Re: [TLS] bikeshed: Forward Security or Secrecy?

William Whyte <wwhyte@securityinnovation.com> Tue, 01 December 2015 12:17 UTC

Return-Path: <wwhyte@securityinnovation.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFCEE1B2B69 for <tls@ietfa.amsl.com>; Tue, 1 Dec 2015 04:17:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OS_1vUq_Etre for <tls@ietfa.amsl.com>; Tue, 1 Dec 2015 04:17:40 -0800 (PST)
Received: from mail-vk0-x22d.google.com (mail-vk0-x22d.google.com [IPv6:2607:f8b0:400c:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D3E61B2B18 for <tls@ietf.org>; Tue, 1 Dec 2015 04:17:40 -0800 (PST)
Received: by vkbs1 with SMTP id s1so2416967vkb.1 for <tls@ietf.org>; Tue, 01 Dec 2015 04:17:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=securityinnovation.com; s=google; h=from:references:in-reply-to:mime-version:thread-index:date :message-id:subject:to:cc:content-type; bh=RSiJOAimdest1vqbCsZlZG/++hmEOt5Y8LWLzq61w0I=; b=frXmWnjB/8dI9D+Ihj/0xmVk0IZOaAYL97BEwfHsLd2GKWf0pdI0Y/+Cm7VROtXfUk fNHRMbz6t9GRkA3wTAAM051PAvQvvfc/lLLXSUXv0rnbB09SKwGcKd7mmzITWC//tTET adHp0r0yH1zVEksdprqqh+tIMfT+s0wSGT/Ks=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:references:in-reply-to:mime-version :thread-index:date:message-id:subject:to:cc:content-type; bh=RSiJOAimdest1vqbCsZlZG/++hmEOt5Y8LWLzq61w0I=; b=Cu2249miklyWvhyFLDsLuIUOGvabdX1wujdUmPka0WWePZEOVyv8snWkxzqN6g/cQh QCjVX6xE1VWrmb4+Yjsbm3M8HEDO3E1VF5EGv0P4hShONML75JXPnYn79SxnJv/uSLIc x+apFbCLK0mH3y8cRawjF/XhIGC3DyUv45pyeHe6rc6w1msczGtyHOFwNsf89Umi0zfi 9725sWBrV+UkGmqh/LQY0TqFXcxilu+hdRvZtpCvJopA0JxMoUHnGWHgmZG0bW8V6/a4 kqn6jN7X+WUV/g29VbJSFDDXokfQmrDhM74qahydI0p0kHbmN9t9LNydizzD/tcpNN91 6cfA==
X-Gm-Message-State: ALoCoQlE7Ge8BUaPLO9D5Sg0GG1nO8cL5vZ3r8Omf9m1VF4FNculGwCASpNJgJrzkRItG0ZMhw/s
X-Received: by 10.31.8.8 with SMTP id 8mr54032037vki.106.1448972259293; Tue, 01 Dec 2015 04:17:39 -0800 (PST)
From: William Whyte <wwhyte@securityinnovation.com>
References: <201511301627.27616.davemgarrett@gmail.com> <CADi0yUPa6DzOx6rKHFEzE132gBBy+wY+E2QaR-x7jzao6cx6bw@mail.gmail.com> <CAHOTMV+z4WvgOmVqRFkqtKOtXKm21wYnkS6JO1wXVxhzc2VckQ@mail.gmail.com>
In-Reply-To: <CAHOTMV+z4WvgOmVqRFkqtKOtXKm21wYnkS6JO1wXVxhzc2VckQ@mail.gmail.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQICwOAW+N1Vhz9XpHHvMpg7SRjaKQH9ulKSAaXd/32eNcXEAA==
Date: Tue, 01 Dec 2015 07:17:40 -0500
Message-ID: <b91a85c82e651407aecc057e7d986b95@mail.gmail.com>
To: Tony Arcieri <bascule@gmail.com>, Hugo Krawczyk <hugo@ee.technion.ac.il>
Content-Type: multipart/alternative; boundary="001a11454c64ce12e70525d52419"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/ZT2UvEp59t-mPspB5EgeJtPECPc>
Cc: tls@ietf.org
Subject: Re: [TLS] bikeshed: Forward Security or Secrecy?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2015 12:17:41 -0000

If we want to change to “key erasure” we should synch with CFRG and SAAG to
ensure it’s used IETF-wide. I don’t think that “forward secrecy” is so
broken that it needs fixing.



Cheers,



William



*From:* TLS [mailto:tls-bounces@ietf.org] *On Behalf Of *Tony Arcieri
*Sent:* Monday, November 30, 2015 11:20 PM
*To:* Hugo Krawczyk
*Cc:* tls@ietf.org
*Subject:* Re: [TLS] bikeshed: Forward Security or Secrecy?



On Mon, Nov 30, 2015 at 8:09 PM, Hugo Krawczyk <hugo@ee.technion.ac.il>
wrote:

The more common term is "forward secrecy"



I'd second this. I'm also a fan of Dan Bernstein's recommended term: "key
erasure"



-- 

Tony Arcieri