Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_xxx_GCM_SHAxxx

Nico Williams <nico@cryptonector.com> Thu, 13 March 2014 19:30 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F25201A0977 for <tls@ietfa.amsl.com>; Thu, 13 Mar 2014 12:30:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.044
X-Spam-Level:
X-Spam-Status: No, score=-1.044 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W_RrER0JyPl6 for <tls@ietfa.amsl.com>; Thu, 13 Mar 2014 12:30:06 -0700 (PDT)
Received: from homiemail-a112.g.dreamhost.com (agjbgdcfdbfb.dreamhost.com [69.163.253.151]) by ietfa.amsl.com (Postfix) with ESMTP id 3DFD21A066A for <tls@ietf.org>; Thu, 13 Mar 2014 12:30:06 -0700 (PDT)
Received: from homiemail-a112.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a112.g.dreamhost.com (Postfix) with ESMTP id E153B2007E623 for <tls@ietf.org>; Thu, 13 Mar 2014 12:29:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=c7WGjiReANZGRMhfTM0z ziRbQIw=; b=AZiiuyFxoA043nZ7Cgw1TNlno81/iaDCOAe3eNwqqS/xbWHVJtex 4+LbtId8w+EamvN2ToQdKgCcDEKSExLNhHByNJPdvgv++iWGAHPtqdSvx+xNy+19 2TjyMKLhYXlUagwxyVT5bEAzUr2oAgM+v1KsAl/PS30W103QrfUJLak=
Received: from mail-we0-f178.google.com (mail-we0-f178.google.com [74.125.82.178]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a112.g.dreamhost.com (Postfix) with ESMTPSA id 95F652007E621 for <tls@ietf.org>; Thu, 13 Mar 2014 12:29:59 -0700 (PDT)
Received: by mail-we0-f178.google.com with SMTP id u56so1250928wes.23 for <tls@ietf.org>; Thu, 13 Mar 2014 12:29:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=MvhAw5ufPLTmPW4OR8lrmshEytH/Z8E7ic/DNxgeAQg=; b=huvAobnhbwWS5kRjhWb3mEclD2qQCeooTs9kMPGo3sLjFbzg/LPc6evx/d0F+jQfBD mYUnVgykiuisNxSrKlnPeHgrMgpfrFYt8wfXzXszzzi6yEpzT5J7IjFtjTW7QlUM2/7b +RJAGESy+vRlRMYX6kRbbHXEe6fAhWqnkC0N+h0A05zEclHi4iAvULlewoKeJvOufmAJ xJZ/SS1g7nTFmrsB1W54XB1F5JIeS5SN/dGvg6IgdNlYztJjAkS5l3ibXUdxAQtX04sv TgfJ4LVa316nCQDS/IfDrD0zC6j5Qfw5zCEpX7e2oW/DDcNFyCB72HpypMlXRM8e8tr2 SFTw==
MIME-Version: 1.0
X-Received: by 10.194.84.240 with SMTP id c16mr118716wjz.95.1394738998441; Thu, 13 Mar 2014 12:29:58 -0700 (PDT)
Received: by 10.216.199.6 with HTTP; Thu, 13 Mar 2014 12:29:58 -0700 (PDT)
In-Reply-To: <20140313192345.5F4D91AC4A@ld9781.wdf.sap.corp>
References: <5321FAB1.2070309@gmail.com> <20140313192345.5F4D91AC4A@ld9781.wdf.sap.corp>
Date: Thu, 13 Mar 2014 14:29:58 -0500
Message-ID: <CAK3OfOgCF_Mm6z1oR7k9=HFN2UyV1-xCK=GdfMYKNbiP4BfQaA@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: "mrex@sap.com" <mrex@sap.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/vuDLwCzlnJbO_fEHUDHHPi0ugHY
Cc: Manuel Pégourié-Gonnard <mpg@polarssl.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_xxx_GCM_SHAxxx
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Mar 2014 19:30:07 -0000

On Thu, Mar 13, 2014 at 2:23 PM, Martin Rex <mrex@sap.com> wrote:
> I strongly frown upon the idea of resurrecting DH_anon cipher suites
> from their cold grave, let alone adding new cruft.

OK, but do you oppose it, and if so, on what grounds?  Frowning is not
really part of the consensus process :)

> Generate Server Keys on the fly just like SSH does.  Resurrecting
> DH_anon turns an initial-leap-of-faith into eternal-leaps-of-faith.

And if I want to renegotiate inside the tunnel?  Why must I pay for
extra crypto just because you frown?

Nico
--