idnits 2.17.1 draft-housley-suite-b-to-historic-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 30, 2018) is 2186 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 4869 (Obsoleted by RFC 6379) ** Obsolete normative reference: RFC 5008 (Obsoleted by RFC 6318) ** Obsolete normative reference: RFC 5430 (Obsoleted by RFC 6460) -- Obsolete informational reference (is this intentional?): RFC 7321 (Obsoleted by RFC 8221) -- Obsolete informational reference (is this intentional?): RFC 7525 (Obsoleted by RFC 9325) Summary: 3 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Housley 3 Internet-Draft Vigil Security 4 Intended status: Informational L. Zieglar 5 Expires: November 1, 2018 National Security Agency 6 April 30, 2018 8 Reclassification of Suite B Documents to Historic Status 9 draft-housley-suite-b-to-historic-05 11 Abstract 13 This document reclassifies the RFCs related to the U.S. National 14 Security Agency (NSA) Suite B cryptographic algorithms as Historic, 15 and it discusses the reasons for doing so. This document moves seven 16 informational RFCs to Historic Status: RFC 5759, RFC 6239, RFC 6318, 17 RFC 6379, RFC 6380, RFC 6403, and RFC 6460. In addition, this 18 document moves three obsolete informational RFCs to Historic Status: 19 RFC 4869, RFC 5008, and RFC 5430. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on November 1, 2018. 38 Copyright Notice 40 Copyright (c) 2018 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. Rationale . . . . . . . . . . . . . . . . . . . . . . . . . . 2 57 3. The RFCs Related to Suite B . . . . . . . . . . . . . . . . . 2 58 4. Documents that Reference the Suite-B-related RFCs . . . . . . 3 59 4.1. Documents that Reference RFC 4869 . . . . . . . . . . . . 3 60 4.2. Documents that Reference RFC 5759 . . . . . . . . . . . . 4 61 4.3. Documents that Reference RFC 6379 . . . . . . . . . . . . 4 62 4.4. Documents that Reference RFC 6403 . . . . . . . . . . . . 4 63 4.5. Documents that Reference RFC 6460 . . . . . . . . . . . . 4 64 5. Impact of Reclassifying the Suite-B-related RFCs to Historic 5 65 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 66 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 67 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 68 8.1. Normative References . . . . . . . . . . . . . . . . . . 5 69 8.2. Informative References . . . . . . . . . . . . . . . . . 6 70 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 72 1. Introduction 74 Several RFCs profile security protocols for use with the National 75 Security Agency (NSA) Suite B Cryptography. Suite B is no longer 76 supported by NSA, and the web pages that specify the cryptographic 77 algorithms are no longer available. 79 In July 2015, NSA published the Committee for National Security 80 Systems Advisory Memorandum 02-15 as the first step in replacing 81 Suite B with NSA's Commercial National Security Algorithm (CNSA) 82 Suite. Information about the CNSA Suite can be found in [CNSA]. 84 2. Rationale 86 As indicated in [CNSA], NSA is transitioning from Suite B to the CNSA 87 Suite. As a result, the profiles of the security protocols for the 88 Suite B algorithms are now only of historic interest. 90 3. The RFCs Related to Suite B 92 Between 2007 and 2012, several Suite-B-related RFCs were published to 93 profile security protocols for use with the Suite B algorithms. They 94 are: 96 o [RFC4869], "Suite B Cryptographic Suites for IPsec" (Obsoleted by 97 RFC 6379) 99 o [RFC5008], "Suite B in Secure/Multipurpose Internet Mail 100 Extensions (S/MIME)" (Obsoleted by RFC 6318) 102 o [RFC5430], "Suite B Profile for Transport Layer Security (TLS)" 103 (Obsoleted by RFC 6460) 105 o [RFC5759], "Suite B Certificate and Certificate Revocation List 106 (CRL) Profile" 108 o [RFC6239], "Suite B Cryptographic Suites for Secure Shell (SSH)" 110 o [RFC6318], "Suite B in Secure/Multipurpose Internet Mail 111 Extensions (S/MIME)" 113 o [RFC6379], "Suite B Cryptographic Suites for IPsec" 115 o [RFC6380], "Suite B Profile for Internet Protocol Security 116 (IPsec)" 118 o [RFC6403], "Suite B Profile of Certificate Management over CMS" 120 o [RFC6460], "Suite B Profile for Transport Layer Security (TLS)" 122 4. Documents that Reference the Suite-B-related RFCs 124 There are several references among these RFCs. These cross- 125 references are not examined further. 127 Other RFC make reference to these Suite-B-related RFCs; these 128 references are discussed in the following subsections. 130 4.1. Documents that Reference RFC 4869 132 One other RFC makes reference to RFC 4869 [RFC4869]. 134 RFC 6071, "IP Security (IPsec) and Internet Key Exchange (IKE) 135 Document Roadmap" [RFC6071], points out that RFC 4869 adds four pre- 136 defined suites based upon Suite B specifications. They are: 138 o IKE/ESP suite "Suite-B-GCM-128" 140 o IKE/ESP suite "Suite-B-GCM-256" 142 o IKE/AH suite "Suite-B-GMAC-128" 143 o IKE/AH suite "Suite-B-GMAC-256" 145 In each case, these suite definitions make use of algorithms that are 146 defined in other RFCs. No interoperability or security concerns are 147 raised if implementations continue to make use of these suite names. 149 4.2. Documents that Reference RFC 5759 151 One other RFC makes reference to RFC 5759 [RFC5759]. 153 RFC 6187, "X.509v3 Certificates for Secure Shell Authentication" 154 [RFC6187], points out that RFC 5759 provides additional guidance for 155 Elliptic Curve Digital Signature Algorithm (ECDSA) keys when used 156 with Suite B. 158 4.3. Documents that Reference RFC 6379 160 One other RFC makes reference to RFC 6379 [RFC6379]. 162 RFC 7321, "Cryptographic Algorithm Implementation Requirements and 163 Usage Guidance for Encapsulating Security Payload (ESP) and 164 Authentication Header (AH) [RFC7321], points out that the AES-GCM 165 algorithm is used by Suite B, and it has emerged as the preferred 166 authenticated encryption method in IPsec. 168 4.4. Documents that Reference RFC 6403 170 Two other RFCs make reference to RFC 6403 [RFC6403]. 172 RFC 6402, "Certificate Management over CMS (CMC) Updates" [RFC6402], 173 says that development of the profile for Suite B was the activity 174 that demonstrated the need for these updates. 176 RFC 7030, "Enrollment over Secure Transport" [RFC7030], points out 177 that the scenarios in the two documents are very similar. 179 4.5. Documents that Reference RFC 6460 181 Three other RFCs make reference to RFC 6460 [RFC6460]. 183 RFC 6605, "Elliptic Curve Digital Signature Algorithm (DSA) for 184 DNSSEC" [RFC6605], states that material was copied liberally from RFC 185 6460. The standards-track status of RFC 6605 is not affected by RFC 186 6460 moving to Historic status. 188 RFC 7525, "Recommendations for Secure Use of Transport Layer Security 189 (TLS) and Datagram Transport Layer Security (DTLS)" [RFC7525], 190 observes that the Suite B profile of TLS 1.2 uses different cipher 191 suites. 193 RFC 8253, "PCEPS: Usage of TLS to Provide a Secure Transport for the 194 Path Computation Element Communication Protocol (PCEP)" [RFC8253], 195 points RFC 6460 for the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 and 196 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 cipher suites. Both of these 197 ciphersuites are defined in [RFC5289], which would have been a better 198 reference. The standards-track status of RFC 8253 is not affected by 199 RFC 6460 moving to Historic status. 201 5. Impact of Reclassifying the Suite-B-related RFCs to Historic 203 No interoperability or security concerns are raised by reclassifying 204 the Suite-B-related RFCs to Historic Status. As described in 205 Section 4, none of the RFCs being moved to Historic Status is the 206 sole specification of a cryptographic algorithm or an identifier for 207 a cryptographic algorithm. 209 6. IANA Considerations 211 No changes are requested to any IANA registries. 213 7. Security Considerations 215 No interoperability or security concerns raised by reclassifying the 216 Suite-B-related RFCs to Historic Status. 218 NSA is transitioning away from some of the cryptographic algorithms 219 and key sizes that were employed in the Suite B profiles. 221 8. References 223 8.1. Normative References 225 [RFC4869] Law, L. and J. Solinas, "Suite B Cryptographic Suites for 226 IPsec", RFC 4869, DOI 10.17487/RFC4869, May 2007, 227 . 229 [RFC5008] Housley, R. and J. Solinas, "Suite B in Secure/ 230 Multipurpose Internet Mail Extensions (S/MIME)", RFC 5008, 231 DOI 10.17487/RFC5008, September 2007, 232 . 234 [RFC5430] Salter, M., Rescorla, E., and R. Housley, "Suite B Profile 235 for Transport Layer Security (TLS)", RFC 5430, 236 DOI 10.17487/RFC5430, March 2009, 237 . 239 [RFC5759] Solinas, J. and L. Zieglar, "Suite B Certificate and 240 Certificate Revocation List (CRL) Profile", RFC 5759, 241 DOI 10.17487/RFC5759, January 2010, 242 . 244 [RFC6239] Igoe, K., "Suite B Cryptographic Suites for Secure Shell 245 (SSH)", RFC 6239, DOI 10.17487/RFC6239, May 2011, 246 . 248 [RFC6318] Housley, R. and J. Solinas, "Suite B in Secure/ 249 Multipurpose Internet Mail Extensions (S/MIME)", RFC 6318, 250 DOI 10.17487/RFC6318, June 2011, 251 . 253 [RFC6379] Law, L. and J. Solinas, "Suite B Cryptographic Suites for 254 IPsec", RFC 6379, DOI 10.17487/RFC6379, October 2011, 255 . 257 [RFC6380] Burgin, K. and M. Peck, "Suite B Profile for Internet 258 Protocol Security (IPsec)", RFC 6380, 259 DOI 10.17487/RFC6380, October 2011, 260 . 262 [RFC6403] Zieglar, L., Turner, S., and M. Peck, "Suite B Profile of 263 Certificate Management over CMS", RFC 6403, 264 DOI 10.17487/RFC6403, November 2011, 265 . 267 [RFC6460] Salter, M. and R. Housley, "Suite B Profile for Transport 268 Layer Security (TLS)", RFC 6460, DOI 10.17487/RFC6460, 269 January 2012, . 271 8.2. Informative References 273 [CNSA] National Security Agency, "Commercial National Security 274 Algorithm (CNSA) Suite", 2015, 275 . 278 [RFC5289] Rescorla, E., "TLS Elliptic Curve Cipher Suites with SHA- 279 256/384 and AES Galois Counter Mode (GCM)", RFC 5289, 280 DOI 10.17487/RFC5289, August 2008, 281 . 283 [RFC6071] Frankel, S. and S. Krishnan, "IP Security (IPsec) and 284 Internet Key Exchange (IKE) Document Roadmap", RFC 6071, 285 DOI 10.17487/RFC6071, February 2011, 286 . 288 [RFC6187] Igoe, K. and D. Stebila, "X.509v3 Certificates for Secure 289 Shell Authentication", RFC 6187, DOI 10.17487/RFC6187, 290 March 2011, . 292 [RFC6402] Schaad, J., "Certificate Management over CMS (CMC) 293 Updates", RFC 6402, DOI 10.17487/RFC6402, November 2011, 294 . 296 [RFC6605] Hoffman, P. and W. Wijngaards, "Elliptic Curve Digital 297 Signature Algorithm (DSA) for DNSSEC", RFC 6605, 298 DOI 10.17487/RFC6605, April 2012, 299 . 301 [RFC7030] Pritikin, M., Ed., Yee, P., Ed., and D. Harkins, Ed., 302 "Enrollment over Secure Transport", RFC 7030, 303 DOI 10.17487/RFC7030, October 2013, 304 . 306 [RFC7321] McGrew, D. and P. Hoffman, "Cryptographic Algorithm 307 Implementation Requirements and Usage Guidance for 308 Encapsulating Security Payload (ESP) and Authentication 309 Header (AH)", RFC 7321, DOI 10.17487/RFC7321, August 2014, 310 . 312 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 313 "Recommendations for Secure Use of Transport Layer 314 Security (TLS) and Datagram Transport Layer Security 315 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 316 2015, . 318 [RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody, 319 "PCEPS: Usage of TLS to Provide a Secure Transport for the 320 Path Computation Element Communication Protocol (PCEP)", 321 RFC 8253, DOI 10.17487/RFC8253, October 2017, 322 . 324 Authors' Addresses 326 Russ Housley 327 Vigil Security, LLC 328 918 Spring Knoll Drive 329 Herndon, VA 20170 330 US 332 Email: housley@vigilsec.com 333 Lydia Zieglar 334 National Security Agency 335 9800 Savage Road 336 Ft. George G. Meade, MD 20755-6940 337 US 339 Email: llziegl@nsa.gov