Re: [tcpinc] Making ECDHE-Curve25519 the only MTI for tcpcrypt
Kyle Rose <krose@krose.org> Tue, 17 October 2017 14:13 UTC
Return-Path: <krose@krose.org>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51A85132D51 for <tcpinc@ietfa.amsl.com>; Tue, 17 Oct 2017 07:13:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pSZii7HKbhgv for <tcpinc@ietfa.amsl.com>; Tue, 17 Oct 2017 07:13:40 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0879A13214D for <tcpinc@ietf.org>; Tue, 17 Oct 2017 07:13:40 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id m189so2175271qke.4 for <tcpinc@ietf.org>; Tue, 17 Oct 2017 07:13:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=veHiJZj3q4OZuv6kyJx4uFniwjlPGIhinVfsmvOic6Q=; b=ZvLO77MDiXzvf6Yq962TuBxWFdOG6UpW5DlRfqxbH7Mmewnfy63ucKHm2Agew/NkTD 9O3tvz8pSoCG7CWCyRepMh2BrxrlecexX8e2y2FI2mGUl7SZZYFMauWQgNnm5l4cYCxL x4oOkygOTEbnIDxEtJwNWif3AxBOkdpQOCFm0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=veHiJZj3q4OZuv6kyJx4uFniwjlPGIhinVfsmvOic6Q=; b=kDlz0p5AIfN0e8YUZKYQV2GzTFNDFt5Ydi3v5Yr+W2HLhwf6aELtezy/f2ZeDsCjRD RRcbHGZxhLXvPgkcmruJTknhbJDAHUCYXygFHiDTz/IVsDMIYn+w86/ozPBn3ANtaiCe rM1RU8FV2OLHIJ1occxZTxHZXd1nY7kSf9F4qJ/FgLMMFNuUlEyhMY8evykSdSUZIbP2 JyTKJdoa0WAUY89AruUbnS1FTcN0FprXq8SmhBDLV6E5HlFID7yP2KXeLDmfmpdep+0u WJi9nKg4GLA+UVe10ZiVBCeSKIpkERCLlF3B6OiK/4hOExJziCc/7lg8chCA4/0wU00e SEPg==
X-Gm-Message-State: AMCzsaVhjcCMas6B9jB6KdmZ/tHU4jC07yg/ud3YBkb8vXGkSodAs5Uv eS35flBQFvKEXoxmCnyyBJKmIz6G4dh6BplzJBsncc79
X-Google-Smtp-Source: ABhQp+R5t5HIVXLnIsL0MFW4sUVA09EZN1HtkdnYe7Pdw1nF0Xf75pNJ21Dyf8Kc7OZoMjuvHf8Er3mvTwtwxLpL4q4=
X-Received: by 10.55.20.151 with SMTP id 23mr19531940qku.78.1508249619030; Tue, 17 Oct 2017 07:13:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.137.119 with HTTP; Tue, 17 Oct 2017 07:13:38 -0700 (PDT)
X-Originating-IP: [2607:fb90:ed7:a692:c523:1758:ece9:6bd9]
Received: by 10.12.137.119 with HTTP; Tue, 17 Oct 2017 07:13:38 -0700 (PDT)
In-Reply-To: <87h8uylfgk.fsf@ta.scs.stanford.edu>
References: <D38E22E9-FBB6-40D1-BF85-D5A77F5C2365@kuehlewind.net> <20170830223758.GA73969@scs.stanford.edu> <3a8ac0e0-cd41-57c8-85a4-79c5f179385f@kuehlewind.net> <20170929203434.GA73214@scs.stanford.edu> <D78092B0-4C01-47D6-9B5D-9DB1DA5EFA83@kuehlewind.net> <877ewgrtp8.fsf@ta.scs.stanford.edu> <20171004233140.GB84701@scs.stanford.edu> <BDB8460A-E193-4C9C-BCBA-99B805F93D0A@kuehlewind.net> <e2ae6028-6ed2-c547-2a1f-f3c170b0fb89@posteo.net> <3879588f-d5ef-43c9-9d2c-7fe9c2657709@iang.org> <87h8uylfgk.fsf@ta.scs.stanford.edu>
From: Kyle Rose <krose@krose.org>
Date: Tue, 17 Oct 2017 10:13:38 -0400
Message-ID: <CAJU8_nVAw3CJjaV9saKMit3rhvdWaUTZ090vMX3v0jLbAE0CQA@mail.gmail.com>
To: David Mazieres expires 2018-01-14 PST <mazieres-ddragqirgwht7ezx2d39a3jw72@temporary-address.scs.stanford.edu>, "Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net>, "Black, David" <David.Black@dell.com>
Cc: ianG <iang@iang.org>, Gregorio Guidi <greg_g@posteo.net>, tcpinc <tcpinc@ietf.org>
Content-Type: multipart/alternative; boundary="001a1144cc04c682a6055bbebaba"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/-ywFVHzXSv3Y7oi5Z4fhLUDCDLk>
Subject: Re: [tcpinc] Making ECDHE-Curve25519 the only MTI for tcpcrypt
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2017 14:13:42 -0000
On Oct 16, 2017 9:40 PM, "David Mazieres" <dm-list-tcpcrypt@scs.stanford.edu> wrote: Question one is whether there's anyone in the working group who thinks it would be a bad idea to make this change--i.e., to have a single MTI algorithm, namely ECDHE-Curve25519. If so, please speak up. Speaking as interested party rather than chair, I was in favor of this change over a year ago and remain in favor of it. Question two, if no one object to this change and some people want to see it, is whether it is now too late to make this change without jeopardizing the RFC. Can we still make such a change in last call? It's obviously not a lot of text to change, but a fairly big semantic change. We'd appreciate guidance on this question from people with more IETF experience. Mirja and David Black: can you provide guidance here? Kyle
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Daniel B Giffin
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Mirja Kuehlewind (IETF)
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… David Mazieres
- [tcpinc] AD review of draft-ietf-tcpinc-tcpcrypt Mirja Kuehlewind (IETF)
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Daniel B Giffin
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Mirja Kühlewind
- Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcr… Black, David
- [tcpinc] new drafts of TCP-ENO and tcpcrypt Daniel B Giffin
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt Mirja Kuehlewind (IETF)
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt Gregorio Guidi
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt dm-list-tcpcrypt
- Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt iang
- [tcpinc] Making ECDHE-Curve25519 the only MTI for… David Mazieres
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Kyle Rose
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Mirja Kühlewind
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Black, David
- Re: [tcpinc] Making ECDHE-Curve25519 the only MTI… Mirja Kuehlewind (IETF)
- [tcpinc] tcpcrypt MTI key exchange (speak now or … David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… Rene Struik
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… iang
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… David Mazieres
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… iang
- Re: [tcpinc] tcpcrypt MTI key exchange (speak now… Gregorio Guidi