[TLS] Consensus Call on MTI Algorithms
Joseph Salowey <joe@salowey.net> Wed, 01 April 2015 18:12 UTC
Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78EF31A1A69 for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 11:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BHHySTbuof45 for <tls@ietfa.amsl.com>; Wed, 1 Apr 2015 11:12:20 -0700 (PDT)
Received: from mail-qg0-f52.google.com (mail-qg0-f52.google.com [209.85.192.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E1831A0270 for <tls@ietf.org>; Wed, 1 Apr 2015 11:12:20 -0700 (PDT)
Received: by qgfa8 with SMTP id a8so49917514qgf.0 for <tls@ietf.org>; Wed, 01 Apr 2015 11:12:19 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=zm2jAPaaB9JJ8yYp/q4Yv3Z+YcUEfK/JVPmkj40FfQA=; b=Si/uPmVDdJtPPMqpV4+dmcxmTmiP1IxH05Mln1wiJ1Hbp3VUbCHNX30awclHtLKJBG cSOF0Xp28Jb/sdkAzL3DSaiomaiqO1LeY0blOuvQXQmAQqE8v8MSlm97G2YpONaMuQYN A8fShfHL1PVxeE21/hwy7kSOF39Pl7giA0oeS6xDHpWQp9xcrs88MWXtise7f4f6iVcJ QC+RzDfNC9Lewd2bvTcXvbL6iHe63T1T/8m4p0sdevWTWya4fZs2N12ZrWfxOTP9gw6K qKU7DbkiPObYsclMDRDswEgUf7yJ+XwgH0MnpoVygQLCg3cdwiqLjmiHigJskzTMls5T lR4Q==
X-Gm-Message-State: ALoCoQkqciJPLv505C7PR/zqiJgWffGglVYJf9bHJwR+K7JxzdH6NI27jGyimd1nlRh0YVgmnmla
MIME-Version: 1.0
X-Received: by 10.55.24.157 with SMTP id 29mr92206260qky.83.1427911939849; Wed, 01 Apr 2015 11:12:19 -0700 (PDT)
Received: by 10.96.121.104 with HTTP; Wed, 1 Apr 2015 11:12:19 -0700 (PDT)
X-Originating-IP: [50.206.82.141]
Date: Wed, 01 Apr 2015 11:12:19 -0700
Message-ID: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a113b9232f21fec0512ada723"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/q8hvUQKGYEiG-sIh6-X-RDNs9mU>
Subject: [TLS] Consensus Call on MTI Algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 18:12:22 -0000
We did not get a chance to talk about MTI algorithms in Dallas, but the
chairs would like to judge consensus for the algorithms discussed in the
interim. The CFRG has closed or will close soon on ChaCha20 and curve
25519 recommendations so they are included. We will be calling for
acceptance to bring drafts on these into the working group shortly.
Keep in mind that mandatory to implement (MTI) is not mandatory to use and
that it is expected that there will be profiles for specific environments.
Below is the proposed algorithm list that had consensus at the Seattle
Interim. Please reply on the TLS mailing list indicating whether or not you
agree with the consensus. If not, please indicate why. This consensus
call will close on April, 23, 2015.
o Symmetric:
MUST AES-GCM 128
SHOULD ChaCha20-Poly1305
o Hash:
MUST SHA-256
o Key Agreement: ECDH
MUST P-256
SHOULD 25519
o Signature:
MUST ECDSA P-256
MUST RSA
Thanks,
J&S
- [TLS] Consensus Call on MTI Algorithms Joseph Salowey
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Dan Harkins
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Kurt Roeckx
- Re: [TLS] Consensus Call on MTI Algorithms Brian Smith
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Checkoway
- Re: [TLS] Consensus Call on MTI Algorithms Sean Turner
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Martin Thomson
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Rob Stradling
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Stephen Farrell
- Re: [TLS] Consensus Call on MTI Algorithms Yaron Sheffer
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Hubert Kario
- Re: [TLS] Consensus Call on MTI Algorithms Hanno Böck
- Re: [TLS] Consensus Call on MTI Algorithms Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Rick Andrews
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Salz, Rich
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Christian Huitema
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Yoav Nir
- Re: [TLS] Consensus Call on MTI Algorithms Nico Williams
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms James Cloos
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Peter Gutmann
- Re: [TLS] Consensus Call on MTI Algorithms Aaron Zauner
- Re: [TLS] Consensus Call on MTI Algorithms Watson Ladd
- Re: [TLS] Consensus Call on MTI Algorithms Dave Garrett
- Re: [TLS] Consensus Call on MTI Algorithms Eric Rescorla
- Re: [TLS] Consensus Call on MTI Algorithms Russ Housley
- Re: [TLS] Consensus Call on MTI Algorithms Daniel Kahn Gillmor