Re: [TLS] RSA-PSS in TLS 1.3

Tony Arcieri <bascule@gmail.com> Wed, 06 July 2016 20:58 UTC

Return-Path: <bascule@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDF7312D660 for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 13:58:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MZA8AXQClot0 for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 13:58:09 -0700 (PDT)
Received: from mail-vk0-x22a.google.com (mail-vk0-x22a.google.com [IPv6:2607:f8b0:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69EF512D63E for <tls@ietf.org>; Wed, 6 Jul 2016 13:57:59 -0700 (PDT)
Received: by mail-vk0-x22a.google.com with SMTP id d67so1887814vkh.1 for <tls@ietf.org>; Wed, 06 Jul 2016 13:57:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=lclMKXK+OOEKKcSLZK7BK7V/TieVlWw2/Z7d0T9/WI8=; b=TgQ0OzXjHsBilf6g/Z5SsyjmNzg775psT9r/y1KkQYbjys5iSmGQ2Ofz/Z8Aunj3jE 5q6lQZiOPh7LNZFXNTEAQfyIslwgaHI1XXBEJ3GfSmVCP675Bmazch30VvrcBpWlHSok YOnfw65Naw/astQyUl4TxEOIXxkq20Ct4A+O2lu3RQnpDxtii3m6AdtlVxtXPdHQolF2 4wdvsxVkZppMFLuA+VMi72VcvTYIB361r67A62PYnqUuHqSzbIfR4tQPHRXsMxQR1NKv NR5/IY1/E3JQbYpJlHM3ctk2blIVZaoMwto9EYkP2eHdSZqjGpkJ6e7WgvG4ffTSm1t5 /nOQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=lclMKXK+OOEKKcSLZK7BK7V/TieVlWw2/Z7d0T9/WI8=; b=W1ZiWqGCMza4uxraLlssB+izoeMC3HM+tcrNGnQwujvEJi6RhLBGOVuQu8bG8KmyPi IK2kyushsyRv0jd87BHlPCzv1JZI4+wiAoPvDQyayiBkifo5COoBx5sOZBkIEEI/Anx9 dPnxG7KRH188aPn3pxTmEz2OEgYEGEioRVvFDaDLhV6Lyx8O16eCfcGgoNVBCGBnBcc2 l6aqj4b9j5GQHaxF7w8wdmY2C+HcOUdsCaitLmnJUI5FDS+NauskSmlUEcRKszmaC5LY CY/pmxMmk66Lnpjhx/Bx60qdCUDmqqiYT2NfAYhxxcEjZs5YInteJpB/USImUABkTLxU ah+Q==
X-Gm-Message-State: ALyK8tIbZBye/JZyzIXxIzLU2dw5V63+TQfaykZkMvdqH7TPg7OmFL4avQ9NkZtDwPhEzkqRKA4FmzxHx8A1LA==
MIME-Version: 1.0
X-Received: by 10.176.6.131 with SMTP id g3mr10594155uag.29.1467838678543; Wed, 06 Jul 2016 13:57:58 -0700 (PDT)
Received: by 10.103.15.2 with HTTP; Wed, 6 Jul 2016 13:57:58 -0700 (PDT)
In-Reply-To: <577D6713.9030501@brainhub.org>
References: <20160303152945.18296912.40009.55386@ll.mit.edu> <2031124.N80aPK0KD4@pintsize.usersys.redhat.com> <20160308184131.GS10917@mournblade.imrryr.org> <2223470.EAoG62gjRo@pintsize.usersys.redhat.com> <CAOgPGoDq0r9CJETzmBvJTk+NNkCj1B=rwbtnD_e5-=VaRRdf=g@mail.gmail.com> <577D6713.9030501@brainhub.org>
Date: Wed, 6 Jul 2016 13:57:58 -0700
Message-ID: <CAHOTMV+vcw5FwQkSwa8r=7_Cbhd_M+m+qeC2G2paii0Nx5LXYA@mail.gmail.com>
From: Tony Arcieri <bascule@gmail.com>
To: Andrey Jivsov <crypto@brainhub.org>
Content-Type: multipart/alternative; boundary=94eb2c1246aa05b7f40536fdd3d7
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/aN7phwF6KfhIgkRUXf0QoIzT3gY>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RSA-PSS in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jul 2016 20:58:11 -0000

On Wednesday, July 6, 2016, Andrey Jivsov <crypto@brainhub.org> wrote:

> Was it really the consensus that the group didn't want to allow PKCS-1.5
> negotiated for handshake signatures (for certificate verifies)?
>

Based on my read of this thread: yes. The consensus seems to be to
disallow PKCS #1 signatures in TLS 1.3.


-- 
Tony Arcieri