[TLS] consensus to drop non-ECC DSA from TLS 1.3 spec? (was: DSA should die)

Dave Garrett <davemgarrett@gmail.com> Tue, 19 May 2015 19:07 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id B88521ACE02 for <tls@ietfa.amsl.com>; Tue, 19 May 2015 12:07:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id wuln4hMOoyP8 for <tls@ietfa.amsl.com>; Tue, 19 May 2015 12:07:34 -0700 (PDT)
Received: from mail-qg0-x229.google.com (mail-qg0-x229.google.com [IPv6:2607:f8b0:400d:c04::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 203861AC427 for <tls@ietf.org>; Tue, 19 May 2015 12:07:34 -0700 (PDT)
Received: by qgde91 with SMTP id e91so12610576qgd.0 for <tls@ietf.org>; Tue, 19 May 2015 12:07:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:mime-version:content-type :content-transfer-encoding:message-id; bh=2jTcoYEqIIap4+djR2Xtoa9k83TslLBe843+thvSGn8=; b=ix1VJ252G7KOBDSU8dtLHOLGFY6BstpDfxuyDk8dpca4pW1mxQUoisynvqrxwk709I GESHC/Rk5a/Mu4El/KNkgBllyEV1mTkZsnBJ78p5k8ksOFxinGgn1EjCO6eISb8Bh0GL 5xzUJGIKGcvOw4k13paHpf6K1m5zn4RAJ6Lf8H+WfsyVTVYVL0P1khDwbsbZbyb+uWZe VjC8GXkO3SZBXij5TS1RchEoelVjyJ7M6JtO7ypvLG0VG6O0h7XWTbZSBQFnTB7XlfK1 K3I480AhDxEhYUyDX/wL9KaWX4+0bMDjBgAvmvMuVL6gDMQO/hXwMx7VZ7qeAAUvfze2 mHFg==
X-Received: by with SMTP id x68mr61368048qkx.62.1432062453383; Tue, 19 May 2015 12:07:33 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. []) by mx.google.com with ESMTPSA id 197sm9554645qhq.23.2015. for <tls@ietf.org> (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 19 May 2015 12:07:32 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Tue, 19 May 2015 15:07:30 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
MIME-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <201505191507.31022.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/qWdun8_4rDDLIKuwFQAyWgchk-E>
Subject: [TLS] consensus to drop non-ECC DSA from TLS 1.3 spec? (was: DSA should die)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 May 2015 19:07:35 -0000


The topic of completely dropping DSA was brought up a while back, and the WG seemed to be mostly in favor of it. (in favor of using ECDSA instead, if not wanting to use RSA) Cutting it out of the spec would get rid of a fair bit of obsolete text that doesn't need to be there anymore, which would simplify things a bit. Did we ever get to a point where consensus could be called in favor of killing it?

(The threads on the topic veered off into how to make cipher selection better, the result of that line of discussion being that cipher suites should be restricted to negotiating the symmetric cipher and the rest should be negotiated by mandating usage of existing extensions that can do so. No consensus was agreed upon doing that, though, but that's another issue.)