IETF Logo Mail Archive

Re: [TLS] WGLC for draft-ietf-tls-rfc4492bis

Sean Turner <sean@sn3rd.com> Wed, 23 November 2016 17:55 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E8D312A261 for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 09:55:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AyLKClhNjxlF for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 09:55:51 -0800 (PST)
Received: from mail-qt0-x229.google.com (mail-qt0-x229.google.com [IPv6:2607:f8b0:400d:c0d::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37AFD12A286 for <tls@ietf.org>; Wed, 23 Nov 2016 09:54:49 -0800 (PST)
Received: by mail-qt0-x229.google.com with SMTP id n6so18755707qtd.1 for <tls@ietf.org>; Wed, 23 Nov 2016 09:54:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=KUSn3xvHYPGzdxaH7ntjtgMxy5NlJidigMXoL6c/CU4=; b=IzJshtfC0iL8K8sf1i7OK9cENMOek9fr3MphwDcfuady9fSLS++vp7ILLeow3+75WS zK8ZoFji6M+EvKoe1VAulRucGJ2DcHOTRef8c2Ay9N+oSRsNBrVvmQaKxqtB1cZe4Ixt lHE+ToIFdkDpJpW/U4/Z5B3253PdV0gnCWU8U=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=KUSn3xvHYPGzdxaH7ntjtgMxy5NlJidigMXoL6c/CU4=; b=O3y4iyLMr3HwI7UvVxmKGkvksdpDSMZofgWr77+BOkwePl3ifUY5XxGGBHetC5oPd2 UHLXCncYF2zON2XyHZnN8HAAYZ/bejPPuGveNs/6rfpn+DjDAJF1r8hMCmtLA4bh1I5i d3tuJoh3OqrwIvQiDPjjhMVXxoX7FHSPyBZM0KTc2IiCcNhWISO7psFz4q7gxPeo79PJ /pt2Sy8Z6HXTFvJlL1Ko+3aP8NHTxfl1HmUgvLCzVmxtxrREbtLx+9jjjh1otlVH9ObE jzpTrbwP8mA0ECVEAkKR7mClA4cGNkGpSWPEK4nX0kcifnw2GJzZNoTVY6pZQOMU30l4 uV9w==
X-Gm-Message-State: AKaTC017w9ENXDnKqMk6Xk+uTL2OhpwuFaJt+EqpaCJ0bKZ1c7w4GHTmFU8oy8AIRAfvmA==
X-Received: by 10.200.55.61 with SMTP id o58mr3681806qtb.6.1479923688405; Wed, 23 Nov 2016 09:54:48 -0800 (PST)
Received: from [172.16.0.92] ([96.231.230.70]) by smtp.gmail.com with ESMTPSA id d84sm2806928qkc.33.2016.11.23.09.54.47 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 23 Nov 2016 09:54:47 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <48C23517-6EFD-4A3C-A020-9CC1A87469B8@gmail.com>
Date: Wed, 23 Nov 2016 12:54:46 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <C2EA7D79-EFB5-42D3-9410-E3D0BD3CEF78@sn3rd.com>
References: <62B88142-2DBE-439F-AD4A-309053925794@sn3rd.com> <D45B2A10.55949%john.mattsson@ericsson.com> <48C23517-6EFD-4A3C-A020-9CC1A87469B8@gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_TIjqETp9ph8RSfcSvV_5WDzXmY>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] WGLC for draft-ietf-tls-rfc4492bis
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 17:55:52 -0000

>> - Section 1
>> "This is illustrated in the following table, based on [Lenstra_Verheul],
>> which gives approximate comparable key sizes for symmetric- and
>> asymmetric-key cryptosystems based on the best-known algorithms for
>> attacking them."
>> 
>> The key sizes for DH/DSA/RSA does not seem to be based on the
>> Lenstra-Verheuls equations which gives much higher key sizes for
>> DH/DSA/RSA.
>> 
>> The DH/DSA/RSA key sizes seem to be based on NIST recommendations. I
>> suggest either:
>> 
>> A) Fully based the table on NIST recommendation, which means keeping
>> DH/DSA/RSA as is but simplifying ECC to 2 * Symmetric.
>> B) Update the DH/DSA/RSA key sizes based on state-of-the-art. But then I
>> would say that this is not [Lenstra_Verheul], but rather [RFC3766],
>> [Lenstra 2004], [ECRYPT 2012]. I think these three all use the same
>> equation.
>> C) Just remove DH/DSA/RSA as the draft is about ECC.
> 
> I’m inclined to get rid of this table and all the text from “This is illustrated…” entirely. ECC is by now in wide use. We don’t need to “sell” it any more. so unless someone would like to make a PR with better text, I will just get rid of it.

You could be more draconian and start the draft with the paragraph:

  This document describes additions to TLS to support ECC ….

Because you’re right we don’t really need to do much selling here.

spt

v2.23.0 | Report a Bug | By Email