[TLS] Definition of cipher suites for TLS 1.2 still possible?

"Fries, Steffen" <steffen.fries@siemens.com> Tue, 02 May 2017 14:11 UTC

Return-Path: <steffen.fries@siemens.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFC8A129479 for <tls@ietfa.amsl.com>; Tue, 2 May 2017 07:11:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, T_FILL_THIS_FORM_SHORT=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcEDJQG232Y6 for <tls@ietfa.amsl.com>; Tue, 2 May 2017 07:11:22 -0700 (PDT)
Received: from gecko.sbs.de (gecko.sbs.de [194.138.37.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3889C127078 for <tls@ietf.org>; Tue, 2 May 2017 07:07:35 -0700 (PDT)
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by gecko.sbs.de (8.15.2/8.15.2) with ESMTPS id v42E7X2p007300 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <tls@ietf.org>; Tue, 2 May 2017 16:07:33 +0200
Received: from DEFTHW99ERHMSX.ww902.siemens.net (defthw99erhmsx.ww902.siemens.net [139.22.70.133]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTPS id v42E7WMV003704 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <tls@ietf.org>; Tue, 2 May 2017 16:07:33 +0200
Received: from DENBGAT9EROMSX.ww902.siemens.net (139.22.70.195) by DEFTHW99ERHMSX.ww902.siemens.net (139.22.70.133) with Microsoft SMTP Server (TLS) id 14.3.352.0; Tue, 2 May 2017 16:07:22 +0200
Received: from DENBGAT9EH2MSX.ww902.siemens.net ([169.254.6.222]) by DENBGAT9EROMSX.ww902.siemens.net ([139.22.70.195]) with mapi id 14.03.0352.000; Tue, 2 May 2017 16:07:21 +0200
From: "Fries, Steffen" <steffen.fries@siemens.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: Definition of cipher suites for TLS 1.2 still possible?
Thread-Index: AdLDTWpeLBLLQHFiTSKY+DwL/vtEYA==
Date: Tue, 02 May 2017 14:07:21 +0000
Message-ID: <E6C9F0E527F94F4692731382340B33784A092E@DENBGAT9EH2MSX.ww902.siemens.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [139.22.70.54]
Content-Type: multipart/alternative; boundary="_000_E6C9F0E527F94F4692731382340B33784A092EDENBGAT9EH2MSXww9_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/egUrNWVfS2k4jhSlNaDcxDLgRfo>
Subject: [TLS] Definition of cipher suites for TLS 1.2 still possible?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 May 2017 14:11:26 -0000

Hello all,

it may be a naïve question, but is it still possible to define and standardize new cipher suites for TLS 1.2 as an RFC, when TLS 1.3 is almost finished?

The reason for asking is the discussion I started two weeks ago regarding integrity only cipher suites, which are not longer supported in TLS 1.3. While we most likely can cope with this by utilizing TLS 1.2 further as suggested, one question remains regarding the hash functions in the existing integrity only cipher suites. Currently, there is no integrity only cipher suite defined that combines ECDSA and SHA 256. There are only combinations with SHA1. Interestingly, there is one combining RSA and SHA 256.

To no longer depend on SHA1, we would like to standardize a combination of ECDSA and SHA 256 for instance TLS_ECDHE_ECDSA_WITH_NULL_SHA256. Would this still be possible, given the fact, that TLS 1.3 is likely to be finished in near time. I know that this depends on the acceptance of the WG, but I would like to ask first, if there is any intention to close TLS 1.2 for changes and additions, once TLS 1.3 is ready.

Best regards
Steffen

--
Steffen Fries
Siemens AG
Corporate Technology
CT RDA ITS
Otto-Hahn-Ring 6
81739 Muenchen, Germany
Tel.: +49 89 636-633604
Fax: +49 89 636-48000
mailto:steffen.fries@siemens.com
www.siemens.com/ingenuityforlife<https://siemens.com/ingenuityforlife>

Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322