Re: [TLS] Confirming Consensus on removing RSA key Transport from TLS 1.3

Nikos Mavrogiannopoulos <nmav@redhat.com> Mon, 05 May 2014 07:28 UTC

Return-Path: <nmav@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF2D21A027E for <tls@ietfa.amsl.com>; Mon, 5 May 2014 00:28:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.553
X-Spam-Level:
X-Spam-Status: No, score=-7.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Zy0s3jsoD7R for <tls@ietfa.amsl.com>; Mon, 5 May 2014 00:28:34 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by ietfa.amsl.com (Postfix) with ESMTP id 3BC581A0019 for <tls@ietf.org>; Mon, 5 May 2014 00:28:34 -0700 (PDT)
Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s457SQpg028759 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 5 May 2014 03:28:26 -0400
Received: from [10.34.2.127] (dhcp-2-127.brq.redhat.com [10.34.2.127]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s457SNhu006039 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 5 May 2014 03:28:25 -0400
Message-ID: <1399274903.2312.6.camel@dhcp-2-127.brq.redhat.com>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 05 May 2014 09:28:23 +0200
In-Reply-To: <CABcZeBOb-ym7+TrRmfasuyJJ6BVNbQB96jqqBOGZr+YPG-NBWA@mail.gmail.com>
References: <AD51D38F-2CFE-4277-854D-C0E56292A336@cisco.com> <277ABA2E-FA8C-4927-9522-06E8907C28EB@cisco.com> <CABcZeBOb-ym7+TrRmfasuyJJ6BVNbQB96jqqBOGZr+YPG-NBWA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/hw56ad8QncJZ0TToC7sb3wx2xZ8
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirming Consensus on removing RSA key Transport from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 07:28:35 -0000

On Sat, 2014-05-03 at 16:31 -0700, Eric Rescorla wrote:
> The following pull request is intended to execute this change:
> 
> https://github.com/tlswg/tls13-spec/pull/37
> I'll merge it in on Tuesday. Please let me know before then if
> this seems substantially wrong. As usual, minor editorial issues
> can be done by pull requests.

Shouldn't such a change depend on a fix to the compatibility issues
present in the DHE ciphersuites? Otherwise it just makes ECDHE the only
key exchange in TLS that can be made compatible with random peers.

Elliptic curves are good, but it would be nice to have non-ECC key
exchanges as well.

regards,
Nikos