Re: [TLS] Why are the brainpool curves not allowed in TLS 1.3?
"Bruckert, Leonie" <Leonie.Bruckert@secunet.com> Wed, 18 July 2018 16:54 UTC
Return-Path: <Leonie.Bruckert@secunet.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED9141311EE for <tls@ietfa.amsl.com>; Wed, 18 Jul 2018 09:54:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wZ5c3MdeB3Vw for <tls@ietfa.amsl.com>; Wed, 18 Jul 2018 09:54:55 -0700 (PDT)
Received: from a.mx.secunet.com (a.mx.secunet.com [62.96.220.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D35012DD85 for <tls@ietf.org>; Wed, 18 Jul 2018 09:54:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 882A8201CD for <tls@ietf.org>; Wed, 18 Jul 2018 20:54:38 +0200 (CEST)
X-Virus-Scanned: by secunet
Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZENCNaQfbVHj for <tls@ietf.org>; Wed, 18 Jul 2018 20:54:38 +0200 (CEST)
Received: from mail-essen-02.secunet.de (mail-essen-02.secunet.de [10.53.40.205]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a.mx.secunet.com (Postfix) with ESMTPS id 01108201CA for <tls@ietf.org>; Wed, 18 Jul 2018 20:54:38 +0200 (CEST)
Received: from MAIL-ESSEN-01.secunet.de ([fe80::1c79:38b7:821e:46b4]) by mail-essen-02.secunet.de ([fe80::4431:e661:14d0:41ce%16]) with mapi id 14.03.0399.000; Wed, 18 Jul 2018 18:54:53 +0200
From: "Bruckert, Leonie" <Leonie.Bruckert@secunet.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Why are the brainpool curves not allowed in TLS 1.3?
Thread-Index: AdQdyutxd5brAeCrTvCBnUE+fi65pP//9F8AgAAROgCAAAEvAIABKxEAgAAnlQD//4HO0A==
Date: Wed, 18 Jul 2018 16:54:52 +0000
Message-ID: <DE8E4C1F24911E469CC24DD4819274AA27734B81@mail-essen-01.secunet.de>
References: <DE8E4C1F24911E469CC24DD4819274AA2770426C@mail-essen-01.secunet.de> <CABcZeBNjsU+FLdF7nnfhaqLWDNU5HHcX-W_261wmAfWqmMqm+w@mail.gmail.com> <1531903926363.56642@cs.auckland.ac.nz> <2386527.GkuWJfRkxc@pintsize.usersys.redhat.com>
In-Reply-To: <2386527.GkuWJfRkxc@pintsize.usersys.redhat.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-g-data-mailsecurity-for-exchange-state: 0
x-g-data-mailsecurity-for-exchange-error: 0
x-g-data-mailsecurity-for-exchange-sender: 23
x-g-data-mailsecurity-for-exchange-server: cbe3d3f7-b9e3-4256-b890-f24c4306a01c
x-exclaimer-md-config: 2c86f778-e09b-4440-8b15-867914633a10
x-g-data-mailsecurity-for-exchange-guid: 3E61EF0E-85F7-4B65-9506-39C206416EC3
Content-Type: multipart/alternative; boundary="_000_DE8E4C1F24911E469CC24DD4819274AA27734B81mailessen01secu_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Yp3vsxSfr0oGIMmJUCqkEYiXjDs>
Subject: Re: [TLS] Why are the brainpool curves not allowed in TLS 1.3?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jul 2018 16:54:59 -0000
As I understand from the text, the Brainpool curves itself are not prohibited, but the code points assigned to them. So, if people still want to use the Brainpool curves in conformance with the standard, I would conclude that they can request new code points. This would result in an IANA registry with duplicated entries for brainpool curves: the old, now prohibited code points and the new assigned ones. Is this correct? Leonie
- [TLS] Why are the brainpool curves not allowed in… Bruckert, Leonie
- Re: [TLS] Why are the brainpool curves not allowe… Ilari Liusvaara
- Re: [TLS] Why are the brainpool curves not allowe… Hanno Böck
- Re: [TLS] Why are the brainpool curves not allowe… Dan Brown
- Re: [TLS] Why are the brainpool curves not allowe… Eric Rescorla
- Re: [TLS] Why are the brainpool curves not allowe… Johannes Merkle
- Re: [TLS] Why are the brainpool curves not allowe… Tony Arcieri
- Re: [TLS] Why are the brainpool curves not allowe… Eric Rescorla
- Re: [TLS] Why are the brainpool curves not allowe… Johannes Merkle
- Re: [TLS] Why are the brainpool curves not allowe… Johannes Merkle
- Re: [TLS] Why are the brainpool curves not allowe… Eric Rescorla
- Re: [TLS] Why are the brainpool curves not allowe… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Why are the brainpool curves not allowe… Salz, Rich
- Re: [TLS] Why are the brainpool curves not allowe… Peter Gutmann
- Re: [TLS] Why are the brainpool curves not allowe… Hubert Kario
- Re: [TLS] Why are the brainpool curves not allowe… Bruckert, Leonie
- Re: [TLS] Why are the brainpool curves not allowe… Salz, Rich
- Re: [TLS] Why are the brainpool curves not allowe… Salz, Rich
- Re: [TLS] Why are the brainpool curves not allowe… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Why are the brainpool curves not allowe… Salz, Rich
- Re: [TLS] Why are the brainpool curves not allowe… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Why are the brainpool curves not allowe… Johannes Merkle
- Re: [TLS] Why are the brainpool curves not allowe… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Why are the brainpool curves not allowe… Salz, Rich
- Re: [TLS] Why are the brainpool curves not allowe… Dan Brown
- Re: [TLS] Why are the brainpool curves not allowe… Blumenthal, Uri - 0553 - MITLL