Re: [TLS] Mail regarding draft-ietf-tls-tls13

Hubert Kario <hkario@redhat.com> Tue, 19 June 2018 10:22 UTC

Return-Path: <hkario@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FED130DC7 for <tls@ietfa.amsl.com>; Tue, 19 Jun 2018 03:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7i-zfOQ5piMO for <tls@ietfa.amsl.com>; Tue, 19 Jun 2018 03:22:57 -0700 (PDT)
Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29E47130DC3 for <tls@ietf.org>; Tue, 19 Jun 2018 03:22:57 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5FA0640201BE; Tue, 19 Jun 2018 10:22:56 +0000 (UTC)
Received: from pintsize.usersys.redhat.com (unknown [10.43.21.250]) by smtp.corp.redhat.com (Postfix) with ESMTP id E0A9F10C1E; Tue, 19 Jun 2018 10:22:55 +0000 (UTC)
From: Hubert Kario <hkario@redhat.com>
To: tls@ietf.org
Cc: Ben Personick <ben.personick@iongroup.com>
Date: Tue, 19 Jun 2018 12:22:54 +0200
Message-ID: <2775922.pafzB1VNMh@pintsize.usersys.redhat.com>
In-Reply-To: <5fdded19-da5c-4d23-a0e3-e4e9e905f7aa@iongroup.com>
References: <BN7PR14MB23560D791932A8CB164C592D917F0@BN7PR14MB2356.namprd14.prod.outlook.com> <7D370F20-3C5C-4347-9EA3-3F0F61458377@dukhovni.org> <5fdded19-da5c-4d23-a0e3-e4e9e905f7aa@iongroup.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart2094612.6Qmls5AWhV"; micalg="pgp-sha512"; protocol="application/pgp-signature"
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Tue, 19 Jun 2018 10:22:56 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Tue, 19 Jun 2018 10:22:56 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'hkario@redhat.com' RCPT:''
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/iVfxhggmA4OJkRxmkZCzZN3ACtk>
Subject: Re: [TLS] Mail regarding draft-ietf-tls-tls13
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2018 10:22:59 -0000

On Monday, 18 June 2018 21:10:05 CEST Ben Personick wrote:
>   I can only support ecdsa_rsa unless I have an ECC certificate to support
> ecsda_ecsde ciphers.

that is software limitation, not protocol limitation
 
>   Since TLS 1.3 will continue to allow ecdsa_rsa ciphers, there will be no
> push to move towards offering them, because of various 'reasons'.

technically, there are no ecdsa_rsa, ecdhe_rsa or ecdhe_ecdsa ciphers in TLS 
1.3, the signature over key exchange is guided by the signature_algorithms 
extensions only, cipher suite does not influence it

> Ben
> 
> ________________________________
> From: Viktor Dukhovni <ietf-dane@dukhovni.org>;
> Sent: Monday, June 18, 2018 12:32
> To: Ben Personick
> Cc: TLS WG
> Subject: Re: [TLS] Mail regarding draft-ietf-tls-tls13
> 
> > On Jun 18, 2018, at 9:10 AM, Ben Personick <ben.personick@iongroup.com>;
> > wrote:
> > 
> > There is a common thread circulating, that all support for RSA
> > Certificates/Ciphers are dropped in TLS 1.3.
> This is not the case.
> 
> > As I wrote in the last email, I am aware we can implemenet ECC certs and
> > ciphers in TLS 1.2, along side RSA certs/ciphers, however there is a
> > consistent fear of breaking what already works by moving onto offering
> > both an ECC and RSA certificate and corrosponding ciphers.
> You should at least support verifying ECDSA certificates on the client
> side, some servers your client software might connect to may have only
> ECDSA certificates.  On the server side you can continue to use RSA
> certificates if you wish.  While ECDSA is faster on the server, there
> are still some clients (perhaps yours among them) that only support RSA,
> and so you'd need to have both RSA and ECDSA certificates, which is
> operationally a bit more challenging.
> 
> --
>         Viktor.


-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky┼łova 115, 612 00  Brno, Czech Republic