Re: [TLS] PR#345: IANA Considerations
Joseph Salowey <joe@salowey.net> Mon, 30 November 2015 04:08 UTC
Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5FD51A701E for <tls@ietfa.amsl.com>; Sun, 29 Nov 2015 20:08:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8VWD-ReeHT7r for <tls@ietfa.amsl.com>; Sun, 29 Nov 2015 20:08:13 -0800 (PST)
Received: from mail-lf0-x231.google.com (mail-lf0-x231.google.com [IPv6:2a00:1450:4010:c07::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DFFB1A7026 for <tls@ietf.org>; Sun, 29 Nov 2015 20:08:13 -0800 (PST)
Received: by lffu14 with SMTP id u14so181510927lff.1 for <tls@ietf.org>; Sun, 29 Nov 2015 20:08:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=OCy4TrnGCujJ/uLkT2F/eWU+4mtWLL+LoNbRDipPV+I=; b=oKhC5fcNv5vhTEx9SCR8MsF127s2xx3uUgKGtp6NWlY7Y7Ma4mOURWUmaiXTIY4Yv0 nWXzu8MyYsu0k5ejgcHH+eX8gP0Ou8RwYiFhRVNmMvKQ9KLrxW1FYPrXsgHTAAT1CAdn oGoGIlIm4EQJx2Ksu+0ROHmNz9LdOaAocd51bUnnkvNhuQsWlyN7ILmrToRO9bQE/LsG r2PyYmfEpR7LnZr/Ol9fxMIJz8K1Zi1i2OoJzSQZ9UBbkL8apnBoNPPFU27dmhU3FOUF 9ru4oLL0T3+uDRw0B+i8fvDC2UwUFlYZEoHqB/K4LIWZBQa5T1Ra2Iw0V4ZGY2X7Hawh E/rQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=OCy4TrnGCujJ/uLkT2F/eWU+4mtWLL+LoNbRDipPV+I=; b=ibDs8F3oecioigukiac2rnfVxFHRrwbSc6J9ZUCDl1hsedE/frBRu29HF0SfVhKfYW TWL3MX1mVuPHEPMR3hfK3MilqMosl3g2V+DvD5Z5qZHPHMceHUtPPn+hHoYh7wXwA0hq MNTgBB95Hhi9KNRjSUSCdOhNk/Go+8zhhzt+N1lmeebjYRjsU5/kMK5jfbeYUE06D7jj Yi8m5BaA4J994pYRj2JjBWn02k3SOpKD1bD+hOGOhMbq65Bh05Ar5JTy1hSCuBcXFwvc SkgRdELuZznzqgQQA0V55QlLwq5gRIEZFs6X7vYXl7tV9+smvZfL9ouSKMoFpkhrzgyx MWIg==
X-Gm-Message-State: ALoCoQl/9tCJlbD06IuV//nlS9MB+dr5DG19+gwfjY7y8Bc+YoG7m59Lob4njjifKN49O3tJmS0j
MIME-Version: 1.0
X-Received: by 10.112.171.74 with SMTP id as10mr23266254lbc.137.1448856491235; Sun, 29 Nov 2015 20:08:11 -0800 (PST)
Received: by 10.112.24.131 with HTTP; Sun, 29 Nov 2015 20:08:11 -0800 (PST)
In-Reply-To: <CABcZeBNP1uXin+AYUdtFBAx6nqh69UBbnzeXqFwioky=0gwpZQ@mail.gmail.com>
References: <CABcZeBMN3mL3KYjMEjBqeZ+33it5Oi4BvO8zdz-2aXcs479bTQ@mail.gmail.com> <20151119150312.E8CDA1A383@ld9781.wdf.sap.corp> <CABcZeBMyfhWHAsyfM4xO9HMWnz3WWPjrnD9+ay3PDfvh6KAPRw@mail.gmail.com> <CAOgPGoD3fT-7aGP08kqifFavA6-xtfJT+4-S=7HD62fwE6_HKA@mail.gmail.com> <CABcZeBNP1uXin+AYUdtFBAx6nqh69UBbnzeXqFwioky=0gwpZQ@mail.gmail.com>
Date: Sun, 29 Nov 2015 20:08:11 -0800
Message-ID: <CAOgPGoBx9xxNQCAzvEw7-qJDPHu2NbbWawkPawDQeTc4HvJnaA@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="001a11c37fba7db7430525ba30a1"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/ehluAvo0_xbPa1F6sPKwHzh-LEI>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] PR#345: IANA Considerations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2015 04:08:15 -0000
I believe the consensus supports what is in the current PR. Cheers, Joe On Thu, Nov 26, 2015 at 3:18 PM, Eric Rescorla <ekr@rtfm.com> wrote: > Joe, > > Can you clarify whether you believe consensus is to make the "Recommended" > list the list in the current PR or the MTI list. I can edit the document > either > way. > > -Ekr > > > On Wed, Nov 25, 2015 at 11:05 AM, Joseph Salowey <joe@salowey.net> wrote: > >> It looks like we have rough consensus to accept this PR. We can still >> have discussion on the naming of the categories. We will also have to >> define the IANA registration policy for changing the "recommended" bit. >> I'll open an issue for this, I think changing the bit to recommended >> should require IETF consensus. >> >> Cheers, >> >> Joe >> >> On Thu, Nov 19, 2015 at 7:10 AM, Eric Rescorla <ekr@rtfm.com> wrote: >> >>> >>> >>> On Thu, Nov 19, 2015 at 7:03 AM, Martin Rex <mrex@sap.com> wrote: >>> >>>> Eric Rescorla wrote: >>>> > >>>> > There are presently four categories of cipher suites vis-a-vis TLS >>>> 1.3. >>>> > >>>> > 1. MUST or SHOULD cipher suites. >>>> > 2. Standards track cipher suites (or ones we are making ST, like >>>> > the ECC ones). >>>> > 3. Non standards track cipher suites >>>> > 4. Cipher suites you can't use at all with TLS 1.3, like AES-CBC. >>>> > >>>> > I think we're all agreed that category #1 should be marked recommended >>>> > and that #3 and #4 should not be. This leaves us with category #2, >>>> which >>>> > includes stuff like: >>>> > >>>> > - FFDHE >>>> > - CCM >>>> > >>>> > My proposal is that we: >>>> > >>>> > - List all the Standards Track cipher suites that are compatible with >>>> TLS >>>> > 1.3 in Appendix A. >>>> > - Mark all the cipher suites that are listed in Appendix A as >>>> "Recommended" >>>> >>>> >>>> I'm slightly confused. >>>> >>>> rfc5288 is standards track and describes AES-GCM with static RSA keyex. >>>> >>> >>> This isn't compatible with TLS 1.3 because TLS 1.3 removes static RSA. >>> >>> >>> rfc5289 is only informational (i.e. _not_ standards track) and describes >>>> AES-GCM with ECDHE keyex. >>> >>> >>> We are re-labelling the AES-GCM ECDHE suites as standards track either >>> in this document or in RFC4492bis. >>> >>> -Ekr >>> >>> >>>> >>>> >>>> >>>> -Martin >>>> >>> >>> >>> _______________________________________________ >>> TLS mailing list >>> TLS@ietf.org >>> https://www.ietf.org/mailman/listinfo/tls >>> >>> >> >
- [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Sean Turner
- Re: [TLS] PR#345: IANA Considerations Joe Salowey
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Benjamin Kaduk
- Re: [TLS] PR#345: IANA Considerations Russ Housley
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Viktor Dukhovni
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Andrei Popov
- Re: [TLS] PR#345: IANA Considerations Ilari Liusvaara
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Viktor Dukhovni
- Re: [TLS] PR#345: IANA Considerations Salz, Rich
- Re: [TLS] PR#345: IANA Considerations Dave Garrett
- Re: [TLS] PR#345: IANA Considerations Hubert Kario
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Martin Rex
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Joseph Salowey
- Re: [TLS] PR#345: IANA Considerations Eric Rescorla
- Re: [TLS] PR#345: IANA Considerations Joseph Salowey