Re: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448

David Benjamin <davidben@chromium.org> Tue, 19 January 2016 18:00 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 207731B33C4 for <tls@ietfa.amsl.com>; Tue, 19 Jan 2016 10:00:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A6R2NcwXL17V for <tls@ietfa.amsl.com>; Tue, 19 Jan 2016 10:00:51 -0800 (PST)
Received: from mail-io0-x236.google.com (mail-io0-x236.google.com [IPv6:2607:f8b0:4001:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A90811B329C for <tls@ietf.org>; Tue, 19 Jan 2016 10:00:51 -0800 (PST)
Received: by mail-io0-x236.google.com with SMTP id q21so589601717iod.0 for <tls@ietf.org>; Tue, 19 Jan 2016 10:00:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-type; bh=rAa5ZnCKxtUdGZMcyZYf5bARnZU8wvAgkxVGMx2SWOY=; b=f6KbvCMSYXTG10YtO4QOqUxPaZCku4RL+FI8EG9k+Og58wUVUXKj2baEWXvYYHODUP ZBqAEEQXMzk2/gVIJQZxt7EF75IHXY2bNzla5MJvOyCPdYRjoCFCn2b9oUuCiMsKY5Zg EiFeXfRKyNpjARq3tfP87MiaaHHD8/aIytJSQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-type; bh=rAa5ZnCKxtUdGZMcyZYf5bARnZU8wvAgkxVGMx2SWOY=; b=CnzvjW6Hhjn/0lhTyYgnQa62rh/TS0TcdO1lFoXeM15XpA9TkMYWNCOyL1WZ/w0gUM 2mARR9bXlDHLwJtlM0EHKO+n2YBgLcANyFbNM2bILlOPanznjv3r2tEIs1/TAfZpdSrq xsSzTAXI3V7VabPpyn1+wA5PM7VJMzcSFwfnezvW6lVo+Vd2fPp2bqB3vra2LdAZs/IU aOnMbku4kyioa/hBdfg5SsjzifKigdX9GKyCRqUZdGrFVU4oN4v4TA3A9dd7d8IfpQps z67Ev335f4265nlcL10UghDYH9nptgXxoOaUtt83OToutYLsu5V/p98ptAEYnytaF5AB GAbw==
X-Gm-Message-State: ALoCoQnskR0FSiQPRaa1VqUD/7XGAkkTacWUCzqW8tS5rjSwd9sSNMnAOKIO58LglC/haMMJvGskWr8nTW5TmC8minM6ERg0UTx96l71tMLVR5y1O5ZGbqs=
X-Received: by 10.107.30.15 with SMTP id e15mr27625355ioe.166.1453226450934; Tue, 19 Jan 2016 10:00:50 -0800 (PST)
MIME-Version: 1.0
References: <39175FA5-0D33-43FC-B315-372A0C62B08C@tableau.com> <20160112202611.187f8263@latte.josefsson.org> <3B7B953C-C6B4-433A-A645-AA26446472B8@gmail.com> <20160112213145.GA17156@LK-Perkele-V2.elisa-laajakaista.fi> <EC2DC5C0-1E4D-4FD8-AB1A-4FC6BDF4ED36@isode.com> <CAOgPGoBMJKTijFmzsjYHxBCBJN-f+zfk5PCcwGGuo8XZPnHX6g@mail.gmail.com> <8737u0gpm5.fsf@latte.josefsson.org> <CAFewVt7BNa_esNuYR14GvV=Wf1amRPX7LaTp0tiipAogJZvzOA@mail.gmail.com> <CAOgPGoBtOXiAdwV-JVueLE+0uLt-Ch+V+Pz-+SUMuGNdOhLEJg@mail.gmail.com>
In-Reply-To: <CAOgPGoBtOXiAdwV-JVueLE+0uLt-Ch+V+Pz-+SUMuGNdOhLEJg@mail.gmail.com>
From: David Benjamin <davidben@chromium.org>
Date: Tue, 19 Jan 2016 18:00:40 +0000
Message-ID: <CAF8qwaB9=tqCj2htDfO7-3QeSTqTF_jq04j3t7FY8Jc8yYVaGA@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>, Brian Smith <brian@briansmith.org>
Content-Type: multipart/alternative; boundary=001a1140c900632b290529b3a6a6
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/tNZhEH1tT5UIIao-BjbI0jG6GJo>
Cc: Adam Langley <agl@imperialviolet.org>, Simon Josefsson <simon@josefsson.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jan 2016 18:00:53 -0000

BoringSSL has a pair of implementations ready (in C and in our fork of Go's
TLS stack for testing). We're using the value in the TLS 1.3 draft, so 29.
It's not currently enabled in any Chrome builds, but I'm expecting to
change this soon.

David

On Tue, Jan 19, 2016 at 12:54 PM Joseph Salowey <joe@salowey.net>; wrote:

> Any objections to early allocation for X25519 and X448?  Are there
> implementers with code ready to test interop?
>
> Thanks,
>
> Joe
>
> On Thu, Jan 14, 2016 at 3:22 PM, Brian Smith <brian@briansmith.org>; wrote:
>
>> Simon Josefsson <simon@josefsson.org>; wrote:
>>
>>> Allocating a code point for X25519 could be done and is long overdue
>>> (first draft September 2013).  X448 is also stable.  Code points for
>>> Ed25519 and Ed448 is more problematic since TLS authentication has
>>> historically had interaction with PKIX certs.  I agree with Yoav's
>>> assertion that the curve point verification issue is not big enough to
>>> stall code point allocation.
>>
>>
>> I agree with this.
>>
>> Cheers,
>> Brian
>>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>