Re: [TLS] Ala Carte Cipher suites - was: DSA should die

Tony Arcieri <bascule@gmail.com> Sat, 04 April 2015 00:18 UTC

Return-Path: <bascule@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0DB91A87CC for <tls@ietfa.amsl.com>; Fri, 3 Apr 2015 17:18:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HZawHKcuPfwa for <tls@ietfa.amsl.com>; Fri, 3 Apr 2015 17:18:55 -0700 (PDT)
Received: from mail-ob0-x22d.google.com (mail-ob0-x22d.google.com [IPv6:2607:f8b0:4003:c01::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F9271A87C2 for <tls@ietf.org>; Fri, 3 Apr 2015 17:18:55 -0700 (PDT)
Received: by obvd1 with SMTP id d1so188791626obv.0 for <tls@ietf.org>; Fri, 03 Apr 2015 17:18:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=41MxmRbD/j7N0oraviT+UcWDhNYS+vX5U4/3yJd+izk=; b=HQS0Z0ExT/S23Or0klyOv0cUjYCXyb29wq149ZURp0NS8yD+6qHU+YDd13e8zg/YzY M4jnsBXWu7pgo5ziFuKGhX97VoMURmsfxoG7jKT6LGjiwN9Gc/R3uTcdOmDYnwNKgpn0 7Nh1r0+7pGaPpm213MnYBavJIcj48IyEM1MZfeu7x9PFwDKQ9CedmbwV1UU1nb8S7QcK 1GEiKUHO1PpzpVHLQK74Qfv3sCtAX5ifZQtK7ey7+gFlDP8uP7GfgiDjfqqB2KaBeZGd HPIzGK7cCi5bMzO6zc/XB3N9zxtoGJvrZUrmU9cjeDSJepHkr1noeaL5NkISfdWZtwmb U/Ag==
X-Received: by 10.60.179.227 with SMTP id dj3mr5580815oec.29.1428106735103; Fri, 03 Apr 2015 17:18:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.76.166.232 with HTTP; Fri, 3 Apr 2015 17:18:34 -0700 (PDT)
In-Reply-To: <CAFewVt6jKaQh9Z-ySQJr_9PWsBvn41RNk6PNXMdouLwywn8-wA@mail.gmail.com>
References: <20150401201221.163745c2@pc1.fritz.box> <CAK9dnSyKf7AY11h1i1h+SudRc-NmTZE5wC682YKhNsxnfV5ShQ@mail.gmail.com> <CAK3OfOgPbADQ1CvOs=8T7ee6f_T+bi3F6GCdBtxufQpznzYbQA@mail.gmail.com> <201504021257.09955.davemgarrett@gmail.com> <CAOgPGoDJTcLn4j90wNu=mhCZJnb2WUuAvM5TN6KOO7RdC==qHQ@mail.gmail.com> <551DE914.4010804@nthpermutation.com> <CAFewVt6jKaQh9Z-ySQJr_9PWsBvn41RNk6PNXMdouLwywn8-wA@mail.gmail.com>
From: Tony Arcieri <bascule@gmail.com>
Date: Fri, 3 Apr 2015 17:18:34 -0700
Message-ID: <CAHOTMVLohRLPw=WwmEhqVrE91+F_nuM9Z9w0=NtzypN1J0xKoA@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Content-Type: multipart/alternative; boundary=047d7bd6b21aa5b7c10512db0286
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/rmldUMW3d9s10NEUDD_9JnPw5G0>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Ala Carte Cipher suites - was: DSA should die
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Apr 2015 00:18:57 -0000

On Fri, Apr 3, 2015 at 5:05 PM, Brian Smith <brian@briansmith.org> wrote:

> Please don't change the syntax for negotiating cipher suites. Although
> it seems like a good idea


Personally I think it's a great idea, and a pretty simple one and also an
incredibly needed one. In fact, this post and its ensuing discussion
actually made me excited about TLS 1.3:

https://mailarchive.ietf.org/arch/msg/tls/JZoIXZMRg80-tDC23kt5BL0nQaQ

If you read through the suggestions, I think a new syntax could actually be
backwards compatible in terms of computing the possibility matrix /
combinatorial explosion of all authentication and (symmetric) encryption
ciphers/ciphersuites.

I think this sort of approach sorts out a lot of collusion and confusion
(not in the Claude Shannon sense) which has been lingering in TLS for years.