[TLS] Consensus Call on MTI Algorithms

Joseph Salowey <joe@salowey.net> Wed, 01 April 2015 18:12 UTC

Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 78EF31A1A69 for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 11:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id BHHySTbuof45 for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 11:12:20 -0700 (PDT)
Received: from mail-qg0-f52.google.com (mail-qg0-f52.google.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E1831A0270 for <tls@ietf.org>; Wed, 1 Apr 2015 11:12:20 -0700 (PDT)
Received: by qgfa8 with SMTP id a8so49917514qgf.0 for <tls@ietf.org>; Wed, 01 Apr 2015 11:12:19 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=zm2jAPaaB9JJ8yYp/q4Yv3Z+YcUEfK/JVPmkj40FfQA=; b=Si/uPmVDdJtPPMqpV4+dmcxmTmiP1IxH05Mln1wiJ1Hbp3VUbCHNX30awclHtLKJBG cSOF0Xp28Jb/sdkAzL3DSaiomaiqO1LeY0blOuvQXQmAQqE8v8MSlm97G2YpONaMuQYN A8fShfHL1PVxeE21/hwy7kSOF39Pl7giA0oeS6xDHpWQp9xcrs88MWXtise7f4f6iVcJ QC+RzDfNC9Lewd2bvTcXvbL6iHe63T1T/8m4p0sdevWTWya4fZs2N12ZrWfxOTP9gw6K qKU7DbkiPObYsclMDRDswEgUf7yJ+XwgH0MnpoVygQLCg3cdwiqLjmiHigJskzTMls5T lR4Q==
X-Gm-Message-State: ALoCoQkqciJPLv505C7PR/zqiJgWffGglVYJf9bHJwR+K7JxzdH6NI27jGyimd1nlRh0YVgmnmla
MIME-Version: 1.0
X-Received: by with SMTP id 29mr92206260qky.83.1427911939849; Wed, 01 Apr 2015 11:12:19 -0700 (PDT)
Received: by with HTTP; Wed, 1 Apr 2015 11:12:19 -0700 (PDT)
X-Originating-IP: []
Date: Wed, 01 Apr 2015 11:12:19 -0700
Message-ID: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a113b9232f21fec0512ada723"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/q8hvUQKGYEiG-sIh6-X-RDNs9mU>
Subject: [TLS] Consensus Call on MTI Algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 18:12:22 -0000

We did not get a chance to talk about MTI algorithms in Dallas, but the
chairs would like to judge consensus for the algorithms discussed in the
interim.  The CFRG has closed or will close soon on ChaCha20 and curve
25519 recommendations so they are included.  We will be calling for
acceptance to bring drafts on these into the working group shortly.

Keep in mind that mandatory to implement (MTI) is not mandatory to use and
that it is expected that there will be profiles for specific environments.

Below is the proposed algorithm list that had consensus at the Seattle
Interim. Please reply on the TLS mailing list indicating whether or not you
agree with the consensus.  If not, please indicate why.  This consensus
call will close on April, 23, 2015.

o Symmetric:
        MUST AES-GCM 128
        SHOULD ChaCha20-Poly1305

o Hash:
        MUST SHA-256

o Key Agreement: ECDH
        MUST P-256
        SHOULD 25519

o Signature:
        MUST ECDSA P-256
        MUST RSA