IETF Logo Mail Archive

Re: [TLS] Deprecate SHA1 for signatures in TLS 1.3 (was Re: TLS 1.3 draft-07 sneak peek)

Martin Thomson <martin.thomson@gmail.com> Wed, 08 July 2015 16:02 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 794C81A0151 for <tls@ietfa.amsl.com>; Wed, 8 Jul 2015 09:02:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gyZ68F_uIgYB for <tls@ietfa.amsl.com>; Wed, 8 Jul 2015 09:02:45 -0700 (PDT)
Received: from mail-yk0-x22f.google.com (mail-yk0-x22f.google.com [IPv6:2607:f8b0:4002:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8844D1A0122 for <tls@ietf.org>; Wed, 8 Jul 2015 09:02:45 -0700 (PDT)
Received: by ykee186 with SMTP id e186so11574908yke.2 for <tls@ietf.org>; Wed, 08 Jul 2015 09:02:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=UzpHPYUTkC/u+G9ECADF0WST13X7xZNz/K/qvnT1QSg=; b=WGlg1aTkBaVnrcfqMWczZirzkjAdiaueH1aXGIM+4JqojvRgms0+eJN/4deJxihIKQ mRJxb3N4TPCcCxDBoPlLLmdnJE3/+WcYJ69ZQMLH8H+bv2sgscpuuAUJd7H0Ln6lhRhA 6fCbsPvNnM5gc5TtsD7UAHU26GfmuSUlAdASsNUCqdLiY0f1o7iYJYwQaAvIE7nHpLx4 Dytr3HTEHLzd9LdBVQmAs9E0GGBdCyVXfYkjkAVmnA51Yw7IkEFIliKHD/ZAlLYlVrFF fqeXdRL4QBluwVQE72WMcMM/L0nx7TZEFo62WV1PKzHeebyMim3tljeN9GoYxni/b6/m NOKg==
MIME-Version: 1.0
X-Received: by 10.129.97.5 with SMTP id v5mr12276806ywb.56.1436371364964; Wed, 08 Jul 2015 09:02:44 -0700 (PDT)
Received: by 10.129.110.138 with HTTP; Wed, 8 Jul 2015 09:02:44 -0700 (PDT)
In-Reply-To: <a774e57216864bbebefa3b38bb65c183@ustx2ex-dag1mb2.msg.corp.akamai.com>
References: <CABcZeBOWK_WnHAefsZUBr4UyEkyiZqi1mhoZH8ZeGFftdOqTTw@mail.gmail.com> <CABcZeBMPsopxV=mu+MJAwJC6w=iuytA3ueyXKpg1QFdV=JWirw@mail.gmail.com> <201507071242.23235.davemgarrett@gmail.com> <201507071257.26088.davemgarrett@gmail.com> <CABcZeBNxW6jaf=HZFvm56K5pKeLD4GyNXOimUHUCt34r_76Vzw@mail.gmail.com> <20150707205858.GH21534@mournblade.imrryr.org> <CABkgnnXZ9HmW2BHrda3s9LMVUzZbdbdD2yKU84w2W8roycJ-xg@mail.gmail.com> <a774e57216864bbebefa3b38bb65c183@ustx2ex-dag1mb2.msg.corp.akamai.com>
Date: Wed, 08 Jul 2015 09:02:44 -0700
Message-ID: <CABkgnnXpboFmkgr37aWsNdm-OfvVwyd0jW4HHYuGMXht6=CjRA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/z57iHWOn5YwplYnm7EuKzkK_LZc>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Deprecate SHA1 for signatures in TLS 1.3 (was Re: TLS 1.3 draft-07 sneak peek)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2015 16:02:52 -0000

On 7 July 2015 at 18:55, Salz, Rich <rsalz@akamai.com> wrote:
> Agreed, nobody cares much about the client side.

I do, but only a little (we do mutual authentication for WebRTC and we
want to migrate from RSA to ECDSA certs).

v2.23.0 | Report a Bug | By Email