IETF Logo Mail Archive

Re: [TLS] Confirming Consensus on removing RSA key Transport from TLS 1.3

Kurt Roeckx <kurt@roeckx.be> Mon, 05 May 2014 17:46 UTC

Return-Path: <kurt@roeckx.be>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C63811A0416 for <tls@ietfa.amsl.com>; Mon, 5 May 2014 10:46:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5eiZDbndG2PY for <tls@ietfa.amsl.com>; Mon, 5 May 2014 10:46:19 -0700 (PDT)
Received: from defiant.e-webshops.eu (defiant.e-webshops.eu [82.146.122.140]) by ietfa.amsl.com (Postfix) with ESMTP id 47BF31A0411 for <tls@ietf.org>; Mon, 5 May 2014 10:46:19 -0700 (PDT)
Received: from intrepid.roeckx.be (localhost [127.0.0.1]) by defiant.e-webshops.eu (Postfix) with ESMTP id 572431C2069; Mon, 5 May 2014 19:46:15 +0200 (CEST)
Received: by intrepid.roeckx.be (Postfix, from userid 1000) id 33B471FE0251; Mon, 5 May 2014 19:46:15 +0200 (CEST)
Date: Mon, 05 May 2014 19:46:14 +0200
From: Kurt Roeckx <kurt@roeckx.be>
To: Eric Rescorla <ekr@rtfm.com>
Message-ID: <20140505174614.GA26839@roeckx.be>
References: <AD51D38F-2CFE-4277-854D-C0E56292A336@cisco.com> <277ABA2E-FA8C-4927-9522-06E8907C28EB@cisco.com> <CABcZeBOb-ym7+TrRmfasuyJJ6BVNbQB96jqqBOGZr+YPG-NBWA@mail.gmail.com> <1399274903.2312.6.camel@dhcp-2-127.brq.redhat.com> <20140505170029.GA24821@roeckx.be> <CABcZeBO_Yg+2UyvvDt7ah0gH7RFadAVt64M1ui1ok0+zNyg=iw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CABcZeBO_Yg+2UyvvDt7ah0gH7RFadAVt64M1ui1ok0+zNyg=iw@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/ap-IuvG3EmYI3Wrk79TgV5S9_uU
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirming Consensus on removing RSA key Transport from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 17:46:20 -0000

On Mon, May 05, 2014 at 10:23:37AM -0700, Eric Rescorla wrote:
> You're probably thinking of:
> http://tools.ietf.org/html/draft-gillmor-tls-negotiated-dl-dhe-02
> 
> This seems like a reasonable kind of thing for the WG to
> consider, but my impression was that the WG consensus
> was to remove static RSA unconditionally. Certainly, it would
> be reasonable to argue that we should address this issue prior
> to final publication, however.

I'm not sure what you mean with "static RSA".  It's my
understanding that this proposal is about removing the RSA key
exchange and only using something like DHE and ECDHE.  That draft
would still be valid and useful if RSA key exchanges are dropped.


Kurt

v2.23.0 | Report a Bug | By Email