Re: [Cfrg] Using ED25519 in SSHFP Resource Records - draft-moonesamy-sshfp-ed25519-01
Alyssa Rowan <akr@akr.io> Tue, 01 April 2014 18:01 UTC
Return-Path: <akr@akr.io>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 078F41A09B8 for <cfrg@ietfa.amsl.com>; Tue, 1 Apr 2014 11:01:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zdyMuL8NVeTO for <cfrg@ietfa.amsl.com>; Tue, 1 Apr 2014 11:01:48 -0700 (PDT)
Received: from entima.net (entima.net [78.129.143.175]) by ietfa.amsl.com (Postfix) with ESMTP id 39FAF1A09B7 for <cfrg@irtf.org>; Tue, 1 Apr 2014 11:01:47 -0700 (PDT)
Received: from [10.10.42.10] (cpc5-derb12-2-0-cust796.8-3.cable.virginm.net [82.31.91.29]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by entima.net (Postfix) with ESMTPSA id 16E0A60AF8 for <cfrg@irtf.org>; Tue, 1 Apr 2014 19:01:43 +0100 (BST)
Message-ID: <533AFF0F.6070705@akr.io>
Date: Tue, 01 Apr 2014 19:01:51 +0100
From: Alyssa Rowan <akr@akr.io>
MIME-Version: 1.0
To: cfrg@irtf.org
References: <533AFA44.3070208@akr.io>
In-Reply-To: <533AFA44.3070208@akr.io>
X-Forwarded-Message-Id: <533AFA44.3070208@akr.io>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/FHAmCKCmZlQK59_RG4AOpjxwXR4
Subject: Re: [Cfrg] Using ED25519 in SSHFP Resource Records - draft-moonesamy-sshfp-ed25519-01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Apr 2014 18:01:53 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 01/04/2014 17:32, S Moonesamy wrote: > It would help if I could get some feedback from CFRG about > draft-moonesamy-sshfp-ed25519-01 Not much to review, really. I see no problems; straightforward. OpenSSH has already adopted Ed25519 independently (as in djb/Duif/Lange/Schwabe/Yang, with SHA-512 as the hash). While I could suggest (and have suggested) a small improvement (simply swapping the SHA-512 for a newer, better, faster hash, from the SHA-3 competition finalists: e.g. SHA-3?), and CFRG may document a slightly more generalised version capable of working with stronger curves, I have no actual worries in practice about Ed25519 as drafted. The SHA-3 final round candidates are all technically better, but SHA-2 [despite its progenitors' murky reputation] is absolutely fine right now as far as I know (except for length-extension, which isn't a real issue here afaik). There's no real need to get a 256-bit fingerprint from a 256-bit public blob: you could just as well include the public key verbatim. But given an SHA-256 hash has about the same strength as Ed25519, and it's a fingerprint so matches existing practice with other SSHFP records, it does no harm. My only suggestion: prohibit using (weaker, deprecated) SHA-1 fingerprints with these newest (stronger) keys. [Just in case someone mistakenly thinks it'd be a good idea.] Other than that, as far as I'm concerned, stick a fork in it: it's done, go ahead and get its public key RR type allocated. - -- /akr -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTOv8OAAoJEOyEjtkWi2t6YWMP/12rXxEA6WAuaTl4K8lr9m43 DvhFOrEIZJtWiC7YwyrbNWZ7Yn+zyMqh/fVwj73BY6BVW/Yy1hjdDVkTuH9vx5lx n+BaUVuh8jJN5mYc/QIOkwZ3ILpb6qrAvEd8fTuVjwJX2yV1764BsTsS9JzuHLq0 M8XxcSkPGadXB2lrDog91FNlp0jLCTUfKWNiimOR5NzvWpHN/OWdYcwTsykRiGBk S96WRVn4w7Zdbk3qbpiGpLF+oH7DeWnFDb7C1nok44sBY1dXyKwwjVs0+MzkzweJ jvtqK3pImrZMCCrJm1YX1UjUDU8t40+TZjD+KWn/kf+qO3Yi+rXzcKdk2vj4UnJN n/9mPGdKLl+n2jZtMe+oWGbNDhETZPDNtT92jPK2CsJOxnlg3Vr1Lk5aKs/Tfk5F svOjualm/YqaA8VXTlPOdkj0FplBKu4mZKpOB7JALAaRM2aKCHHPD4uNmfWMwFcb nczcCoOrLsYxGWzFnOGV8Ivd7upnOrE/IetJsYnw6Tj+KbUIYb1DwxsB8cSK4b2F ETSI2RyABySctWOEKIjdPFPyyJn8s3sNnaeBqfLKIErx8bWvUcXGwcp0yZpWnJEc Uv1/N7paJ0YVzd7oKwny4TWgr5yOFWWUDUTJkwG95GqWR7lYVyHquMGUXWIZvbJP w+hW8PtSsvv4bZ1hxJtT =hWu8 -----END PGP SIGNATURE-----
- Re: [Cfrg] Using ED25519 in SSHFP Resource Record… Alyssa Rowan
- Re: [Cfrg] Using ED25519 in SSHFP Resource Record… S Moonesamy
- Re: [Cfrg] Using ED25519 in SSHFP Resource Record… S Moonesamy
- Re: [Cfrg] Using ED25519 in SSHFP Resource Record… Nico Williams
- Re: [Cfrg] Using ED25519 in SSHFP Resource Record… Daniel Kahn Gillmor
- Re: [Cfrg] Using ED25519 in SSHFP Resource Record… S Moonesamy