Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 29 March 2023 02:40 UTC
Return-Path: <prvs=4452f9a683=uri@ll.mit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 218B9C152575 for <tls@ietfa.amsl.com>; Tue, 28 Mar 2023 19:40:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.894
X-Spam-Level:
X-Spam-Status: No, score=-6.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uMKAPF7yjXUB for <tls@ietfa.amsl.com>; Tue, 28 Mar 2023 19:40:50 -0700 (PDT)
Received: from MX2.LL.MIT.EDU (mx2.ll.mit.edu [129.55.12.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874E2C15C28F for <TLS@ietf.org>; Tue, 28 Mar 2023 19:40:16 -0700 (PDT)
Received: from LLEX2019-2.mitll.ad.local (llex2019-2.llan.ll.mit.edu [172.25.4.124]) by MX2.LL.MIT.EDU (8.17.1.19/8.17.1.19) with ESMTPS id 32T2dwo1000909 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 28 Mar 2023 22:39:58 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=IJW/bUI7u1kORAY8MIlXkR6dpW+HIMPYvtP3IInyfmHLwKDzOMDvzaQAZBQ0Wee8Rg7SNCCR7yErVIPsTNhZpMUJ8dWF0U3scpYukNsgFI0vN3pkoLTSwGWt8ujmDEC2MVLJTAfT7oWwjudsSSeqP57jeORKZn6jw3DuP3CdUi4HNfxughbB5lNIWuMtEnP9qXLGqsIO0ylEs66bz3MOpniXp8yGBwlnwf2iR+lRhOIm/iQ+l95lfkbEcjRQgCG16WdBnp3NeYFCSs+jG3Z3u8on/LyoK8KSWnds7inPm3VeuUmENvJr49Pk0WJYWXCxbZdAsl68YlU8Z0psyQVQGQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OQ/5mfmXuQ+gttcTreMV7QltmkDm1k/JQUAjxGZ4ADw=; b=IxF7Un+egt1p0EycT3RY08O5pAQLve24GqAVrF/fNB6b+q5qOyAijstUTqgFoHIOyxjI20RplzQnpdFwsgYzcNJ92pHmKCKmKeXTqdoUTnnM6ePFC3UpLu8Glg6JA/WSgEJ8jy7VninaOcRTYISvcm1ZjWXzEmfLF7awO1wlWW7PPmikY5OzrCsRLkRtbSNSXV7k3mSP63ZO0nswn8AW98y7K62FvFTYOka3umRsQwTjblJh1aypkIUQaRA3cFVeh9DC1+hUmPFZXD96kSmvmR4O1wLzCf4QlZd0xemYOrlIkLBxryXIoEx3f/yuLdk0dJWRdSiSwwDMMVf8xHVbkA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Krzysztof Kwiatkowski <kris@amongbytes.com>, Christopher Wood <caw@heapingbits.net>
CC: "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
Thread-Index: AQHZYeDBSoMA1EiGfEGGwyKmBvcb0q8RAJaA///IHQA=
Date: Wed, 29 Mar 2023 02:40:01 +0000
Message-ID: <1376F6AE-2F18-4E35-A164-51E0D2AB08E5@ll.mit.edu>
References: <FBE87FDA-A407-4DC8-A2E8-F39AB475C87B@heapingbits.net> <8EFF0CA2-EFD5-4D37-A8C2-91097D286F24@amongbytes.com>
In-Reply-To: <8EFF0CA2-EFD5-4D37-A8C2-91097D286F24@amongbytes.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.71.23032500
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN0P110MB1419:EE_|BN0P110MB1290:EE_
x-ms-office365-filtering-correlation-id: 0c689710-3c8b-4b52-74ae-08db2ffee517
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: //szeN/0Y0ZRIzyVsT+c5CS7Rphjke1IgC1AP8rOxomcXDtrjm1KkFPmCo4wlIMP5+5wO31YNpJKQ1qhSgYfT0HefbXoLBl1GmzkwBJ2vK2V+6rSYFOiPQ6IEjwd+pMNhANd5yQbHXZw8ZuWbKCKneFNeUZ6PIfNx3xcX5mx07shq2w6ATtwcuN0B6z8uLZgPizabIjgzrySeAcZE6NpK+I7NiFFUZSo3vDaqFuYW3Y/M32BmxnYfcETBHwgZ8wc2lTwWnBJKaX7dYMTxbImOE3MUM118j9hWpKCM6i+pHIb+gZ25XMiwI9u+yN3s9fEYL23YxK368QBP1MJR1kh7jUI7g4hhIDgKZOhbJz766DA9dFS1QJggv7kDRHpA6k+lselZGGJlHlqSezavCZcfxmAI2QCt3C919yQ2cOSYUMDkdoSEw1dRvoVDsvezavTHm91/tsClcGf2E38ZFUj8737iaWGXWCyW+dsDNZVuJKlowWGtEOv4yCLMPZEi1t1+V7JnfVthJ1IlHrsN9eb4WEt6+nZZ9rjxqrP8F0em+NtRW5ZbbKWkreGNfwF3MGb4G+0qU8zd1aiujWzQYVGw4Pedl9c1Fl1MGJ8J+orDlp3qYSCaVsWlWvfPoYvZAXcMA9MLANH8DoUjnDhEiL4ig==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230028)(366004)(39830400003)(136003)(396003)(451199021)(508600001)(966005)(110136005)(6486002)(66476007)(66446008)(76116006)(66946007)(66556008)(8676002)(4326008)(64756008)(38070700005)(86362001)(33656002)(2616005)(53546011)(6512007)(6506007)(186003)(26005)(83380400001)(5660300002)(8936002)(2906002)(71200400001)(41300700001)(75432002)(41320700001)(38100700002)(122000001)(99936003)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: dEWJw0CasUPydLj+e8uvAn0ROBcikuIq3x7w8D1jaFzHuPEFoHBvoLa6Ykbr4dDDHMIXZOCMWoSOcSvlGThT38E2inLXDGcvzBixfhVFW/ohXOYKJ3koqgDfwu1r6AIrSHpJwSwPgt/Sm13Vu+FLG4ccJ7hqa2DmhYq1HOroojaet5tsRLB3mH+tH8k2nWVUcKoz961kpj0ri/rOBANigfCWjeIf0iMxmpB7gKqs0khEdX/lnA/ecjnoMFgSTHKNCL5gvQgq3L+d1yKhyogdT8nCv0wv6XsVEMFHgpeuivcUn1AYD5cRBQ0srdEAmrXjM+zbOowGmN4hO8Dsb6M1jTuY3ZT2KCfJpHFG2hkOKGs5HeBBlwypEtau53+u8Fd32Zlgrd3bbwmS3lhe055fSLcAKo1uqurdAw/KNpM/dNamDd8ZWz8WTimsJfuX+/BXsCrbA09O0QwuJYIgpdC/+BLWIhP/2hgf/d9Kfb96Zc4mXFmFx9SRR3pvGvq3DcQ5nkKvLbmDBKnkCHNo2PImge4IOHS/ZoqKYqIUEqvCIcaaA2akTZS9QlhpYlubRMmNUfsdMYh5rv2oSfhTO5NSb5s+ShMQ6IFjvJFNkzAluqXjCQtu71dFjXUlqDI1cJ62WD/oIaFwfZ9jViuC7IfVhNv7BxLFhAS2MvuTzvw1VoiLhzXfb6vpQwsIK5rlv9ibMuIH8c/2yZseI3JQ93Nc2Le+nUzy8ntmIpnmw1xQIgzfYEP98xPiUK8ln6G5w/hVErCAYOHHnEAPn99DQCrQbrTOgkRov0XVfZ2YanYG3i5TthNGFGU1Qpet7nAlWjd830tLt13KjYV6/sdZ73f3UC1Ys+9xSrO7o5FKOQ1hj4zcmx6JaVRm8D48TRMZvh29laUZZpcPmkw4pqS83wjkhLG5AzGm2LnN9m5Bxk7rlKSvr8LT9Kkz1iAkko7s1lzTins68fFzfBb9bIWWIf4CxtkJRlhiWAkqPcR2XU8Zr1CCYciXsqW6o1rS4e577EgVHRebfg8tgg4c9qNFRhly99OoBixKKkLuCnsf0G7IW5so7LpNa/7dVQjmgq8x5WjWNI0+k59qsUqjIfejMjaOUsIPP2HNI80IDuy8wp7sHfNfiBf/UkqTJBZg7hZj26MZOyuLVShXxk8SsmiXqmbrXdHEn7V282eXpKvc/PKWpD0vE0k7rw31ypIFVrnI4eizN6hJYJ24Uom6sDkl1ybv7g3WRM6bBFb93k20tiQHbP0+szziMvlH7QqQfz9Id3jKd2IFsg7f1dJ2N2bin3R6U4zOjRUbWhgoaz0/E0l/UxXgTPjf2W2zOWvxbU687SSlBY6M0NWu2hQgdJhVsvRofkRQZaJL9DbBAY65JMbfaxrEgSJej8G/4DWofe9/A4k+iB+5uqsyVBRODSi72lDWSLbrngAippXKHPEyebH8h5yseoEni7h3CS2NvuyAsHmZedOAW6fgNzUodf7pq/EEmTRodoR1HzqWI+cj4WnhTCE=
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3762888000_1930415660"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 0c689710-3c8b-4b52-74ae-08db2ffee517
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Mar 2023 02:40:01.4306 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1290
X-Proofpoint-GUID: ikWkOlVh-_FAdoMC3HSnEk4AZRvmP3_m
X-Proofpoint-ORIG-GUID: ikWkOlVh-_FAdoMC3HSnEk4AZRvmP3_m
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-24_11,2023-03-28_02,2023-02-09_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 mlxlogscore=999 adultscore=0 suspectscore=0 malwarescore=0 mlxscore=0 phishscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2303290020
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hu_Qv2aK51xoq32t5WNE0IHoPmM>
Subject: Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 02:40:54 -0000
Can we add secp256r1_kyber768 option for those who prefer NIST curves? I support this. I would also like secp384r1_kyber1024 option, please. Thanks On 29 Mar 2023, at 10:48, Christopher Wood <caw@heapingbits.net> wrote: As discussed during yesterday's meeting, we would like to assess consensus for moving draft-ietf-tls-hybrid-design forward with the following strategy for allocating codepoints we can use in deployments. 1. Remove codepoints from draft-ietf-tls-hybrid-design and advance this document through the process towards publication. 2. Write a simple -00 draft that specifies the target variant of X25519+Kyber768 with a codepoint from the standard ranges. (Bas helpfully did this for us already [1].) Once this is complete, request a codepoint from IANA using the standard procedure. The intent of this proposal is to get us a codepoint that we can deploy today without putting a "draft codepoint" in an eventual RFC. Please let us know if you support this proposal by April 18, 2023. Assuming there is rough consensus, we will move forward with this proposal. Best, Chris, Joe, and Sean [1] https://datatracker.ietf.org/doc/html/draft-tls-westerbaan-xyber768d00-00 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Consensus call on codepoint strategy for dr… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Patton
- Re: [TLS] Consensus call on codepoint strategy fo… Richard Barnes
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Loganaden Velvindron
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Hubert Kario
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Scott Fluhrer (sfluhrer)
- Re: [TLS] Consensus call on codepoint strategy fo… Watson Ladd
- Re: [TLS] Consensus call on codepoint strategy fo… John Mattsson
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Kampanakis, Panos
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Ilari Liusvaara
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski