IETF Logo Mail Archive

Re: [TLS] PSS for TLS 1.3

Russ Housley <housley@vigilsec.com> Mon, 23 March 2015 19:31 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC76B1B29AC for <tls@ietfa.amsl.com>; Mon, 23 Mar 2015 12:31:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.899
X-Spam-Level:
X-Spam-Status: No, score=-101.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Aa65Gwfmdyco for <tls@ietfa.amsl.com>; Mon, 23 Mar 2015 12:31:54 -0700 (PDT)
Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 0DCF61B29A6 for <tls@ietf.org>; Mon, 23 Mar 2015 12:31:54 -0700 (PDT)
Received: from localhost (unknown [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id 867E99A400F for <tls@ietf.org>; Mon, 23 Mar 2015 15:31:43 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id KHZT9+hgI2nP for <tls@ietf.org>; Mon, 23 Mar 2015 15:31:22 -0400 (EDT)
Received: from dhcp-88c7.meeting.ietf.org (dhcp-88c7.meeting.ietf.org [31.133.136.199]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 709019A400D for <tls@ietf.org>; Mon, 23 Mar 2015 15:31:22 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: multipart/alternative; boundary="Apple-Mail-39-7789023"
Date: Mon, 23 Mar 2015 15:31:11 -0400
In-Reply-To: <CAK6vND8dpMpNFNgtAc8oO6LqQWyEgKQAXt3NtO4xWAZhf5c_1Q@mail.gmail.com>
To: IETF TLS <tls@ietf.org>
References: <CABcZeBOeoyggJfma8rvyeRrh6Dw+oSp5P-oUG0MR3ZprBOyUPQ@mail.gmail.com> <CAK6vND8dpMpNFNgtAc8oO6LqQWyEgKQAXt3NtO4xWAZhf5c_1Q@mail.gmail.com>
Message-Id: <493A881F-9A1A-4AF7-A55F-85AC98D60F90@vigilsec.com>
X-Mailer: Apple Mail (2.1085)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/hCgrHxPexU9bbfbI4VElj5LMKdE>
Subject: Re: [TLS] PSS for TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2015 19:31:55 -0000

On Sun, Mar 22, 2015 at 10:38 PM, Peter Bowen <pzbowen@gmail.com> wrote:
On Sun, Mar 22, 2015 at 3:09 PM, Eric Rescorla <ekr@rtfm.com> wrote:
> During the interim we discussed discussion about adopting PSS for
> RSA signatures in TLS 1.3.
>
> Clearly, we will not be able to just adopt PSS because certificates
> will continue to be signed with PKCS#1 1.5.

I would like to see TLS 1.3 allow certificates signed using PSS (RFC
4055 and 3447) and provide a way to signal the server that such
certificates are supported. 

I have wanted to see migration of signatures on certificates from PKCS#1 v1.5 to PSS for many years.  I think this is a nice step for that to happen.

That said, I'd like to see this done in a way that also encourages the transition to ECDSA for the signatures on the certificates.  So, I think that means the suggested signaling needs to provide a list of certificate signature algorithms that are supported, with a clear mandatory to implement.

Russ

v2.23.0 | Report a Bug | By Email