Re: [TLS] early IANA code point assignment request for draft-ietf-tls-ecdhe-psk-aead
John Mattsson <john.mattsson@ericsson.com> Sun, 09 October 2016 05:32 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DD251293F2 for <tls@ietfa.amsl.com>; Sat, 8 Oct 2016 22:32:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lMSuUU7BXW6j for <tls@ietfa.amsl.com>; Sat, 8 Oct 2016 22:32:35 -0700 (PDT)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13499128E18 for <tls@ietf.org>; Sat, 8 Oct 2016 22:32:34 -0700 (PDT)
X-AuditID: c1b4fb30-f60a598000000cb2-1c-57f9d670fb12
Received: from ESESSHC001.ericsson.se (Unknown_Domain [153.88.183.21]) by (Symantec Mail Security) with SMTP id FE.1F.03250.F66D9F75; Sun, 9 Oct 2016 07:32:32 +0200 (CEST)
Received: from ESESSMB307.ericsson.se ([169.254.7.51]) by ESESSHC001.ericsson.se ([153.88.183.21]) with mapi id 14.03.0319.002; Sun, 9 Oct 2016 07:32:31 +0200
From: John Mattsson <john.mattsson@ericsson.com>
To: Martin Thomson <martin.thomson@gmail.com>, Nikos Mavrogiannopoulos <nmav@redhat.com>
Thread-Topic: [TLS] early IANA code point assignment request for draft-ietf-tls-ecdhe-psk-aead
Thread-Index: AQHR8m4qJsMuKCEAAE6yNvJM3NZSr6BBziKAgALxGgCAWzlRgA==
Date: Sun, 09 Oct 2016 05:32:30 +0000
Message-ID: <D41FA10A.52E40%john.mattsson@ericsson.com>
References: <7D3571C9-9873-4D88-9666-A47D0CD77671@sn3rd.com> <1470821613.2539.44.camel@redhat.com> <CABkgnnVYt_-SwRbO3Jm0ngpOEccL4UNV6wvgZFMco1G9z0uwfw@mail.gmail.com>
In-Reply-To: <CABkgnnVYt_-SwRbO3Jm0ngpOEccL4UNV6wvgZFMco1G9z0uwfw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.7.160722
x-originating-ip: [153.88.183.150]
Content-Type: text/plain; charset="utf-8"
Content-ID: <FEC950244C0B6A4DAEC8D8073239A79D@ericsson.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrJIsWRmVeSWpSXmKPExsUyM2K7qG7BtZ/hBnu7DSyunfnHaPHj6FYW i0/nuxgdmD12zrrL7rFkyU8mj/f7rrIFMEdx2aSk5mSWpRbp2yVwZdzct5uxYI9UxYy/PewN jE8kuxg5OSQETCRmPF7C0sXIxSEksJ5RYlrjPTYIZxGjxI3vh1lAqtgEDCTm7mlgA7FFBKIk rr7awgRiMwsoSry/NA+sRlggXuLq7OOMEDUJEvObVzNB2E4St96fZAWxWQRUJM48mgc0h4OD V8Bc4sz6LIhdqxkl7jXOAJvDKRAo0do2A6yeUUBM4vupNVC7xCVuPZnPBHG1gMSSPeeZIWxR iZeP/4HViwroSTz7/JwdIq4ksWL7JUaQXcwCmhLrd+lDjLGW2DhtGjPM+VO6H4KV8woISpyc +YRlAqP4LCTbZiF0z0LSPQtJ9ywk3QsYWVcxihanFiflphsZ6aUWZSYXF+fn6eWllmxiBEbg wS2/DXYwvnzueIhRgINRiYc3IednuBBrYllxZe4hRgkOZiUR3oOXgUK8KYmVValF+fFFpTmp xYcYpTlYlMR5zVbeDxcSSE8sSc1OTS1ILYLJMnFwSjUwds8rFPJrf9OlLJHMskypfu3NY8+/ zJ6rcW12YkRu7ru9TZZX5xXwOh16WrfCo/OCru+he8n5d5I9d1aYP3H/NDFsim6AT/HO7TEi nVLHXqWa9f/K/bm6w97k4sU3yr4r7eYunvgs0pLxQtE+DksX4UeqBqoTHjTax6ssdBNZb+ge sX15dukuJZbijERDLeai4kQAZE7IC7wCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/oiX-yMech3cxr3NA3COTVEReuzo>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] early IANA code point assignment request for draft-ietf-tls-ecdhe-psk-aead
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Oct 2016 05:32:37 -0000
Hi Martin, AES_256_CCM_8 was not in the first versions of the draft but added later after request from IoT people (probably afraid of quantum computers). While I think it makes very much sense to have short tags in wireless radio, I do not know how large need there is for AES-256 in IoT for constrained devices, or how large the need would be to truncate the tag in these cases. My current understanding is that Grover’s algorithm may never be more cost-effective than a cluster of classical computers, and that quantum computers therefore likely do not affect the lifetime of AES-128. I do not have any strong opinions regarding keeping AES_256_CCM_8 or not. We should not give the impression that AES-256 is needed for practical resistance to quantum computers anytime soon, it is however a requirement for use by US government. Agree that AES_128_CCM_8 and AES_256_CCM seems like the best choices in most cases. Cheers, John On 12/08/16 08:29, "TLS on behalf of Martin Thomson" <tls-bounces@ietf.org on behalf of martin.thomson@gmail.com> wrote: >Looking at those emails, I am prompted to wonder if anyone can justify >the existence of a ciphersuite with a double-sized key and half-sized >authentication tag. RFC 6655 doesn't really explain how that is a >useful thing. > >On 10 August 2016 at 19:33, Nikos Mavrogiannopoulos <nmav@redhat.com> >wrote: >> On Tue, 2016-08-09 at 14:45 -0400, Sean Turner wrote: >>> All, >>> >>> We've received a request for early IANA assignments for the 6 cipher >>> suites listed in https://datatracker.ietf.org/doc/draft-ietf-tls-ecdh >>> e-psk-aead/. Please respond before August 23rd if you have concerns >>> about early code point assignment for these cipher suites. >> >> I have previously raised an issue [0] on these ciphersuites. The same >> requirement was noted also by Peter Dettman as something special in >> [1]. However, there has been no reaction from the authors (now in CC). >> >> regards, >> Nikos >> >> [0]. >>https://mailarchive.ietf.org/arch/msg/tls/4PZsc_Dy-aT299BYrlBKvZs0BOQ >> [1]. >>https://mailarchive.ietf.org/arch/msg/tls/onEkdgH30eZgWs8v5Rp-CUqCHds >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > >_______________________________________________ >TLS mailing list >TLS@ietf.org >https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] early IANA code point assignment reques… Martin Thomson
- Re: [TLS] early IANA code point assignment reques… Nikos Mavrogiannopoulos
- Re: [TLS] early IANA code point assignment reques… Martin Thomson
- [TLS] early IANA code point assignment request fo… Sean Turner
- Re: [TLS] early IANA code point assignment reques… Peter Gutmann
- Re: [TLS] early IANA code point assignment reques… John Mattsson
- Re: [TLS] early IANA code point assignment reques… Martin Thomson
- Re: [TLS] early IANA code point assignment reques… Daniel Migault
- Re: [TLS] early IANA code point assignment reques… Russ Housley
- Re: [TLS] early IANA code point assignment reques… Daniel Migault
- Re: [TLS] early IANA code point assignment reques… Sean Turner
- Re: [TLS] early IANA code point assignment reques… Xiaoyin Liu
- Re: [TLS] early IANA code point assignment reques… Ilari Liusvaara
- Re: [TLS] early IANA code point assignment reques… Daniel Migault
- Re: [TLS] early IANA code point assignment reques… Ilari Liusvaara
- Re: [TLS] early IANA code point assignment reques… Daniel Migault