Re: [TLS] RSA-PSS in TLS 1.3
Martin Thomson <martin.thomson@gmail.com> Tue, 01 March 2016 09:20 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D10EB1B368A for <tls@ietfa.amsl.com>; Tue, 1 Mar 2016 01:20:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Chw9GIId5q3d for <tls@ietfa.amsl.com>; Tue, 1 Mar 2016 01:20:39 -0800 (PST)
Received: from mail-io0-x234.google.com (mail-io0-x234.google.com [IPv6:2607:f8b0:4001:c06::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AF9E1B3689 for <tls@ietf.org>; Tue, 1 Mar 2016 01:20:39 -0800 (PST)
Received: by mail-io0-x234.google.com with SMTP id 9so212602824iom.1 for <tls@ietf.org>; Tue, 01 Mar 2016 01:20:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to; bh=KXpRa3OUSvXFjdJrC18JeM4JozXFw+1GNr6A0CJBuA8=; b=ECiFH0CsoPtorX5gHdiBnFjmOQt/TmepSmMxB2JenZj3Jy2T0IKaPyCMZSZU0AiAuN O18xE//1tk/tpxoQVgzogIAgAChrtfHtLIjVQJG+Q8GeXXZjHHH/nawLIJ1kfPXGzeU9 9aacFvdWaVbrcaXepiNQcS2VcTsCBrCIoh/08JzXIWqN48kGFDmMdmNoWwXFRHTZboLG bFe6MPbhCoKBKas0ycUyWq/Cxth8d72uWG7UdCYEYqxNq+t5KipsbtF/dTyETZD31nf+ ySbqKzRpysmRKFSpwNvWV0fJLK3bhw39lUNSxTI6FA3UTwZpY6l5zqztosGOTZAh9umE G7gw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to; bh=KXpRa3OUSvXFjdJrC18JeM4JozXFw+1GNr6A0CJBuA8=; b=J0cpxC0D0CvkS3OOqmfggk8jt1JlDfZ7F66bwyC75zglK6L1imOBLOStQP9m05L1Dk S8XZLJ8cTsfHezUvV9dGEJW23N82aCM0XgfLyTD1AFJcQEp5kd975o0hxoNSOMqdk30O BOiurdyKa9w5s6pzlUgrjbHcQWuqmgUx+6AqAKxAnNO0Ydcix1ZCBu72dK26gXoIiqh8 9O7x64+FwlpsGM+yEiC8JENh20KDAAnDPUmzGDFshRvLcVC4n4Lw6c9r8g99RjUAwm04 XEZO7yhtfE6EPBKTEworN9FkCU6biGpNktU2HLo9lKWxDkPrA7JS6xj/bs1wVSQ1W1by jB2Q==
X-Gm-Message-State: AG10YOQjylRLLjeX1XICFt8V/iUbsAcFB4Mx9rblE49k2qfSeUT5hwxdw9hhI7j7Fmlu6b9RHCnD8aSPbbQCyA==
MIME-Version: 1.0
X-Received: by 10.107.41.133 with SMTP id p127mr24710001iop.100.1456824038943; Tue, 01 Mar 2016 01:20:38 -0800 (PST)
Received: by 10.36.53.79 with HTTP; Tue, 1 Mar 2016 01:20:38 -0800 (PST)
In-Reply-To: <20160301050647.GW12869@mournblade.imrryr.org>
References: <CAOgPGoD=AAFDUXN8VkOHwTMEUm+-qi548NsicoD=1yQKSu-sng@mail.gmail.com> <CABkgnnX4Orgk7dvOtKN5FLryepf7Pb_bJtkxDiN+L7UUfthvSw@mail.gmail.com> <20160301045947.GV12869@mournblade.imrryr.org> <20160301050647.GW12869@mournblade.imrryr.org>
Date: Tue, 01 Mar 2016 20:20:38 +1100
Message-ID: <CABkgnnVPz_7UH0y1-N_SRgfd7hxX85WxD1i-NvXzWhjZ_v1POw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/fyhybT5elCFk77ezuoV5bk2QwKY>
Subject: Re: [TLS] RSA-PSS in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2016 09:20:41 -0000
On 1 March 2016 at 16:06, Viktor Dukhovni <ietf-dane@dukhovni.org> wrote: >> It is much easier to mandate PSS in TLS 1.3 now, than to remove it >> later. Servers that can't do PSS will use TLS 1.2. This avoids >> a break-the-web day. > > Sorry, ... than to remove *PKCS#1.5* later ... Yes, this is true for some people, and likely it will be more true in the future. However, a MUST implement PSS is enough for me. If it seems like consensus is against this position, I'll back that all the way. However, on the web side of things, we've some experience with killing stuff that we don't like. It's not always painless (see SHA-1), but I'd rather rely on that system than risk holding back 1.3.
- Re: [TLS] RSA-PSS in TLS 1.3 Andrey Jivsov
- Re: [TLS] RSA-PSS in TLS 1.3 Russ Housley
- Re: [TLS] RSA-PSS in TLS 1.3 Joseph Salowey
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Hanno Böck
- [TLS] RSA-PSS in TLS 1.3 Joseph Salowey
- Re: [TLS] RSA-PSS in TLS 1.3 Viktor Dukhovni
- Re: [TLS] RSA-PSS in TLS 1.3 Benjamin Beurdouche
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Brian Smith
- Re: [TLS] RSA-PSS in TLS 1.3 Andrey Jivsov
- Re: [TLS] RSA-PSS in TLS 1.3 Salz, Rich
- Re: [TLS] RSA-PSS in TLS 1.3 Andrey Jivsov
- Re: [TLS] RSA-PSS in TLS 1.3 Dave Garrett
- Re: [TLS] RSA-PSS in TLS 1.3 Hanno Böck
- Re: [TLS] RSA-PSS in TLS 1.3 Andrey Jivsov
- Re: [TLS] RSA-PSS in TLS 1.3 Martin Thomson
- Re: [TLS] RSA-PSS in TLS 1.3 Viktor Dukhovni
- Re: [TLS] RSA-PSS in TLS 1.3 Viktor Dukhovni
- Re: [TLS] RSA-PSS in TLS 1.3 Martin Thomson
- Re: [TLS] RSA-PSS in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Alyssa Rowan
- Re: [TLS] RSA-PSS in TLS 1.3 Watson Ladd
- Re: [TLS] RSA-PSS in TLS 1.3 Viktor Dukhovni
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Hanno Böck
- Re: [TLS] RSA-PSS in TLS 1.3 Martin Thomson
- Re: [TLS] RSA-PSS in TLS 1.3 Andrey Jivsov
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Viktor Dukhovni
- Re: [TLS] RSA-PSS in TLS 1.3 Rob Stradling
- Re: [TLS] RSA-PSS in TLS 1.3 Rob Stradling
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Eric Rescorla
- Re: [TLS] RSA-PSS in TLS 1.3 Yoav Nir
- Re: [TLS] RSA-PSS in TLS 1.3 Dave Garrett
- Re: [TLS] RSA-PSS in TLS 1.3 Dang, Quynh (Fed)
- Re: [TLS] RSA-PSS in TLS 1.3 Hanno Böck
- Re: [TLS] RSA-PSS in TLS 1.3 Dang, Quynh (Fed)
- Re: [TLS] RSA-PSS in TLS 1.3 Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] RSA-PSS in TLS 1.3 Hanno Böck
- Re: [TLS] RSA-PSS in TLS 1.3 Dang, Quynh (Fed)
- Re: [TLS] RSA-PSS in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] RSA-PSS in TLS 1.3 Martin Rex
- Re: [TLS] RSA-PSS in TLS 1.3 Scott Fluhrer (sfluhrer)
- Re: [TLS] RSA-PSS in TLS 1.3 Hanno Böck
- Re: [TLS] RSA-PSS in TLS 1.3 Martin Rex
- Re: [TLS] RSA-PSS in TLS 1.3 Fedor Brunner
- Re: [TLS] RSA-PSS in TLS 1.3 Martin Rex
- Re: [TLS] RSA-PSS in TLS 1.3 Hubert Kario
- Re: [TLS] RSA-PSS in TLS 1.3 Nikos Mavrogiannopoulos
- Re: [TLS] RSA-PSS in TLS 1.3 Hannes Mehnert
- Re: [TLS] RSA-PSS in TLS 1.3 Scott Fluhrer (sfluhrer)
- Re: [TLS] RSA-PSS in TLS 1.3 Ilari Liusvaara
- Re: [TLS] RSA-PSS in TLS 1.3 Scott Fluhrer (sfluhrer)
- Re: [TLS] RSA-PSS in TLS 1.3 Scott Fluhrer (sfluhrer)
- Re: [TLS] RSA-PSS in TLS 1.3 Hubert Kario
- Re: [TLS] RSA-PSS in TLS 1.3 Tony Arcieri
- [TLS] (TLS1.3 - algorithm agility support is enou… Rene Struik
- Re: [TLS] (TLS1.3 - algorithm agility support is … Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] (TLS1.3 - algorithm agility support is … Scott Fluhrer (sfluhrer)
- Re: [TLS] RSA-PSS in TLS 1.3 Scott Fluhrer (sfluhrer)
- Re: [TLS] RSA-PSS in TLS 1.3 Hubert Kario
- Re: [TLS] RSA-PSS in TLS 1.3 Viktor Dukhovni
- Re: [TLS] RSA-PSS in TLS 1.3 Hubert Kario
- Re: [TLS] RSA-PSS in TLS 1.3 Tony Arcieri