IETF Logo Mail Archive

Re: [TLS] -draft8447bis: rename Support Group Elliptic curve groups space

Sean Turner <sean@sn3rd.com> Wed, 10 April 2024 13:46 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CA3BC14F68A for <tls@ietfa.amsl.com>; Wed, 10 Apr 2024 06:46:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JOY04Qg4P0PH for <tls@ietfa.amsl.com>; Wed, 10 Apr 2024 06:46:48 -0700 (PDT)
Received: from mail-vs1-xe33.google.com (mail-vs1-xe33.google.com [IPv6:2607:f8b0:4864:20::e33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1954C14F61D for <tls@ietf.org>; Wed, 10 Apr 2024 06:46:48 -0700 (PDT)
Received: by mail-vs1-xe33.google.com with SMTP id ada2fe7eead31-47a0f54fb13so1082886137.1 for <tls@ietf.org>; Wed, 10 Apr 2024 06:46:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1712756807; x=1713361607; darn=ietf.org; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=5R0lu7zEO81lGK2SY4g+Vf6GtkGpU1vM68Xh/RdUUfQ=; b=GohnP7JPKqdMLAzQ6tFOdsts2RGqvfwTQnIuOXn1ryezJsG3NI4VyKxDBoKlGeycrW a9QTQATtjzL7Vl7YIgILNIan7Eh32s1Nb6YCchvNCYxiZ24sNWIxPPS8lJe2ZwXoOFyA KzHIjqHvnHz2iCgDZ7Xm7I7GZXfW27jntP4Ak=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712756807; x=1713361607; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5R0lu7zEO81lGK2SY4g+Vf6GtkGpU1vM68Xh/RdUUfQ=; b=nQO48Y1GfTPDdVHlq9jPKIbwM3ZCA3WIuQ2TwE+kKTlT8KnR2sRrUfTRVQ7ztdhbLM WTutMFaHo24HbkfFH+8OKQWXxPvGHCSQW+boPhNCCDG8cBXKgojXQaj1mttp4uzKx5mq 4KyM4L4kYZLyeq+UWaVxadEtfL3t8SiTkGESwyutDwueRvXgJwQBBgJtFwMVTh0DXrlX YDb+wB/CMBKsXcQvxFeH5N1aKX4Pzj53ZUFTieKCjLglQyaLuKDtliOgbD9NFIi++Gbd ypSUV90OG6vJOA9PWFdo6s16vIjNQ+BYeb7U3nJIB2nuYRMUaDgslk9OcM+L3oPKNumG g5/A==
X-Gm-Message-State: AOJu0Ywh0c6aV7pl5+Bk2SdsJkJY1ab7UX2qfn28uMTCdmhfmovBXJPo FKJZN9oInh5OZpRFCyUS/dNp1cR6t9A7up28XZMdKZiJpnEE+Qt+DNsBvs5FmvgUDmf3Kes4JPL 2
X-Google-Smtp-Source: AGHT+IGOE6eG1xR9QDXdRpWfjVgMpN+wfJj6Af+rGv0X6zykPls3nhTH71nFMphlN1FkUsU+lNcsIw==
X-Received: by 2002:a67:ef43:0:b0:476:9ac0:e8c4 with SMTP id k3-20020a67ef43000000b004769ac0e8c4mr2072043vsr.34.1712756807091; Wed, 10 Apr 2024 06:46:47 -0700 (PDT)
Received: from smtpclient.apple ([2a00:79e1:abd:dd02:683a:cbcc:9569:59f9]) by smtp.gmail.com with ESMTPSA id fo8-20020ad45f08000000b0069b1e2f3074sm2745345qvb.98.2024.04.10.06.46.46 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Apr 2024 06:46:46 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Date: Wed, 10 Apr 2024 09:46:44 -0400
References: <B5E1CFD9-32F5-482E-B305-2D739AD273BA@sn3rd.com>
To: TLS List <tls@ietf.org>
In-Reply-To: <B5E1CFD9-32F5-482E-B305-2D739AD273BA@sn3rd.com>
Message-Id: <285FE909-9C46-47FD-B6A4-78292808084E@sn3rd.com>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jG_q7xMSiPDNHRG2P5s_vJS9zEc>
Subject: Re: [TLS] -draft8447bis: rename Support Group Elliptic curve groups space
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 13:46:53 -0000

To me, it looks like we have rough agreement to change the note as specified in the PR.

spt

> On Mar 28, 2024, at 10:52, Sean Turner <sean@sn3rd.com> wrote:
> 
> <author hat>
> 
> **WARNING: Potential bikeshed**
> 
> -connolly-tls-mlkem-key-agreement has suggested that code points for the NIST PQ be registered in the TLS Supported Groups IANA registry [1].  Currently [2], the registry is carved up into three blocks as follows:
> 
> Range: 0-255, 512-65535
> Registration Procedures: Specification Required
> Note: Elliptic curve groups
> 
> Range 256-511
> Registration Procedures: Specification Required
> Note: Finite Field Diffie-Hellman groups
> 
> Assuming that the proposal in -connolly-tls-mlkem-key-agreement is the path for PQ KEM algorithms (and maybe regardless of whether this is the path), we should really replace the “Elliptic curve groups” note in the 0-255, 512-65535 range row with something else.  I am open to suggestions, but would like to propose “unallocated”. I have submitted the following issue:
> https://github.com/tlswg/rfc8447bis/issues/54
> and this PR:
> https://github.com/tlswg/rfc8447bis/pull/55
> to address this.
> 
> spt
> 
> [1] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
> 
> [2] Originally, RFC 8442 defined the name of the registry as "EC Named Curve Registry” and then RFC 7919 re-named it “Supported Groups” and carved out the FFDH space.

v2.23.0 | Report a Bug | By Email