Re: [TLS] SHA-3 in SignatureScheme

Benjamin Kaduk <bkaduk@akamai.com> Fri, 02 September 2016 19:11 UTC

Return-Path: <bkaduk@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4A1512B00C for <tls@ietfa.amsl.com>; Fri, 2 Sep 2016 12:11:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.248
X-Spam-Level:
X-Spam-Status: No, score=-3.248 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bwwt7da6PRzt for <tls@ietfa.amsl.com>; Fri, 2 Sep 2016 12:11:49 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (prod-mail-xrelay05.akamai.com [23.79.238.179]) by ietfa.amsl.com (Postfix) with ESMTP id 9087A126B6D for <tls@ietf.org>; Fri, 2 Sep 2016 12:11:49 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 02AE942377E; Fri, 2 Sep 2016 19:11:49 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id E01F0423753; Fri, 2 Sep 2016 19:11:48 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1472843508; bh=4L/sbdCb2AnYsPc9j5RLfgXMUQLc3pGJFSr9wr3XFR8=; l=1976; h=To:References:Cc:From:Date:In-Reply-To:From; b=yai1iJpjoZAFk9SII4E4Ht397xhLtxde2ViaSkKSyI1hB9FdJXIXE/b1lXNZ9lyOC PPB7XiLIxROy2WIoQAPlwRYVBNvwxucPjXvzmWq/xyc+ZAodrC/onsl2BRoezV+xm1 8iGy0M2G7cdB6yot6N6jfH34WhX/AXIH0Y+jHLnY=
Received: from [172.19.0.25] (bos-lpczi.kendall.corp.akamai.com [172.19.0.25]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id A1D151FC8E; Fri, 2 Sep 2016 19:11:48 +0000 (GMT)
To: Hubert Kario <hkario@redhat.com>, tls@ietf.org
References: <7755682.Cma8FBTrvx@pintsize.usersys.redhat.com> <CABcZeBOSn-JJgCYPP12wzy3TPEXBGHiCs-qZKosc_cVdwfvFuQ@mail.gmail.com> <f43ef409-0f1b-03ae-08cb-1b0f8c1d3676@akamai.com> <4536302.2GJhFoeUiN@pintsize.usersys.redhat.com>
From: Benjamin Kaduk <bkaduk@akamai.com>
Message-ID: <d977c343-43d8-c9e9-410f-4acbc8c1cfa8@akamai.com>
Date: Fri, 2 Sep 2016 14:11:48 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <4536302.2GJhFoeUiN@pintsize.usersys.redhat.com>
Content-Type: multipart/alternative; boundary="------------78C94BE35C776FB4CAADA0D8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/z8slRalma9VT2N5Mo4C0B8_qDow>
Subject: Re: [TLS] SHA-3 in SignatureScheme
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Sep 2016 19:11:51 -0000

On 09/02/2016 12:27 PM, Hubert Kario wrote:
>
> what would be the reasons not to add it now?
>

It seems that Yoav was faster than me, but the two main ones I had in
mind were:

We want the core protocol to be as small as possible while still
fulfilling its goals.  We already have extension mechanisms for adding
new ciphers, so there is no need to have another one in the core spec as
a backup [unless it's MTI].

We want to keep the number of changes down as we approach a final
version, to lower the burden of (re)review, particularly by the
cryptographers who are gracious enough to engage in analysis of the
pre-final versions.

-Ben