IETF Logo Mail Archive

Re: [TLS] Negotiated Discrete Log DHE revision [was: Re: Confirming Consensus on removing RSA key Transport from TLS 1.3]

Michael D'Errico <mike-list@pobox.com> Tue, 08 April 2014 16:53 UTC

Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 276621A041E for <tls@ietfa.amsl.com>; Tue, 8 Apr 2014 09:53:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.427
X-Spam-Level:
X-Spam-Status: No, score=0.427 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gH7MRQhgHeeD for <tls@ietfa.amsl.com>; Tue, 8 Apr 2014 09:53:26 -0700 (PDT)
Received: from sasl.smtp.pobox.com (a-pb-sasl-quonix.pobox.com [208.72.237.25]) by ietfa.amsl.com (Postfix) with ESMTP id 3EC7F1A045F for <tls@ietf.org>; Tue, 8 Apr 2014 09:53:26 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id A1CF7100AD; Tue, 8 Apr 2014 12:53:25 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=uamkWBwqf506 csooq7WkEkl9vcI=; b=loCtC0yDcsBj/JSojsVZLc6dLiEhHIDknR95CAKYDo1P WZTdDfz+U2Psi0Mwe3fb3kURkSxxdtcc7lux0hyuvQVGUYLLyjCagfpbgXSGXJMa UvHGJxnBcAn5qBbs361jCCqrup4w+5s2Ebl+zEBrXg9B8UW5pJgnCaAFBqxFxcA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=TSVAGH kSPyGV+lBcF5mnSo+gD/wzVexQR2kbqlw5Z592tu+maGrWtm7DSqVw16uVJ26nfH J9m9MXa+WWjuwoSAHw8uAvrpfMBQZVRf+CLREeWJKd5xLheqWfe23iBzGydAD7+e b/GS+k3blKZdD7ml6eWdrFavBZtWSIiFiUKzI=
Received: from a-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 9AFC8100AC; Tue, 8 Apr 2014 12:53:25 -0400 (EDT)
Received: from iMac.local (unknown [24.234.153.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPSA id 7C5E6100AB; Tue, 8 Apr 2014 12:53:24 -0400 (EDT)
Message-ID: <53442983.1030703@pobox.com>
Date: Tue, 08 Apr 2014 09:53:23 -0700
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <AD51D38F-2CFE-4277-854D-C0E56292A336@cisco.com> <20140326211219.27D281AC7D@ld9781.wdf.sap.corp> <20140327095527.5335c7fa@hboeck.de> <533622F3.2090406@fifthhorseman.net> <87eh18xtrl.fsf@alice.fifthhorseman.net>
In-Reply-To: <87eh18xtrl.fsf@alice.fifthhorseman.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Pobox-Relay-ID: 4CB36814-BF3E-11E3-9B61-873F0E5B5709-38729857!a-pb-sasl-quonix.pobox.com
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/YKb4M9eLQMa2TP3s4CYAAHidRcs
Cc: tls@ietf.org
Subject: Re: [TLS] Negotiated Discrete Log DHE revision [was: Re: Confirming Consensus on removing RSA key Transport from TLS 1.3]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Apr 2014 16:53:31 -0000

There is already a list of DH groups managed by the IANA for IKE that was
established by RFC 2409 and includes the MODP groups from RFC 3526 plus
others.  Why not just use this existing registry and add your new e-based
groups to it?

Mike



Daniel Kahn Gillmor wrote:
> On Fri 2014-03-28 21:33:39 -0400, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
>> I've submitted an initial stab at a proposal for negotiated discrete log
>> diffie-hellman ciphersuites:
>>
>>  http://tools.ietf.org/html/draft-gillmor-tls-negotiated-dl-dhe-00
> 
> Thanks to feedback from Watson Ladd and Samuel Neves over on the CFRG,
> i've updated the named groups in the above draft.
> 
> I've also done another pass over the text:
> 
>   https://tools.ietf.org/html/draft-gillmor-tls-negotiated-dl-dhe-01
> 
> Comments, questions and critiques welcome.
> 
>     --dkg

v2.23.0 | Report a Bug | By Email