Re: [TLS] Call for WG adoption draft-josefsson-tls-curve25519

Yoav Nir <ynir.ietf@gmail.com> Wed, 20 May 2015 21:49 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 893A71A92AE for <tls@ietfa.amsl.com>; Wed, 20 May 2015 14:49:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K4CLzawo8KSG for <tls@ietfa.amsl.com>; Wed, 20 May 2015 14:49:02 -0700 (PDT)
Received: from mail-wi0-x242.google.com (mail-wi0-x242.google.com [IPv6:2a00:1450:400c:c05::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B2991A8AD1 for <tls@ietf.org>; Wed, 20 May 2015 14:49:02 -0700 (PDT)
Received: by wibbw19 with SMTP id bw19so7492307wib.2 for <tls@ietf.org>; Wed, 20 May 2015 14:49:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=Me2OHsMzBgaP9BnDQECC/wruPQZMQ9fC4ud/Cf6RyJs=; b=vB5nJaJo61vNW70UbFRAZ0/9R1/xvNVWjqdbP4dKw/3fzbRik91BpP3pxs5TdTaenU Ao9TT6Ir6nHTnLJzRhpxpCafyJP0AhJrTXMuB5mYV0gDJlPU8hAie0nRkhupBnfgW2Fx hxoRcYqbu7Rb3q1wIHwTWJzRbsEGpKGkGJEt8PxKIb03Ti7ZbzhvHnWv9ZdjgzYqoDAl Wjq3jABgnkd94blCi1jYLG1rF6zEgJqp3kFn2MHbr3PYZHD1yFxoaQXOPJcsN8y0nr7s 2GNcRjXvFvWhXnPwl4GvZPJOfeF3PS28fI56TXKEK8jDiokwZL43h+2BQ1I+Qx7vP0lz q4HQ==
X-Received: by 10.180.160.228 with SMTP id xn4mr13632wib.62.1432158541011; Wed, 20 May 2015 14:49:01 -0700 (PDT)
Received: from [192.168.1.17] ([46.120.13.132]) by mx.google.com with ESMTPSA id i6sm28850305wjf.29.2015.05.20.14.48.59 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 20 May 2015 14:48:59 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_BF89D4DC-DFDB-4118-94B1-6E6FBD873EBF"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CABcZeBNUh4RfiXGYppiX=FkpQVtvZBBp41e6Kc7_Mp905whS5g@mail.gmail.com>
Date: Thu, 21 May 2015 00:48:57 +0300
Message-Id: <BF6FA7C6-D357-45B0-B16B-40D01448F09A@gmail.com>
References: <CAOgPGoBB7tX58DdXCJDB9Qa_9jSbZ4Ks_zO20ni4m3EOOTR6jg@mail.gmail.com> <CABcZeBNUh4RfiXGYppiX=FkpQVtvZBBp41e6Kc7_Mp905whS5g@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/xo0sxwea9H7izULGQuXsT-wVOAM>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Call for WG adoption draft-josefsson-tls-curve25519
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 21:49:04 -0000

Me too.

I notice that while the draft doesn’t say that explicitly, it uses existing *_ECDHE_* ciphersuites, so that no new ciphersuites are required, despite the fact that this ECDHE has different point formats and different back-end math than the existing ECDHE.  I wonder if we can also get away with using *ECDSA* ciphersuites for EdDSA signatures.

Yoav

> On May 20, 2015, at 6:50 PM, Eric Rescorla <ekr@rtfm.com>; wrote:
> 
> I am in favor of adopting this draft.
> 
> -Ekr
> 
> 
> On Wed, May 20, 2015 at 8:47 AM, Joseph Salowey <joe@salowey.net <mailto:joe@salowey.net>> wrote:
> This is the WG call for adoption of:
> 
> https://www.ietf.org/archive/id/draft-josefsson-tls-curve25519-06.txt <https://www.ietf.org/archive/id/draft-josefsson-tls-curve25519-06.txt>
> 
> This draft specifies the use of Curve25519 for ephemeral key exchange in the TLS and DTLS.  This draft serves as the starting point (it’s expired and needs to be updated in light of http://datatracker.ietf.org/doc/draft-irtf-cfrg-curves/ <http://datatracker.ietf.org/doc/draft-irtf-cfrg-curves/>).  If you object to the adoption of this draft, please let us know why by 20150602.
> 
> Note: We’re not doing an early code point assignment for this draft, because it clearly needs to resurrected and tweaked.  Once that happens, there’s nothing stopping a request from the authors for an early code point assignment.
> 
> Thanks,
> 
> J/S