Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

james hughes <hughejp@mac.com> Wed, 18 September 2013 16:46 UTC

Return-Path: <hughejp@mac.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BE3011E8241 for <tls@ietfa.amsl.com>; Wed, 18 Sep 2013 09:46:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.847
X-Spam-Level:
X-Spam-Status: No, score=-2.847 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_OBFU_ALL=0.751]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swJILF9Pf6W8 for <tls@ietfa.amsl.com>; Wed, 18 Sep 2013 09:46:02 -0700 (PDT)
Received: from st11p06mm-asmtp001.mac.com (st11p06mm-asmtpout004.mac.com [17.172.124.249]) by ietfa.amsl.com (Postfix) with ESMTP id EDF6C11E80E4 for <tls@ietf.org>; Wed, 18 Sep 2013 09:46:01 -0700 (PDT)
Received: from [10.0.1.4] (unknown [184.69.15.210]) by st11p06mm-asmtp001.mac.com (Oracle Communications Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013)) with ESMTPSA id <0MTB00JD6YKGYHC0@st11p06mm-asmtp001.mac.com> for tls@ietf.org; Wed, 18 Sep 2013 16:45:55 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-09-18_07:2013-09-18, 2013-09-18, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1308280000 definitions=main-1309180080
Content-type: multipart/alternative; boundary="Apple-Mail=_E43AAAAE-A015-45A5-B87F-9BFDF8179327"
MIME-version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: james hughes <hughejp@mac.com>
In-reply-to: <958F40E0-8978-4C4F-BB2E-2519B66470D9@ll.mit.edu>
Date: Wed, 18 Sep 2013 09:45:51 -0700
Message-id: <4EEA8B22-183D-41E0-A7E2-E784A92F7185@mac.com>
References: <9A043F3CF02CD34C8E74AC1594475C73556737D0@uxcn10-6.UoA.auckland.ac.nz> <52397B7E.70204@gmail.com> <98ca985ffce946c42315e4e03db57747@srv1.stroeder.com> <5239B845.6010606@gmail.com> <958F40E0-8978-4C4F-BB2E-2519B66470D9@ll.mit.edu>
To: "Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu>
X-Mailer: Apple Mail (2.1508)
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2013 16:46:07 -0000


On Sep 18, 2013, at 9:13 AM, "Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu> wrote:

> I believe that for ephemeral DH 2048 bits is a huge overkill. In fact, 1536 is likely to be an overkill as well. I think 1280 bits would be sufficient for the next few years, and perhaps ECC patents will expire by then? In any case, I'd vote against anything (ephemeral DH-related :) larger than 1536 bits.
> 
> TNX!
> 
> P.S. It should be obvious that PFS is *far* more important than protecting one session key.

Please read my posting of 9/10. 2048 is required now. In this case it seems that the French government is providing sound advice. 

On Sep 10, 2013, at 9:00 AM, james hughes <hughejp@me.com> wrote:

> Lastly, going a partial step seems strange also. Why do we what to put ourselves through this again so soon? The French government suggests 2048 now (for both RSA and DHE), and will only last 6 years. From 
> 	http://www.ssi.gouv.fr/IMG/pdf/RGS_B_1.pdf
> 
>> La taille minimale du module est de 2048 bits, pour une utilisation ne devant pas depasser lannee 2020.
> The minimum size of the modulus is 2048 bits for use not to exceed 2020.
> 
>> Pour une utilisation au-dela de 2020, la taille minimale du module est de 4096 bits
> For use beyond a 2020, the minimum module size is 4096 bits
> 
> 
> Pardon the bad cut/paste and google translate, but I believe you get the point.