[TLS] Re: Draft for SM cipher suites used in TLS1.3
"Kepeng Li" <kepeng.lkp@alibaba-inc.com> Fri, 16 August 2019 07:13 UTC
Return-Path: <kepeng.lkp@alibaba-inc.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7F3E120041 for <tls@ietfa.amsl.com>; Fri, 16 Aug 2019 00:13:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SCTj0rMeLml5 for <tls@ietfa.amsl.com>; Fri, 16 Aug 2019 00:13:54 -0700 (PDT)
Received: from out0-145.mail.aliyun.com (out0-145.mail.aliyun.com [140.205.0.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3E9312002E for <TLS@ietf.org>; Fri, 16 Aug 2019 00:13:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1565939628; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type; bh=CsKPhqQlhRGNdLJ0ZzUMSycYgLCDH8GV4ddmkHZQWNw=; b=cLcZbMZwqITXHrb+Fq4yJ9g2RxVX7iO093UwHTHGK07mMbck5GS+YIjAXFcTYjVtHivtqQ+nAp9wt3dtByPYKaKYFOzVL8A7TBQUFqX1Afx5lVVQHK44OktdyMbKCzK+Gfq+J5Jo2vMxeQgx3XwHT1FjotAqJ4rh23l3tPhFKI0=
X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R161e4; CH=green; DM=||false|; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03267; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DW; RN=2; SR=0; TI=W4_5657687_DEFAULT_0A93269A_1565939620954_o7001c95s;
Received: from WS-web (kepeng.lkp@alibaba-inc.com[W4_5657687_DEFAULT_0A93269A_1565939620954_o7001c95s]) by e01l04363.eu6 at Fri, 16 Aug 2019 15:13:44 +0800
Date: Fri, 16 Aug 2019 15:13:44 +0800
From: Kepeng Li <kepeng.lkp@alibaba-inc.com>
To: "rstruik.ext" <rstruik.ext@gmail.com>, TLS <TLS@ietf.org>
Reply-To: Kepeng Li <kepeng.lkp@alibaba-inc.com>
Message-ID: <3dfe43fe-b81c-4fc1-91af-3a1e8565794e.kepeng.lkp@alibaba-inc.com>
X-Mailer: [Alimail-Mailagent][W4_5657687][DEFAULT][Chrome]
MIME-Version: 1.0
x-aliyun-mail-creator: W4_5657687_DEFAULT_M3LTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc2LjAuMzgwOS4xMDAgU2FmYXJpLzUzNy4zNg==vN
Content-Type: multipart/alternative; boundary="----=ALIBOUNDARY_18741_4cf23940_5d5657a8_194a316"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/aaFEDm_K7IdLve7p2Ukd-XlnKiA>
Subject: [TLS] Re: Draft for SM cipher suites used in TLS1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Aug 2019 07:13:57 -0000
Hi Rene and all, > Since the ISO documents are not available to the general > public without payment, it would be helpful to have a freely available > document (in English) from an authoritative source. Having such a > reference available would be helpful to the IETF community (and > researchers). About the references to ISO documens, I think it is a general issue for IETF drafts. How does the other IETF drafts make the references to ISO documents? ISO documents are often referenced by IETF drafts. Thanks, Kind Regards Kepeng —————————————————————————————————————————————————————————————————— Re: [TLS] Draft for SM cipher suites used in TLS1.3 Rene Struik <rstruik.ext@gmail.com> Thu, 15 August 2019 15:34 UTCShow header Hi Paul: I tried and look up the documents GMT.0009-2012 and GBT.32918.5-2016 on the (non-secured) websites you referenced, but only found Chinese versions (and Chinese website navigation panels [pardon my poor language skills here]). Since the ISO documents are not available to the general public without payment, it would be helpful to have a freely available document (in English) from an authoritative source. Having such a reference available would be helpful to the IETF community (and researchers). Please note that BSI provides its specifications in German and English, so as to foster use/study by the community. If the Chinese national algorithms would be available in similar form, this would serve a similar purpose. FYI - I am interested in full details and some time last year I tried to download specs, but only Parts 2, 4, and 5 were available [1], [2], [3], not Parts 1 and 3. Best regards, Rene [1] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 5 - Parameter Definition (SEMB, July 24, 2018) [2] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 2 - Digital Signature Algorithm (SEMB, July 24, 2018) [3] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 4 - Public Key Encryption Algorithm (SEMB, July 24, 2018) On 8/15/2019 10:16 AM, Paul Yang wrote: > Hi all, > > I have submitted a new internet draft to introduce the SM cipher > suites into TLS 1.3 protocol. > > https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 > > SM cryptographic algorithms are originally a set of Chinese national > algorithms and now have been (or being) accepted by ISO as > international standards, including SM2 signature algorithm, SM3 hash > function and SM4 block cipher. These algorithms have already been > supported some time ago by several widely used open source > cryptographic libraries including OpenSSL, BouncyCastle, Botan, etc. > > Considering TLS1.3 is being gradually adopted in China's internet > industry, it's important to have a normative definition on how to use > the SM algorithms with TLS1.3, especially for the mobile internet > scenario. Ant Financial is the company who develops the market leading > mobile app 'Alipay' and supports payment services for Alibaba > e-commerce business. We highly are depending on the new TLS1.3 > protocol for both performance and security purposes. We expect to have > more deployment of TLS1.3 capable applications in China's internet > industry by this standardization attempts. > > It's very appreciated to have comments from the IETF TLS list :-) > > Many thanks! > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Re: Draft for SM cipher suites used in TLS1… Kepeng Li
- Re: [TLS] Re: Draft for SM cipher suites used in … Blumenthal, Uri - 0553 - MITLL