[TLS]Re: Curve-popularity data?
David Adrian <davadria@umich.edu> Mon, 03 June 2024 14:17 UTC
Return-Path: <davadria@umich.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECCFBC18DB96 for <tls@ietfa.amsl.com>; Mon, 3 Jun 2024 07:17:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.393
X-Spam-Level:
X-Spam-Status: No, score=-4.393 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LpR5TaBTQIR0 for <tls@ietfa.amsl.com>; Mon, 3 Jun 2024 07:17:37 -0700 (PDT)
Received: from gleeful-pwyll.relay-egress.a.mail.umich.edu (relay-egress-host.us-east-2.a.mail.umich.edu [18.219.209.13]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4E5EC14F6BF for <tls@ietf.org>; Mon, 3 Jun 2024 07:17:36 -0700 (PDT)
Received: from admiring-ellyllon.authn-relay.a.mail.umich.edu (ip-10-0-73-89.us-east-2.compute.internal [10.0.73.89]) by gleeful-pwyll.relay-egress.a.mail.umich.edu with ESMTPS id 665DD07F.1D047BF0.544EEBEA.4129569; Mon, 03 Jun 2024 10:17:35 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=relay-2018-08-29; t=1717424255; bh=zJ1NNcGkjJdkGafohj04mqC+o82qlDDGRK6l3w+Ck0Q=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=O8+Zay7l0ma30LLFYjxdBqO0idBe7F+9cCOcxriA7+5rj4XgPmCz1RZbMioPZZIMd HBtxknHPVFH5hLN4k0q/KzDvXreFj3hwh5g6Qlu9BfpeyZu4cRHhfhICI+jOM8sZwW iupuRLOSavFEOLPCv5x3Kn/rQxwpq4wZJvdUx14l7QHZnSJfTTnwMAJMBmw3fwrX5A v3aO87T+tX/vGQfuAGLblhYo62t0cJqvFSvbucaAtnHPYkRR6dnMic7et/D5VBrZ4p 96D4BoF0nYXErCoxfouAy4ScWKWlsmqytQjiregqRHTVgjap2NXb7YvUyOOhTV/c9Q /nwNHP/wFDjDw==
Authentication-Results: admiring-ellyllon.authn-relay.a.mail.umich.edu; iprev=pass policy.iprev=209.85.160.53 (mail-oa1-f53.google.com); auth=pass smtp.auth=davadria
Received: from mail-oa1-f53.google.com (mail-oa1-f53.google.com [209.85.160.53]) by admiring-ellyllon.authn-relay.a.mail.umich.edu with ESMTPSA id 665DD07F.1D5144E.1EDFC279.1859999; Mon, 03 Jun 2024 10:17:35 -0400
Received: by mail-oa1-f53.google.com with SMTP id 586e51a60fabf-250c103faf0so906965fac.3 for <tls@ietf.org>; Mon, 03 Jun 2024 07:17:35 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCVHwoiq3VV5dJD1BRaKYw7n2vYiufqdMpmEjLQpt+O8EIco7e0YxixdIFY0cRbppXCt9S0qkaJiKlE+RCo=
X-Gm-Message-State: AOJu0YxXEduWzKbYVXXLKF8YKOpwqSyMoTjZUX7bK47Hxqn451Apgbiw TW1icjHvIMOpXlC0JLNnTAbXJf8icsLb3fkdngBXYwWjHNqzKHQFCSR5arYG4ZzS0BqL6SspD9Y utFY7D8J9aCxzXZuiLRjUzA2yex0=
X-Google-Smtp-Source: AGHT+IEX9LNENOkU0FUuKufU2GxY1486K4eyz5IqjH86iTP76tVdOWnTl/XH2naaADi/mfZ66S7AvIxiaDVS5ngS7J4=
X-Received: by 2002:a05:6871:b07:b0:250:7d25:b3b7 with SMTP id 586e51a60fabf-2508c1b8a55mr10311761fac.53.1717424253788; Mon, 03 Jun 2024 07:17:33 -0700 (PDT)
MIME-Version: 1.0
References: <20240602184735.362461.qmail@cr.yp.to> <b1183054-5711-4fea-bd5f-4c1794cefd6e@app.fastmail.com> <CAMjbhoW2NnRBYhRYDP4urLfNAfv=Bvdo2r9re+Fo-r=FxqSVWw@mail.gmail.com> <d6bdfeb0-b9aa-4a32-8007-c46716ca3475@app.fastmail.com> <422A67BC-E251-499D-A331-E18BBC1F3971@akamai.com> <CAMjbhoXuB_QDbCb6wKE+b6t6JkHEjKrYMaQz2-zJx01gZ0P1rA@mail.gmail.com> <d485b1c3-823f-4b95-a42e-d243df0d678e@app.fastmail.com>
In-Reply-To: <d485b1c3-823f-4b95-a42e-d243df0d678e@app.fastmail.com>
From: David Adrian <davadria@umich.edu>
Date: Mon, 03 Jun 2024 10:17:22 -0400
X-Gmail-Original-Message-ID: <CACf5n78jR2jY_PkjHXOLBxEF8D3om66y9aZcsRzOQue_ZBUFHw@mail.gmail.com>
Message-ID: <CACf5n78jR2jY_PkjHXOLBxEF8D3om66y9aZcsRzOQue_ZBUFHw@mail.gmail.com>
To: Filippo Valsorda <filippo@ml.filippo.io>
Content-Type: multipart/alternative; boundary="0000000000009382430619fcfee1"
Message-ID-Hash: E7JKBKONRUIK66YLQLULSLHEQGYC5IUS
X-Message-ID-Hash: E7JKBKONRUIK66YLQLULSLHEQGYC5IUS
X-MailFrom: davadria@umich.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Curve-popularity data?
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vWAEg7E3jeLZjLABVaMVLR0flX4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
I don't really see why popularity of previous methods is relevant to
picking what the necessarily new method will be is, but from the
perspective of Chrome on Windows, across all ephemeral TCP TLS (1.2 and
1.3, excluding 1.2 RSA), the breakdown is roughly:
15% P256
3% P384
56% X25519
26% X25519+Kyber
On Mon, Jun 3, 2024 at 10:05 AM Filippo Valsorda <filippo@ml.filippo.io>
wrote:
> 2024-06-03 15:34 GMT+02:00 Bas Westerbaan <bas@cloudflare.com>:
>
> More importantly, there are servers that will HRR to X25519 if presented a
> P-256 keyshare. (Eg. BoringSSL's default behaviour.) Unfortunately I don't
> have data at hand how often that happens.
>
>
> Are you saying that some of the 97.6% of servers that support P-256 still
> HRR to X25519 if presented a P-256 keyshare and a {P-256, X25519} supported
> groups list, and that's BoringSSL's default behavior? I find that very
> surprising and would be curious about the rationale.
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>
- [TLS]Re: Curve-popularity data? Filippo Valsorda
- [TLS]Re: Curve-popularity data? Loganaden Velvindron
- [TLS]Re: Curve-popularity data? Salz, Rich
- [TLS]Re: Curve-popularity data? Salz, Rich
- [TLS]Re: Curve-popularity data? Bas Westerbaan
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: Curve-popularity data? Martin Thomson
- [TLS]Re: Curve-popularity data? Dennis Jackson
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? David Adrian
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Salz, Rich
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Loganaden Velvindron
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: Curve-popularity data? Nick Harper
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Dennis Jackson
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? Martin Thomson
- [TLS]Re: Curve-popularity data? David Adrian
- [TLS]Re: Curve-popularity data? Filippo Valsorda
- [TLS]Re: Curve-popularity data? Loganaden Velvindron
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Richard Barnes
- [TLS]Re: Curve-popularity data? Kampanakis, Panos
- [TLS]Re: Curve-popularity data? A A
- [TLS]Re: Curve-popularity data? Salz, Rich
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: Curve-popularity data? Mike Shaver
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: Curve-popularity data? Filippo Valsorda
- [TLS]Re: Curve-popularity data? Bas Westerbaan
- [TLS]Re: Curve-popularity data? Bas Westerbaan
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: Curve-popularity data? Björn Haase
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Bas Westerbaan
- [TLS]Re: Curve-popularity data? Sean Turner
- [TLS]Re: Curve-popularity data? Andrei Popov
- [TLS]HRR support (was something else) Martin Thomson
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Richard Barnes
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: HRR support (was something else) Bob Beck
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: HRR support (was something else) Rob Sayre
- [TLS]Re: Curve-popularity data? A A
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: Is NIST actually prohibiting X25519? Richard Barnes
- [TLS]Re: HRR support (was something else) Watson Ladd
- [TLS]Re: [EXT] Re: Is NIST actually prohibiting X… Blumenthal, Uri - 0553 - MITLL
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Scott Fluhrer (sfluhrer)
- [TLS]Re: Curve-popularity data? A A
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: Curve-popularity data? A A
- [TLS]Re: Curve-popularity data? Scott Fluhrer (sfluhrer)
- [TLS]Re: [EXTERNAL] Curve-popularity data? Hubert Kario
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? Andrei Popov
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Blumenthal, Uri - 0553 - MITLL
- [TLS]Re: HRR support (was something else) Nick Harper
- [TLS]Re: Curve-popularity data? Scott Fluhrer (sfluhrer)
- [TLS]Re: Curve-popularity data? Kampanakis, Panos
- [TLS]Re: HRR support (was something else) Martin Thomson
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? Filippo Valsorda
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? Ilari Liusvaara
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Filippo Valsorda
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Is NIST actually prohibiting X25519? D. J. Bernstein
- [TLS]Re: [EXT] Re: Is NIST actually prohibiting X… John Mattsson
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? William.Layton@cyber.nsa.gov
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? John Mattsson
- [TLS]Re: HRR support (was something else) Peter Gutmann
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Richard Barnes
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: Curve-popularity data? Dennis Jackson
- [TLS]Re: [EXTERNAL] Curve-popularity data? Hubert Kario
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: Curve-popularity data? Sophie Schmieg
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: Curve-popularity data? Richard Barnes
- [TLS]Re: HRR support (was something else) Joseph Birr-Pixton
- [TLS]Re: Curve-popularity data? Salz, Rich
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Watson Ladd
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Stephen Farrell
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Scott Fluhrer (sfluhrer)
- [TLS]Re: Curve-popularity data? Robert Relyea
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: [EXTERNAL] Curve-popularity data? John Mattsson
- [TLS]Re: HRR support (was something else) Rob Sayre
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: Curve-popularity data? Dennis Jackson
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Stephen Farrell
- [TLS]Re: Curve-popularity data? Peter Gutmann
- [TLS]Re: Curve-popularity data? Bas Westerbaan
- [TLS]Re: HRR support (was something else) Syed Suleman Ahmad
- [TLS]Re: Curve-popularity data? Björn Haase
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: Curve-popularity data? Sophie Schmieg
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? John Mattsson
- [TLS]Re: Curve-popularity data? D. J. Bernstein
- [TLS]Re: Curve-popularity data? Hubert Kario
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Andrei Popov
- [TLS]Re: [EXTERNAL] Re: Curve-popularity data? Eric Rescorla
- [TLS]Re: HRR support (was something else) Peter Gutmann