cu33BAtxibeeWGNtvyB8WX89ljtYoZBz6ZGCudAUZPQgcBSvQg KqwqNvxFr8x3FDA5yJDvf3gyHH/oP+KBTUvSmwEnawbUx8BKeFdofg03u+mpB7xqt3L7 h873FWGenFwEWHQg9wRzuk7tSbaYyjIKtZOu/cbOf/qMWeQV/mwd3/h/2en3PiiXzbSb zYhzHHHTGUZJonjC2Va8kGjL4esnHYRp/+7ZFP+8pqTSA+2y8sd8OkIqYu03H6lPEfie vBdhRRYhNaPjDkXAugdGXkczuMuajDD2Cbtasy/1Ett5naBeJ2mm64Ql7Xa7fXmwdPvX xa0A==
X-Gm-Message-State: ALoCoQkhdz7fRSCLKdv44VIRu44oG7t8g1HfQIAWznUJDrJj7QCReIXuRUFGDuFbKb2c0EA4KmV1
X-Received: by 10.13.236.10 with SMTP id v10mr44362934ywe.231.1448579923059; Thu, 26 Nov 2015 15:18:43 -0800 (PST)
MIME-Version: 1.0
Received: by 10.13.249.197 with HTTP; Thu, 26 Nov 2015 15:18:03 -0800 (PST)
In-Reply-To: <CAOgPGoD3fT-7aGP08kqifFavA6-xtfJT+4-S=7HD62fwE6_HKA@mail.gmail.com>
References: <CABcZeBMN3mL3KYjMEjBqeZ+33it5Oi4BvO8zdz-2aXcs479bTQ@mail.gmail.com> <20151119150312.E8CDA1A383@ld9781.wdf.sap.corp> <CABcZeBMyfhWHAsyfM4xO9HMWnz3WWPjrnD9+ay3PDfvh6KAPRw@mail.gmail.com> <CAOgPGoD3fT-7aGP08kqifFavA6-xtfJT+4-S=7HD62fwE6_HKA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 26 Nov 2015 15:18:03 -0800
Message-ID: <CABcZeBNP1uXin+AYUdtFBAx6nqh69UBbnzeXqFwioky=0gwpZQ@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
Content-Type: multipart/alternative; boundary="94eb2c0889dcbe5800052579cbf7"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/X8mUgjRwStcgxeY56J3ddjuXPCc>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] PR#345: IANA Considerations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Nov 2015 23:18:45 -0000
Joe, Can you clarify whether you believe consensus is to make the "Recommended" list the list in the current PR or the MTI list. I can edit the document either way. -Ekr On Wed, Nov 25, 2015 at 11:05 AM, Joseph Salowey <joe@salowey.net> wrote: > It looks like we have rough consensus to accept this PR. We can still have > discussion on the naming of the categories. We will also have to define > the IANA registration policy for changing the "recommended" bit. I'll > open an issue for this, I think changing the bit to recommended should > require IETF consensus. > > Cheers, > > Joe > > On Thu, Nov 19, 2015 at 7:10 AM, Eric Rescorla <ekr@rtfm.com> wrote: > >> >> >> On Thu, Nov 19, 2015 at 7:03 AM, Martin Rex <mrex@sap.com> wrote: >> >>> Eric Rescorla wrote: >>> > >>> > There are presently four categories of cipher suites vis-a-vis TLS 1.3. >>> > >>> > 1. MUST or SHOULD cipher suites. >>> > 2. Standards track cipher suites (or ones we are making ST, like >>> > the ECC ones). >>> > 3. Non standards track cipher suites >>> > 4. Cipher suites you can't use at all with TLS 1.3, like AES-CBC. >>> > >>> > I think we're all agreed that category #1 should be marked recommended >>> > and that #3 and #4 should not be. This leaves us with category #2, >>> which >>> > includes stuff like: >>> > >>> > - FFDHE >>> > - CCM >>> > >>> > My proposal is that we: >>> > >>> > - List all the Standards Track cipher suites that are compatible with >>> TLS >>> > 1.3 in Appendix A. >>> > - Mark all the cipher suites that are listed in Appendix A as >>> "Recommended" >>> >>> >>> I'm slightly confused. >>> >>> rfc5288 is standards track and describes AES-GCM with static RSA keyex. >>> >> >> This isn't compatible with TLS 1.3 because TLS 1.3 removes static RSA. >> >> >> rfc5289 is only informational (i.e. _not_ standards track) and describes >>> AES-GCM with ECDHE keyex. >> >> >> We are re-labelling the AES-GCM ECDHE suites as standards track either in >> this document or in RFC4492bis. >> >> -Ekr >> >> >>> >>> >>> >>> -Martin >>> >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> >> >
- [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Joe Salowey
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Benjamin Kaduk
- Re: [TLS] PR#345: IANA Considerations Russ Housley
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Viktor Dukhovni
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Ilari Liusvaara
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Viktor Dukhovni
- Re: [TLS] PR#345: IANA Considerations Salz, Rich
- Re: [TLS] PR#345: IANA Considerations Dave Garrett
- Re: [TLS] PR#345: IANA Considerations Hubert Kario
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Martin Rex
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Joseph Salowey
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Joseph Salowey