Re: [TLS] Inclusion of OCB mode in TLS 1.3

"Salz, Rich" <rsalz@akamai.com> Wed, 21 January 2015 16:28 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C7431A1B15 for <tls@ietfa.amsl.com>; Wed, 21 Jan 2015 08:28:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rT7Mk_Q366Wn for <tls@ietfa.amsl.com>; Wed, 21 Jan 2015 08:28:24 -0800 (PST)
Received: from prod-mail-xrelay02.akamai.com (prod-mail-xrelay02.akamai.com [72.246.2.14]) by ietfa.amsl.com (Postfix) with ESMTP id D7F3F1A1B11 for <tls@ietf.org>; Wed, 21 Jan 2015 08:28:09 -0800 (PST)
Received: from prod-mail-xrelay02.akamai.com (localhost [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id E864828501; Wed, 21 Jan 2015 16:28:08 +0000 (GMT)
Received: from prod-mail-relay06.akamai.com (prod-mail-relay06.akamai.com [172.17.120.126]) by prod-mail-xrelay02.akamai.com (Postfix) with ESMTP id D68FF284F6; Wed, 21 Jan 2015 16:28:08 +0000 (GMT)
Received: from email.msg.corp.akamai.com (usma1ex-cas3.msg.corp.akamai.com [172.27.123.32]) by prod-mail-relay06.akamai.com (Postfix) with ESMTP id A8DDA2034; Wed, 21 Jan 2015 16:28:08 +0000 (GMT)
Received: from USMA1EX-DAG1MB2.msg.corp.akamai.com (172.27.123.102) by usma1ex-dag1mb5.msg.corp.akamai.com (172.27.123.105) with Microsoft SMTP Server (TLS) id 15.0.913.22; Wed, 21 Jan 2015 11:28:07 -0500
Received: from USMA1EX-DAG1MB2.msg.corp.akamai.com ([172.27.123.102]) by usma1ex-dag1mb2.msg.corp.akamai.com ([172.27.123.102]) with mapi id 15.00.0913.011; Wed, 21 Jan 2015 11:28:07 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Watson Ladd <watsonbladd@gmail.com>
Thread-Topic: [TLS] Inclusion of OCB mode in TLS 1.3
Thread-Index: AdAvUwVbzm8zizwqTXS0eqroQIbuXQFvL3iAACF1UcAACszIAAAKcuTA
Date: Wed, 21 Jan 2015 16:28:07 +0000
Message-ID: <54456f8f41cc4635ac4fd6a74883f09b@usma1ex-dag1mb2.msg.corp.akamai.com>
References: <54B5501A.4070402@azet.org> <20150120191819.GA8165@typhoon.azet.org> <6d7dec54c4da410e9a395af0688322df@usma1ex-dag1mb2.msg.corp.akamai.com> <CACsn0cmUUsNFy0w1XpT5L0tWBR6DDGphM7=xZ+qmOFrv0pCuYA@mail.gmail.com>
In-Reply-To: <CACsn0cmUUsNFy0w1XpT5L0tWBR6DDGphM7=xZ+qmOFrv0pCuYA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.19.41.69]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/rVhNBH3mwB6ZRILchLgvdhQW6m4>
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jan 2015 16:28:26 -0000

> If you don't need to support them all, what's the cost (assuming they are all
> secure)?

That's a pretty weighty assumption.  And how do you decide which ones you have to support, which are MTI, etc?  How do you advise customers to use OCB over their favorite national cipher, like GOST or SEED?  Or Camellia?