Re: [TLS] Contemplated major revision to draft-ietf-negotiated-ff-dhe
Martin Thomson <martin.thomson@gmail.com> Fri, 19 September 2014 22:05 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BBFF1A88DB for <tls@ietfa.amsl.com>; Fri, 19 Sep 2014 15:05:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_45=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uREUEAPTndPi for <tls@ietfa.amsl.com>; Fri, 19 Sep 2014 15:05:38 -0700 (PDT)
Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 215071A88DA for <tls@ietf.org>; Fri, 19 Sep 2014 15:05:37 -0700 (PDT)
Received: by mail-lb0-f182.google.com with SMTP id u10so4014233lbd.27 for <tls@ietf.org>; Fri, 19 Sep 2014 15:05:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=sOw/8hPMIHqxveIE8eod4SjMuDY4AOEYMlIzWSBTpBs=; b=faYM/NOFMbgvmtRJ6ZnR6dJ8L6oKP2ErHxc1tojDNQaonsJEF4+PlKpSVQPL1K3pdo 56wIFQlr6YfInh5B4Cz1am7MQvMTpRPXq9tWseJy6Z6k2iPvsZW1IoUJbPQtrzJ/5n6t mRRk74qO7L6esxN47Qdf8xDMRD7DNwZrPRJ2uIsqY0P8AzfReveShxre/1dre6WFGrqz uiGg5fumBg92cz3ydDjEz3FG77MGdE0HZwhKqB2iM3K22gaYjAI/4ZfnM71f00XdxP20 327Sf0elHF+vI/jQ40rN59IuzR2SmAONo+LejS/o1UVRmdaIpdOoTeHTtHfmRSqlYrl+ ASCA==
MIME-Version: 1.0
X-Received: by 10.152.28.74 with SMTP id z10mr9844541lag.10.1411164336468; Fri, 19 Sep 2014 15:05:36 -0700 (PDT)
Received: by 10.25.166.75 with HTTP; Fri, 19 Sep 2014 15:05:36 -0700 (PDT)
In-Reply-To: <87bnqbxu9s.fsf@alice.fifthhorseman.net>
References: <87bnqbxu9s.fsf@alice.fifthhorseman.net>
Date: Fri, 19 Sep 2014 15:05:36 -0700
Message-ID: <CABkgnnU00599-v67aDM5rMgvz=Nt5rha3pw8Z0t5-WWZCAp9_Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/r_g91FWiD3puLf7FmUQEiWWmGiM
Cc: IETF TLS Working Group <tls@ietf.org>
Subject: Re: [TLS] Contemplated major revision to draft-ietf-negotiated-ff-dhe
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Sep 2014 22:05:39 -0000
On 19 September 2014 12:52, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > == Advantages == Great. This is much nicer as a rule. I think that the issues Ilari points are entirely orthogonal to this proposal, those are largely existing problems with the existing stuff. I do have one suggestion below that might help alleviate concerns like those though. > This proposal suggests carving out a small space of that registry for > finite field groups. I would rather you add a parameter to the registry so that entities that understand the code point can identify if the group is FF or EC. It would be informative only, scoping the registration appropriately. If further division is required, then more fields can be added. For instance, if Ilari's idea to separate ECDH and ECDSA use is something we decide to do, then the "type" field can be set to ECDH, ECDSA or ECDH+ECDSA (or FF). I'm not sure that that helps on the ServerHello end of things though.
- Re: [TLS] Contemplated major revision to draft-ie… Ilari Liusvaara
- [TLS] Contemplated major revision to draft-ietf-n… Daniel Kahn Gillmor
- Re: [TLS] Contemplated major revision to draft-ie… Martin Thomson
- Re: [TLS] Contemplated major revision to draft-ie… Ilari Liusvaara