Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]

Michael Hamburg <mike@shiftleft.org> Mon, 01 June 2015 18:33 UTC

Return-Path: <mike@shiftleft.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A3A01B30E8 for <tls@ietfa.amsl.com>; Mon, 1 Jun 2015 11:33:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.955
X-Spam-Level: **
X-Spam-Status: No, score=2.955 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_NET=0.311, RDNS_DYNAMIC=0.982, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n_YCeeKqZBXD for <tls@ietfa.amsl.com>; Mon, 1 Jun 2015 11:33:47 -0700 (PDT)
Received: from aspartame.shiftleft.org (199-116-74-168-v301.PUBLIC.monkeybrains.net [199.116.74.168]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF46A1B30D3 for <tls@ietf.org>; Mon, 1 Jun 2015 11:33:43 -0700 (PDT)
Received: from [172.20.10.9] (unknown [166.170.39.238]) by aspartame.shiftleft.org (Postfix) with ESMTPSA id 89908F211E; Mon, 1 Jun 2015 11:31:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=shiftleft.org; s=sldo; t=1433183523; bh=Xk1kfa8M/IYOZ9h0Zx+p/pE1gPFwqX3+YCBp4NOhcCA=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=DfxJTWSMZjmUhuFmHD1NlVCmQhVnHFOSQ24jG59ndyGL6NsiHYXGyS5RklgBPg/xI ZF0ky9FxZiIVOUFbGjizv220ERAGgXD4wbyAIyXEQijl29A7occkBEZZo5dEcobqs5 qBPaAnGU88wD47cNcuzzHd6NaXYJ9S5FpUN5qNQ8=
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2100\))
From: Michael Hamburg <mike@shiftleft.org>
In-Reply-To: <87pp5fe3t5.fsf@alice.fifthhorseman.net>
Date: Mon, 1 Jun 2015 11:33:16 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <B3BFF8C9-CA17-4ED6-8829-DA0F1B570653@shiftleft.org>
References: <556C4ACD.9040002@azet.org> <CABcZeBNsYmto4F-J0mFoxcq-qfL=NJrvDu67fyY9bpBmRp16mQ@mail.gmail.com> <556C51FC.807@azet.org> <87pp5fe3t5.fsf@alice.fifthhorseman.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
X-Mailer: Apple Mail (2.2100)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/xJ_Z6M-sxNk-l_sni8gn7SQWILM>
Cc: Phillip Rogaway <rogaway@cs.ucdavis.edu>, TLS Mailing List <tls@ietf.org>, Charanjit Jutla <csjutla@us.ibm.com>
Subject: Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 18:33:48 -0000

> On Jun 1, 2015, at 10:28 AM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> 
> On Mon 2015-06-01 08:37:16 -0400, Aaron Zauner wrote:
>> Firstly, as far as I know it's also quite difficult to get ECDSA
>> certificates in the wild. Has this changed significantly over the past
>> couple of months?
> 
> I've heard this claim in the past, but i'm not sure what it is based on.
> AFAICT, there are several public CAs who are happy to issue ECDSA
> certificates if you ask them for them.
> 
> In November 2014, i managed to get one from Comodo (or a Comodo
> reseller, i can't keep all the "imprints" and "branding" straight) and
> it took about 20 minutes from start to finish.
> 
> Can you describe how you have tried to get an ECDSA cert, and how those
> attempts failed?
> 
>             --dkg


I tried to get one from Comodo about a year ago.  It wasn’t advertised on their website but I asked one of their tech support folks.  They said that it was an experimental feature for business customers only, and would cost me something like $600.  I don’t remember if that was a 1-year or 3-year cert.

I looked at Verisign’s catalog as well, and it was labeled as an enterprise feature with an even higher price tag.  Low thousands I think.  I asked the guys at BaySec and they said that this was the shape of the market at that time.

I also looked at StartSSL.  They are free, but only offer RSA certs.  I mostly wanted ECDSA for performance on a super slow home server, and I figured $600 in hardware upgrades would go a lot further than $600 in certs.

Anyway you can get ECDSA certs relatively easily, but not cheaply; or at least, that’s how it was a year ago.

— Mike