Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 21 September 2013 22:21 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42D7721F9B12 for <tls@ietfa.amsl.com>; Sat, 21 Sep 2013 15:21:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.52
X-Spam-Level:
X-Spam-Status: No, score=-102.52 tagged_above=-999 required=5 tests=[AWL=0.079, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FQ9Nz6L0owjX for <tls@ietfa.amsl.com>; Sat, 21 Sep 2013 15:21:26 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 0246321F9A45 for <tls@ietf.org>; Sat, 21 Sep 2013 15:21:23 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 3CE02BE6F; Sat, 21 Sep 2013 23:21:21 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ExPr2cokKsW8; Sat, 21 Sep 2013 23:21:20 +0100 (IST)
Received: from [10.87.48.3] (unknown [86.42.23.253]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 31FEDBE62; Sat, 21 Sep 2013 23:21:20 +0100 (IST)
Message-ID: <523E1BDA.7060503@cs.tcd.ie>
Date: Sat, 21 Sep 2013 23:21:14 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Yaron Sheffer <yaronf.ietf@gmail.com>
References: <9A043F3CF02CD34C8E74AC1594475C735567407D@uxcn10-6.UoA.auckland.ac.nz> <A3161699-0975-403C-B9C1-8BE548062949@mac.com> <523DA10F.7010308@stroeder.com> <523E1308.2010501@gmail.com>
In-Reply-To: <523E1308.2010501@gmail.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Sep 2013 22:21:32 -0000

Hi Yaron,

Thanks again for the draft. Without any hats, I think the
WG should adopt it too. (With a hat, if they don't, then I'd
AD sponsor it, and so I bet would Sean, but doing this makes
so much sense I bet the WG do adopt it:-)

I'd suggest merging 4.1 and 4.4, since setting out the set
of ciphersuites and the issues faced is really the meat of
the whole thing.

However, regardless of hows its organised, I'd have no
problem if the meat of the recommendation was
"use 1) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 or
2) TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" plus some guidance
as to good lengths for everything that can vary.

On the DHE length, I think a bit more information would be
useful if we can get it - exactly which clients or servers
have problems if DH values longer than 1024 are used? (Sorry
if I missed that earlier.)

But I'm firmly in the camp that thinks that 1024 DHE used
now is worthwhile and better than no PFS.

S.