Re: [TLS] Comments on various things on agenda (Was: Re: TLS Interim - update and agenda)
Dave Garrett <davemgarrett@gmail.com> Mon, 09 March 2015 18:19 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18F5C1A9152 for <tls@ietfa.amsl.com>; Mon, 9 Mar 2015 11:19:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EJC0bHrL-o5y for <tls@ietfa.amsl.com>; Mon, 9 Mar 2015 11:19:33 -0700 (PDT)
Received: from mail-qg0-x22b.google.com (mail-qg0-x22b.google.com [IPv6:2607:f8b0:400d:c04::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17A911A9150 for <tls@ietf.org>; Mon, 9 Mar 2015 11:19:33 -0700 (PDT)
Received: by qgfh3 with SMTP id h3so30603218qgf.2 for <tls@ietf.org>; Mon, 09 Mar 2015 11:19:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=tStr51sA3ocow8qZKhYCt0X1nGrERlJO4clOr4Z/sK8=; b=cFszQvoP166h7eG/+CyACAO2EALMRA7PAl1eGWY93UsCKiSsrFVugUC2vE0oYUIuhb sprtle9XqLpFyDL0YBXaCQup3IQXn6cj4kgxXHAO9pELVLhk/DtqnjKr2D+I0uxZsGUj sTkvV7cEoATot01oru39HQ8G0gZQaeq0w9twCr/NSVxmmt+vBGREDQrYHTXy45fQhcWS M7Z0oEn3Q2fGvf08/Pp9jZHur6qzVWcdE9UqpW4Lc/T+P1Z2W6BKBHP4h1DLkDbLfYdy u45fRoTHoJOJS73551mNLwiOfH0wV3gZSy727veQyY5e0pWkqF9Wp5emLNKaU7UtyzlN hUEA==
X-Received: by 10.55.42.39 with SMTP id q39mr40296137qkh.99.1425925172367; Mon, 09 Mar 2015 11:19:32 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by mx.google.com with ESMTPSA id 4sm6926210qky.7.2015.03.09.11.19.31 (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 09 Mar 2015 11:19:31 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: Aaron Zauner <azet@azet.org>
Date: Mon, 09 Mar 2015 14:19:30 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-71-generic-pae; KDE/4.4.5; i686; ; )
References: <CAOgPGoCcexve9+C2bNSGVWUksZCva66OWbf8nrxkg0PquOpZ_w@mail.gmail.com> <201503081450.04610.davemgarrett@gmail.com> <54FDD024.3080309@azet.org>
In-Reply-To: <54FDD024.3080309@azet.org>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201503091419.30893.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/a5K9GgTCxLamxVWopQ-I5FMSArs>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Comments on various things on agenda (Was: Re: TLS Interim - update and agenda)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2015 18:19:38 -0000
On Monday, March 09, 2015 12:53:56 pm Aaron Zauner wrote: > There's also my draft for AES-OCB. [...] > > On MTI: > - AES-GCM should be MUST not SHOULD. > - ChaCha20/Poly1305 should MUST as well. > ..IMHO. Oh, I'd like to MUST all the things too, but I doubt that'd get consensus. Generally specs get exactly one MTI. One way to do things would be do do the following: ChaCha20/Poly1305 MUST implement AES-GCM SHOULD implement; MUST implement if TLS 1.2 backwards compatible AES-OCB RECOMMENDED or SHOULD implement TLS 1.3 implementations should be required to attempt better security when using old versions, so requiring AES-GCM to do so seems perfectly reasonable. Dave
- [TLS] TLS Interim - update and agenda Joseph Salowey
- Re: [TLS] TLS Interim - update and agenda Yoav Nir
- Re: [TLS] TLS Interim - update and agenda Benjamin Beurdouche
- Re: [TLS] TLS Interim - update and agenda Sean Turner
- Re: [TLS] Comments on various things on agenda (W… Dave Garrett
- [TLS] Comments on various things on agenda (Was: … Ilari Liusvaara
- Re: [TLS] Comments on various things on agenda (W… Eric Rescorla
- Re: [TLS] Comments on various things on agenda (W… Dave Garrett
- Re: [TLS] Comments on various things on agenda (W… Stephen Farrell
- Re: [TLS] Comments on various things on agenda (W… Aaron Zauner
- Re: [TLS] Comments on various things on agenda (W… Dave Garrett
- Re: [TLS] Comments on various things on agenda (W… Aaron Zauner
- Re: [TLS] Comments on various things on agenda (W… Stephen Checkoway
- Re: [TLS] Comments on various things on agenda (W… Blumenthal, Uri - 0558 - MITLL
- [TLS] MTI policy & practice (Was: Re: Comments on… Dave Garrett
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Aaron Zauner
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Dave Garrett
- Re: [TLS] Comments on various things on agenda (W… Yoav Nir
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Aaron Zauner
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Dave Garrett
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Aaron Zauner
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Dave Garrett
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Watson Ladd
- Re: [TLS] MTI policy & practice (Was: Re: Comment… Dave Garrett
- Re: [TLS] Comments on various things on agenda (W… Brian Sniffen
- Re: [TLS] Comments on various things on agenda (W… Dave Garrett
- Re: [TLS] Comments on various things on agenda (W… Sean Turner