IETF Logo Mail Archive

Re: [TLS] WGLC for draft-ietf-tls-hybrid-design

Nimrod Aviram <nimrod.aviram@gmail.com> Thu, 28 April 2022 11:19 UTC

Return-Path: <nimrod.aviram@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42E8AC157B4B for <tls@ietfa.amsl.com>; Thu, 28 Apr 2022 04:19:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FuFuZKl4GYQT for <tls@ietfa.amsl.com>; Thu, 28 Apr 2022 04:19:07 -0700 (PDT)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1EDEC14F749 for <TLS@ietf.org>; Thu, 28 Apr 2022 04:19:07 -0700 (PDT)
Received: by mail-ua1-x92f.google.com with SMTP id z15so1640294uad.7 for <TLS@ietf.org>; Thu, 28 Apr 2022 04:19:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=fJ+bqUuBsiskA1IsDY2NChE9Z03sadkUsKdOcD2fvtY=; b=a5zqWGhxP90Nfq2jbIznGHIEJDDNgU08EmhHO7RywunCNkqyFp+5zWGSBf5mPOZ6rD lG50Mst8sj53MixRW9Jj5UxKzytn7PKSQOukgv4Gln9zvK5FLgCWeezS8mHhEf4L/t1W zgGICncmykhOTnMUfIkz15CtByg5uHRMebpI0aXSMv5ygCxCIft7uVY20ynSOwlwDYD1 QhAhGdGD5wLaVzbDJRvv3WUc2rPuVPANDGI/FJ2AIBmAIwdi3sddVrJqMF4w2hCCmlPc DmD5KwpyLBrINInmHYkpflIvKrjZ65DtSiSmYq0XMUV+K8YS57dViAET+ly00ctzzJCk 2KqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=fJ+bqUuBsiskA1IsDY2NChE9Z03sadkUsKdOcD2fvtY=; b=ha0SgFTP8UjvW36JTJf9QYetChpqYptlj4nh1HnmTzed5fguxT6YizvlnH14WiSo4x rlI3zkm5eIO4Z9yRkPtLfZhwbiAmHzZK3Sa2FzxJJLwiku/hyYV7DC7Xri4Iu3zMaUBP J0HakwK5IBt5967ofwBpXR72P+8iEBgupbVa5j+rOc2f6eoXvE5RUpecQpst0CCUGcid QKRibjfLi2+oWFsd9/+mxaz1L5/UpfrrYIhvBbB8SnO3IAkf0QnJOM0EA4v6laI8KWXT FlnAU0pW7Bb5Vv+epYxd0cBsrtdZpLrqkAxWvUNUVOxe5ezF4QzRWwxQQXgN5xW0+jD2 E4WA==
X-Gm-Message-State: AOAM5332QfhIvQwxhwKYiZ5mJrsdul3CfH3ANaM8FU6syyQedh+fIdjw RnxXkPrh0/ioNyB6Xhr06st2s2iv2JAQhWHVWxlMHXLKcIQ=
X-Google-Smtp-Source: ABdhPJwSDizFzaY7JqN7Q3DHkttk6mCKHiggWmc4bsG6Db+Whf+RKQqIpvNeK0SE7ohs90KumOKnLg8YVf8Mcj9lCSs=
X-Received: by 2002:ab0:4ac1:0:b0:351:ed7d:e65c with SMTP id t1-20020ab04ac1000000b00351ed7de65cmr10859619uae.36.1651144746367; Thu, 28 Apr 2022 04:19:06 -0700 (PDT)
MIME-Version: 1.0
References: <27E9945C-6A0A-46DD-89F0-22BE59188216@heapingbits.net>
In-Reply-To: <27E9945C-6A0A-46DD-89F0-22BE59188216@heapingbits.net>
From: Nimrod Aviram <nimrod.aviram@gmail.com>
Date: Thu, 28 Apr 2022 14:18:55 +0300
Message-ID: <CABiKAoQEx7G_KZ14qwLfsOWKLeeuXBLbJowFANA+JYWASg=kbQ@mail.gmail.com>
To: "TLS@ietf.org" <TLS@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000147d9e05ddb518da"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/okWM4T3pUk1I9no3oG0jmG7419o>
Subject: Re: [TLS] WGLC for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2022 11:19:11 -0000

I'd like to reiterate my suggestion: While for now there is concensus for
using concatenation to combine the two shared secrets, we should have a
clear upgrade path if we want to use other combination methods in the
future.

As Douglas notes here [1], the document does commit to concatenation as the
combination method. One possible upgrade path is for the relevant code
points in the NamedGroup registry to indicate not only the key exchange
algorithms, but also the combination method. I'm not sure whether this is
sufficient for an upgrade path, but it seems necessary.

As for the document itself, I support moving it forward. As Douglas noted,
if we would eventually introduce a new key combination method, that can
happen in a new document.

[1] https://mailarchive.ietf.org/arch/msg/tls/SGyUKtTWoW9h9rX6Mo64fwfmxMY/



On Wed, 27 Apr 2022 at 18:28, Christopher Wood <caw@heapingbits.net> wrote:

> This email commences a two week WGLC for draft-ietf-tls-hybrid-design,
> located here:
>
>    https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/
>
> We do not intend to allocate any code points at this time and will park
> the document after the call is complete. Once CFRG produces suitable
> algorithms for consideration, we will then add them to the NamedGroup
> registry through the normal process [1] and move the document forward.
>
> Please review the draft and send your comments to the list. This WGLC will
> conclude on May 13.
>
> Best,
> Chris, for the chairs
>
> [1]
> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email