Re: [TLS] Ala Carte Cipher suites - was: DSA should die

Brian Smith <> Sat, 04 April 2015 00:05 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 104D71ACE04 for <>; Fri, 3 Apr 2015 17:05:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id kAPfqvtvsIIX for <>; Fri, 3 Apr 2015 17:05:04 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6D8B41ACDFA for <>; Fri, 3 Apr 2015 17:05:04 -0700 (PDT)
Received: by obbfy7 with SMTP id fy7so103112251obb.2 for <>; Fri, 03 Apr 2015 17:05:04 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=IRVSL+sTO/ezH0jwe1+QdTQ4iYctgYZ6h2ktWnkaW4I=; b=WwCPoOFXMlO+49c+gxydk3dq5/ld8orCKOoVaeo95z/LqrPJn578kVBGOw8aUvd43g FobiVoR1uNed4d5OR3e6QQAGk35hXbNJzex6LH5o4Th2I9MjVvHK25qCZ8C4HckT1FyR 4zk8i7BzUyGR7zBiTLPY8nc+ANXNgzS7hN645FhxWxrJdfBUXMNbGbL29yMVXNlqUleo 4G7sMNZz2jGumMvuvHEoLS1zZc6gxLKHxy+WwyUHX3VwvGhrqffxe6Aa1/BYntkIXxc5 Z6xcV3ANcpsqE3D5WqUuPL+eo3u3eObE7YpHMUyfzv3tlA9T9FbS6wYr8BP1AjsCJuS3 nD0g==
X-Gm-Message-State: ALoCoQk3iMtUUEG1DUVBj1x7WE3DZkiTsUlFHZ22YR8+s+nfYPzijCRPs80ij/5e2b1un9Udo+cN
MIME-Version: 1.0
X-Received: by with SMTP id e10mr5678532oey.85.1428105903995; Fri, 03 Apr 2015 17:05:03 -0700 (PDT)
Received: by with HTTP; Fri, 3 Apr 2015 17:05:03 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <>
Date: Fri, 3 Apr 2015 14:05:03 -1000
Message-ID: <>
From: Brian Smith <>
To: Michael StJohns <>
Content-Type: text/plain; charset=UTF-8
Archived-At: <>
Cc: "<>" <>
Subject: Re: [TLS] Ala Carte Cipher suites - was: DSA should die
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 04 Apr 2015 00:05:06 -0000

Please don't change the syntax for negotiating cipher suites. Although
it seems like a good idea to try to make things simpler conceptually
by negotiating the different components of the cipher suite
differently, it would take a lot of effort to standardize a new way of
doing things. I don't think the current mechanism is problematic
enough (at all, really) to justify that effort. Also, any new
mechanism is going to make any implementation more complicated--and
thus more more-prone--if it also has to support older versions of TLS.
Again, I don't think that extra complication is warranted.

Finally, there are a lot of reasons to avoid wasting bytes in the
ClientHello message, for improved compatibility. Having two cipher
suite negotiation mechanisms in the ClientHello, one for TLS 1.3+ and
one for earlier versions, would likely be counter to that goal.