Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
Krzysztof Kwiatkowski <kris@amongbytes.com> Wed, 17 May 2023 18:14 UTC
Return-Path: <kris@amongbytes.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 251BCC151074 for <tls@ietfa.amsl.com>; Wed, 17 May 2023 11:14:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pH0GP4Dxofnu for <tls@ietfa.amsl.com>; Wed, 17 May 2023 11:14:03 -0700 (PDT)
Received: from 1.mo580.mail-out.ovh.net (1.mo580.mail-out.ovh.net [178.33.252.199]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AD31C14CF1A for <tls@ietf.org>; Wed, 17 May 2023 11:14:03 -0700 (PDT)
Received: from mxplan8.mail.ovh.net (unknown [10.109.146.92]) by mo580.mail-out.ovh.net (Postfix) with ESMTPS id 4394F23F55; Wed, 17 May 2023 18:14:00 +0000 (UTC)
Received: from amongbytes.com (37.59.142.108) by mxplan8.mail.ovh.net (172.16.2.1) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Wed, 17 May 2023 20:13:59 +0200
Authentication-Results: garm.ovh; auth=pass (GARM-108S002c829973d-1787-4ebf-a9fe-12e37396efb8, BD3721F6E5F8D874856713640A299BB78050613E) smtp.auth=kris@amongbytes.com
X-OVh-ClientIp: 62.30.61.232
From: Krzysztof Kwiatkowski <kris@amongbytes.com>
Message-ID: <1FF9E580-D83B-41C5-ADC6-13492051959D@amongbytes.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_EACEC6A9-ADF0-4383-B5EE-DA79BA409162"
MIME-Version: 1.0 (Mac OS X Mail 16.0 \(3731.300.101.1.3\))
Date: Wed, 17 May 2023 19:13:48 +0100
In-Reply-To: <EBBF574C-CF1C-4552-A9C8-947F070C201B@amongbytes.com>
CC: tls@ietf.org
To: Christopher Wood <caw@heapingbits.net>
References: <FBE87FDA-A407-4DC8-A2E8-F39AB475C87B@heapingbits.net> <C446C65E-924F-4927-BF53-E0B13EFC4930@heapingbits.net> <EBBF574C-CF1C-4552-A9C8-947F070C201B@amongbytes.com>
X-Mailer: Apple Mail (2.3731.300.101.1.3)
X-Ovh-Tracer-GUID: 17124f96-8108-4988-b098-534f65a177fb
X-Ovh-Tracer-Id: 1830431777811578778
X-VR-SPAMSTATE: OK
X-VR-SPAMSCORE: 0
X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedvhedrfeeiuddguddvvdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecunecujfgurhephffktgggufffjgevvfhfofesrgdtmherhhdtjeenucfhrhhomhepmfhriiihshiithhofhcumfifihgrthhkohifshhkihcuoehkrhhishesrghmohhnghgshihtvghsrdgtohhmqeenucggtffrrghtthgvrhhnpeejgefgkeejteeltdefuefhgeevudellefgkefggeekfeeihfdvkefhheelffdvleenucffohhmrghinhepihgvthhfrdhorhhgnecukfhppedtrddtrddtrddtpdeivddrfedtrdeiuddrvdefvddpfeejrdehledrudegvddruddtkeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhhouggvpehsmhhtphhouhhtpdhhvghlohepmhigphhlrghnkedrmhgrihhlrdhovhhhrdhnvghtpdhinhgvtheptddrtddrtddrtddpmhgrihhlfhhrohhmpehkrhhishesrghmohhnghgshihtvghsrdgtohhmpdhnsggprhgtphhtthhopedupdhrtghpthhtohepthhlshesihgvthhfrdhorhhgpdfovfetjfhoshhtpehmohehkedt
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/w-YL38Pu7ASbm4mwvPiK7zTz2zs>
Subject: Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 May 2023 18:14:06 -0000
Sorry, quick clarification - it’s Panos and myself who prepared, not just me. (Thanks Panos for your help!) > On 17 May 2023, at 19:11, Krzysztof Kwiatkowski <kris@amongbytes.com> wrote: > > Hi, > > Can we get another code point for P256+Kyber768? Following Bas’s draft, I’ve prepared similar one: > https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-kyber/ > > The goals of having those are: > * Be able to experiment with flows in which FIPS-approved curves are used > * Some HW based solutions simply don’t have X25519, adding it to resource constrained devices > is kind of problematic and reusing ECDHE/P-256 already provided in HW seems to simplify > migration. > > Kind regards, > Kris > >> On 1 May 2023, at 10:58, Christopher Wood <caw@heapingbits.net> wrote: >> >> It looks like we have consensus for this strategy. We’ll work to remove codepoints from draft-ietf-tls-hybrid-design and then get experimental codepoints allocated based on draft-tls-westerbaan-xyber768d00. >> >> Best, >> Chris, for the chairs >> >>> On Mar 28, 2023, at 9:49 PM, Christopher Wood <caw@heapingbits.net> wrote: >>> >>> As discussed during yesterday's meeting, we would like to assess consensus for moving draft-ietf-tls-hybrid-design forward with the following strategy for allocating codepoints we can use in deployments. >>> >>> 1. Remove codepoints from draft-ietf-tls-hybrid-design and advance this document through the process towards publication. >>> 2. Write a simple -00 draft that specifies the target variant of X25519+Kyber768 with a codepoint from the standard ranges. (Bas helpfully did this for us already [1].) Once this is complete, request a codepoint from IANA using the standard procedure. >>> >>> The intent of this proposal is to get us a codepoint that we can deploy today without putting a "draft codepoint" in an eventual RFC. >>> >>> Please let us know if you support this proposal by April 18, 2023. Assuming there is rough consensus, we will move forward with this proposal. >>> >>> Best, >>> Chris, Joe, and Sean >>> >>> [1] https://datatracker.ietf.org/doc/html/draft-tls-westerbaan-xyber768d00-00 >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Consensus call on codepoint strategy for dr… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Patton
- Re: [TLS] Consensus call on codepoint strategy fo… Richard Barnes
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Loganaden Velvindron
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Hubert Kario
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Scott Fluhrer (sfluhrer)
- Re: [TLS] Consensus call on codepoint strategy fo… Watson Ladd
- Re: [TLS] Consensus call on codepoint strategy fo… John Mattsson
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Kampanakis, Panos
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Ilari Liusvaara
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski