IETF Logo Mail Archive

Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design

"Kampanakis, Panos" <kpanos@amazon.com> Thu, 11 May 2023 14:44 UTC

Return-Path: <prvs=4885378da=kpanos@amazon.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE694C05E044 for <tls@ietfa.amsl.com>; Thu, 11 May 2023 07:44:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.898
X-Spam-Level:
X-Spam-Status: No, score=-11.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSuJcc-XAC5E for <tls@ietfa.amsl.com>; Thu, 11 May 2023 07:44:27 -0700 (PDT)
Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45168C1DF982 for <tls@ietf.org>; Thu, 11 May 2023 07:44:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1683816267; x=1715352267; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=4v2HnAJv/eDYZGJT+hp7D1iBzanPpLwckdAgfgjX0d0=; b=s8selFa5YeRWmXSM0AHCD3QursQKiWUo6EN9RxVy3P2voKX+Jteq7JKr PXyLIsKudabECDyYy8GdVcSocambDcbUqBOR0K9Mbgtp+ckgtGw4vYRVt 8o3dNK3OpkRwJmm520YoQavY7603ad3IuP4ExedlJ/Zo7JHEDPkx5OrL2 c=;
X-IronPort-AV: E=Sophos;i="5.99,266,1677542400"; d="scan'208,217";a="284007439"
Thread-Topic: [UNVERIFIED SENDER] Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-iad-1e-m6i4x-245b69b1.us-east-1.amazon.com) ([10.43.8.6]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 May 2023 14:44:21 +0000
Received: from EX19MTAUWB002.ant.amazon.com (iad12-ws-svc-p26-lb9-vlan3.iad.amazon.com [10.40.163.38]) by email-inbound-relay-iad-1e-m6i4x-245b69b1.us-east-1.amazon.com (Postfix) with ESMTPS id 4364C340372; Thu, 11 May 2023 14:44:19 +0000 (UTC)
Received: from EX19D001ANA002.ant.amazon.com (10.37.240.136) by EX19MTAUWB002.ant.amazon.com (10.250.64.231) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Thu, 11 May 2023 14:44:19 +0000
Received: from EX19D001ANA001.ant.amazon.com (10.37.240.156) by EX19D001ANA002.ant.amazon.com (10.37.240.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.26; Thu, 11 May 2023 14:44:18 +0000
Received: from EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055]) by EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055%5]) with mapi id 15.02.1118.026; Thu, 11 May 2023 14:44:18 +0000
From: "Kampanakis, Panos" <kpanos@amazon.com>
To: Bas Westerbaan <bas=40cloudflare.com@dmarc.ietf.org>
CC: Christopher Wood <caw@heapingbits.net>, "tls@ietf.org" <tls@ietf.org>
Thread-Index: AQHZhBZs2YqL6eghZEu5ectrSpvdOa9VJNOA
Date: Thu, 11 May 2023 14:44:18 +0000
Message-ID: <20522fd9a6cc40f1be6854e0b037e9a8@amazon.com>
References: <FBE87FDA-A407-4DC8-A2E8-F39AB475C87B@heapingbits.net> <C446C65E-924F-4927-BF53-E0B13EFC4930@heapingbits.net> <CAMjbhoXYiX2AP9w6JvCRuhPSvuEEWjBbLJhwVAKZhOByOnfeXw@mail.gmail.com> <920f6d11f8994141a9fba472236e2988@amazon.com> <CAMjbhoXGHHym+og+ORkJ8LnUiD+j+bBp4Xub+Ojv8GpTTpyzag@mail.gmail.com>
In-Reply-To: <CAMjbhoXGHHym+og+ORkJ8LnUiD+j+bBp4Xub+Ojv8GpTTpyzag@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.106.179.15]
Content-Type: multipart/alternative; boundary="_000_20522fd9a6cc40f1be6854e0b037e9a8amazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/bCJLzmmHYtK_VxOJcee1QvU0hWc>
Subject: Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 May 2023 14:44:31 -0000

ACK, thx all. So we should refrain from defining such “point-in-time” codepoints for other needed long-term algorithm combinations to not waste registry space. Only absolutely necessary codepoints should be registered.

From: Bas Westerbaan <bas=40cloudflare.com@dmarc.ietf.org>
Sent: Thursday, May 11, 2023 10:39 AM
To: Kampanakis, Panos <kpanos@amazon.com>
Cc: Christopher Wood <caw@heapingbits.net>; tls@ietf.org
Subject: [EXTERNAL] [UNVERIFIED SENDER] Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design


CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


Hi Panos,

No, for the final version of Kyber we'd need a different code point. (And that one will presumably be defined in Douglas' hybrid I-D.)

The raison d'être of draft-schwabe-cfrg-kyber-02 and draft-westerbaan-tls-xyber768d00 is to have a stable reference for this preliminary version of Kyber.

Best,

 Bas

On Thu, May 11, 2023 at 4:17 PM Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org<mailto:40amazon.com@dmarc.ietf.org>> wrote:
Great!

So to clarify, when Kyber gets ratified as MLWE_KEM or something like that, will we still be using 0x6399 in the keyshare when we are negotiating? Or is  0x6399 just a temporary codepoint for Kyber768 Round 3 combined with X25519?


From: TLS <tls-bounces@ietf.org<mailto:tls-bounces@ietf.org>> On Behalf Of Bas Westerbaan
Sent: Wednesday, May 10, 2023 3:09 PM
To: Christopher Wood <caw@heapingbits.net<mailto:caw@heapingbits.net>>
Cc: tls@ietf.org<mailto:tls@ietf.org>
Subject: RE: [EXTERNAL][TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design


CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


FYI IANA has added the following entry to the TLS Supported Groups registry:

Value: 25497
Description: X25519Kyber768Draft00
DTLS-OK: Y
Recommended: N
Reference: [draft-tls-westerbaan-xyber768d00-02]
Comment: Pre-standards version of Kyber768

Please see
https://www.iana.org/assignments/tls-parameters

On Mon, May 1, 2023 at 11:59 AM Christopher Wood <caw@heapingbits.net<mailto:caw@heapingbits.net>> wrote:
It looks like we have consensus for this strategy. We’ll work to remove codepoints from draft-ietf-tls-hybrid-design and then get experimental codepoints allocated based on draft-tls-westerbaan-xyber768d00.

Best,
Chris, for the chairs

> On Mar 28, 2023, at 9:49 PM, Christopher Wood <caw@heapingbits.net<mailto:caw@heapingbits.net>> wrote:
>
> As discussed during yesterday's meeting, we would like to assess consensus for moving draft-ietf-tls-hybrid-design forward with the following strategy for allocating codepoints we can use in deployments.
>
> 1. Remove codepoints from draft-ietf-tls-hybrid-design and advance this document through the process towards publication.
> 2. Write a simple -00 draft that specifies the target variant of X25519+Kyber768 with a codepoint from the standard ranges. (Bas helpfully did this for us already [1].) Once this is complete, request a codepoint from IANA using the standard procedure.
>
> The intent of this proposal is to get us a codepoint that we can deploy today without putting a "draft codepoint" in an eventual RFC.
>
> Please let us know if you support this proposal by April 18, 2023. Assuming there is rough consensus, we will move forward with this proposal.
>
> Best,
> Chris, Joe, and Sean
>
> [1] https://datatracker.ietf.org/doc/html/draft-tls-westerbaan-xyber768d00-00

_______________________________________________
TLS mailing list
TLS@ietf.org<mailto:TLS@ietf.org>
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email