From leifj@mnt.se Thu Aug 1 00:37:24 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F13121F9DC6 for ; Thu, 1 Aug 2013 00:37:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sBFIGSgqmDiz for ; Thu, 1 Aug 2013 00:37:19 -0700 (PDT) Received: from mail-pa0-f53.google.com (mail-pa0-f53.google.com [209.85.220.53]) by ietfa.amsl.com (Postfix) with ESMTP id 0AE2321F8AA1 for ; Thu, 1 Aug 2013 00:37:14 -0700 (PDT) Received: by mail-pa0-f53.google.com with SMTP id lb1so1806097pab.40 for ; Thu, 01 Aug 2013 00:37:13 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding:x-gm-message-state; bh=IhgD2Uv3AEx8A6SkufCL/XUWb87f8TKHd2YrrvWWkpw=; b=HWjmlm3nJNi4nXeAAfQl/SVbH+sjBknQN8O7TjCsx8IP3EbUcrSyxJA3d/YD2/7KZb WXDIcWMCVc5LoIdwUN/49ljanVxoSI4CdXD0LZ+25hJkTIFV7Hry2teD8WUcvXvwfEe1 6lNQGpfWfFJGysgl61VjqnIZbr2sdKMkPeF+wcQwgcakQklJTii89l+TGTxgUwqPtw3l b7yz7VNzhyn/mMzDY2lm9vNWfxOEz8xYgWqJtKSAPDLVHyTd62rk872Q3pRjIphvUYyv +KmpCp1vPlQ9fidiZKpsk7Y7Xy2Ca7JwdtwdrfFX51TeZUuxu9UD2V6+HdAIdwMCRjF/ lMAQ== X-Received: by 10.68.201.226 with SMTP id kd2mr317526pbc.45.1375342633716; Thu, 01 Aug 2013 00:37:13 -0700 (PDT) Received: from ?IPv6:2001:df8:0:8:152b:37ef:33cf:c19d? ([2001:df8:0:8:152b:37ef:33cf:c19d]) by mx.google.com with ESMTPSA id fk4sm471784pab.23.2013.08.01.00.37.11 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 01 Aug 2013 00:37:13 -0700 (PDT) Message-ID: <51FA1026.4030206@mnt.se> Date: Thu, 01 Aug 2013 09:37:10 +0200 From: Leif Johansson User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7 MIME-Version: 1.0 To: saag@ietf.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Gm-Message-State: ALoCoQklpYLXhvHjBdwPLTAiWyAdi6A90mLL7w3kq8FqLLMjF1mUwC0LoVMn6AdaaEfsISrzXRtZ Subject: [saag] abfab summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 07:37:24 -0000 The abfab WG met on Tuesday of the IETF87 week. The WG is (slowly) moving towards completing its work. We believe we found a solution to the final DISCUSS issue on the eap applicability stmt during the meeting and achieved consensus on the outstanding issues for our aaa-saml document. Cheers Leif & Klaas From kathleen.moriarty@emc.com Thu Aug 1 01:59:11 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02D6021F9E62 for ; Thu, 1 Aug 2013 01:59:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AhulXBStf-rV for ; Thu, 1 Aug 2013 01:59:05 -0700 (PDT) Received: from mexforward.lss.emc.com (hop-nat-141.emc.com [168.159.213.141]) by ietfa.amsl.com (Postfix) with ESMTP id 5B1AF21F9EE9 for ; Thu, 1 Aug 2013 01:59:04 -0700 (PDT) Received: from hop04-l1d11-si01.isus.emc.com (HOP04-L1D11-SI01.isus.emc.com [10.254.111.54]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r718x0LI006220 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 1 Aug 2013 04:59:00 -0400 Received: from mailhub.lss.emc.com (mailhubhoprd01.lss.emc.com [10.254.221.251]) by hop04-l1d11-si01.isus.emc.com (RSA Interceptor) for ; Thu, 1 Aug 2013 04:58:54 -0400 Received: from mxhub04.corp.emc.com (mxhub04.corp.emc.com [10.254.141.106]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r718wrtB014066 for ; Thu, 1 Aug 2013 04:58:53 -0400 Received: from mx15a.corp.emc.com ([169.254.1.184]) by mxhub04.corp.emc.com ([10.254.141.106]) with mapi; Thu, 1 Aug 2013 04:58:52 -0400 From: "Moriarty, Kathleen" To: "saag@ietf.org" Date: Thu, 1 Aug 2013 04:58:51 -0400 Thread-Topic: POSH Summary Thread-Index: AQHOjpVX9OvY7Mmf/kWUWP+dbe2wmg== Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [saag] POSH Summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 08:59:11 -0000 Hello, Here is the short summary for POSH. POSH IETF 87 29 July 2013 =20 Co-chairs: Alexey Melnikov & Kathleen Moriarty Summary: The BoF had several presentations that have been posted to the mee= ting materials. The scope of the effort was not clear to all those in the = room. Although discussions helped to have folks better understand the prob= lem space and solution, further discussion is required to move the work ahe= ad in the IETF. Discussions will continue on the mailing list to review an= d refine the charter. Matt Miller will revise the draft to address the que= stions asked to ensure the problem space and solution is well understood. Meeting minutes are posted to the meeting materials site. Thank you, Kathleen & Alexey= From kathleen.moriarty@emc.com Thu Aug 1 02:13:04 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45ED821F9C54 for ; Thu, 1 Aug 2013 02:13:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9jbnIVSI315N for ; Thu, 1 Aug 2013 02:12:58 -0700 (PDT) Received: from mexforward.lss.emc.com (hop-nat-141.emc.com [168.159.213.141]) by ietfa.amsl.com (Postfix) with ESMTP id E259C21F99A9 for ; Thu, 1 Aug 2013 02:12:27 -0700 (PDT) Received: from hop04-l1d11-si01.isus.emc.com (HOP04-L1D11-SI01.isus.emc.com [10.254.111.54]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r719CPfJ007588 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 1 Aug 2013 05:12:25 -0400 Received: from mailhub.lss.emc.com (mailhubhoprd01.lss.emc.com [10.254.221.251]) by hop04-l1d11-si01.isus.emc.com (RSA Interceptor) for ; Thu, 1 Aug 2013 05:12:16 -0400 Received: from mxhub23.corp.emc.com (mxhub23.corp.emc.com [128.222.70.135]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r719CDwI024858 for ; Thu, 1 Aug 2013 05:12:15 -0400 Received: from mx15a.corp.emc.com ([169.254.1.184]) by mxhub23.corp.emc.com ([128.222.70.135]) with mapi; Thu, 1 Aug 2013 05:12:13 -0400 From: "Moriarty, Kathleen" To: "saag@ietf.org" Date: Thu, 1 Aug 2013 05:12:13 -0400 Thread-Topic: MILE summary Thread-Index: AQHOjpc1ZPk8q2VBVkCamRRrG1lNdg== Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [saag] MILE summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 09:13:04 -0000 Hello, Here is the summary from the MILE meeting: MILE Tuesday, July 30, 1700 Summary: MILE has several active drafts. The Structured CyberSecurity Info= rmation (SCI) draft just completed WG last call and is close to final. The= Enumeration format draft is also close to final. RFC5070-bis has a milestone of January 2014 for IESG last call. There are = a number of issues that were discussed and have been entered in the tracker= . They will be discussed iteratively on the mailing list to gain consensus= and resolve issues to stay on track with the publication schedule. Please= contribute to ensure your use cases are met in this revision. The IODEF Guidance document is new and adds predicate logic to IODEF. We a= re looking for contributions on real uses cases that can be mapped into exa= mples to demonstrate how IODEF can be used to solve those problems. Meeting minutes will be posted soon! Minutes taken by Paul Hoffman & Takeshi Takahashi Thank you, Kathleen & Brian= From cabo@tzi.org Thu Aug 1 02:23:04 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C968421F9EA1 for ; Thu, 1 Aug 2013 02:23:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.096 X-Spam-Level: X-Spam-Status: No, score=-106.096 tagged_above=-999 required=5 tests=[AWL=0.153, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OpQ1S0EhkS2W for ; Thu, 1 Aug 2013 02:22:58 -0700 (PDT) Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id 8F60421F9C21 for ; Thu, 1 Aug 2013 02:22:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.4/8.14.4) with ESMTP id r719M8gu015372 for ; Thu, 1 Aug 2013 11:22:08 +0200 (CEST) Received: from dhcp-90f8.meeting.ietf.org (dhcp-90f8.meeting.ietf.org [130.129.8.248]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id F4140C3E; Thu, 1 Aug 2013 11:22:07 +0200 (CEST) From: Carsten Bormann Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Date: Thu, 1 Aug 2013 11:22:07 +0200 To: "saag@ietf.org" Message-Id: <49115219-63A3-4D26-91FC-F0BF0E6630EF@tzi.org> Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) X-Mailer: Apple Mail (2.1508) Subject: [saag] DICE BOF summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 09:23:04 -0000 DICE BoF -- DTLS Improvements for Constrained Environments BoF Chairs: Carsten Bormann, Zach Shelby [BOF chairs won't be in SAAG meeting due to conflicting CoRE meeting.] The DICE BOF was scheduled for one hour Wednesday 1510-1610. Some 120 people participated. Scope and the two planned work items were presented. Lots of people raised their hand when asked whether the IETF should work on this, nobody opposed, and nobody felt they didn't have enough information. In the charter discussion, minor changes were brought up, and the point was raised how the charter would reflect that a DICE WG would contribute requirements and real world input for the TLS 1.3 work, without making a formal milestone of a requirements document. The charter show of hands went ~30/0/0. Some 10 people raised their hand when asked whether they were prepared to edit documents, some 30 to review and comment on them, and some 18 to implement. Gr=FC=DFe, Carsten From Jeff.Hodges@KingsMountain.com Thu Aug 1 04:25:56 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E16221E808F for ; Thu, 1 Aug 2013 04:25:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -100.82 X-Spam-Level: X-Spam-Status: No, score=-100.82 tagged_above=-999 required=5 tests=[AWL=-0.515, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_BL_SPAMCOP_NET=1.96, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hbp1t4kBF78j for ; Thu, 1 Aug 2013 04:25:50 -0700 (PDT) Received: from oproxy5.bluehost.com (oproxy5-pub.bluehost.com [67.222.38.55]) by ietfa.amsl.com (Postfix) with SMTP id AC67C21F964C for ; Thu, 1 Aug 2013 04:25:34 -0700 (PDT) Received: (qmail 11978 invoked by uid 0); 1 Aug 2013 11:25:11 -0000 Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by oproxy5.bluehost.com with SMTP; 1 Aug 2013 11:25:11 -0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kingsmountain.com; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:To:MIME-Version:From:Date:Message-ID; bh=2UH00OPgP1bwu9ZgihcOu3Jqbsnu0703wjDmF6RejyU=; b=yiLaUIYJihr1grzIIz20i8O3D+CDViwwkJY96UQ5OsL4fwbmRL/D33g6gTu6VJA62QuWAdde7z82Ndis22TunULQe+3J/Elp8UpdmnjMtz9ZJvjl5fRKMHUu4bTaC6+n; Received: from [130.129.99.118] (port=57119) by box514.bluehost.com with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.80) (envelope-from ) id 1V4r0I-000463-O3 for saag@ietf.org; Thu, 01 Aug 2013 05:25:10 -0600 Message-ID: <51FA458E.8030806@KingsMountain.com> Date: Thu, 01 Aug 2013 04:25:02 -0700 From: =JeffH User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130330 Thunderbird/17.0.5 MIME-Version: 1.0 To: IETF Security Area Advisory Group Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 130.129.99.118 authed with jeff.hodges+kingsmountain.com} Subject: [saag] some of the papers mentioned in talk: DNS Cache-Poisoning: New Vulnerabilities and Implications X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 11:25:56 -0000 fyi/fwiw, looks like some of the papers mentioned in today's SAAG talk are returned by this search... ### Invited Presentation - DNS Cache-Poisoning: New Vulnerabilities and Implications Amir Herzberg, Haya Shulman A number of standardises mechanisms were proposed to enhance security of DNS against cache poisoning attacks. However, we recently found vulnerabilities, allowing attackers to circumvent those defenses and poison resolvers' caches. We present techniques to foil widely deployed defenses, standardised in RFC5452,6056,4697. These works appeared/soon to be published, in ESORICS'12, ESORICS'13, IEEE CNS'13. We then discuss potential countermeasures, some of which may require changes to devices and protocols. ### From stpeter@stpeter.im Thu Aug 1 05:04:27 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F84A11E8116 for ; Thu, 1 Aug 2013 05:04:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.411 X-Spam-Level: X-Spam-Status: No, score=-102.411 tagged_above=-999 required=5 tests=[AWL=0.188, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u8AlRBNdAIQb for ; Thu, 1 Aug 2013 05:04:21 -0700 (PDT) Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 2F87011E81A1 for ; Thu, 1 Aug 2013 05:04:00 -0700 (PDT) Received: from che-vpn-cluster-1-228.cisco.com (unknown [198.135.0.233]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 50C4CE8321; Thu, 1 Aug 2013 06:06:13 -0600 (MDT) Message-ID: <51FA4EA9.20705@stpeter.im> Date: Thu, 01 Aug 2013 14:03:53 +0200 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: saag@ietf.org References: In-Reply-To: X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [saag] POSH Summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 12:04:27 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/1/13 10:58 AM, Moriarty, Kathleen wrote: > Hello, > > Here is the short summary for POSH. > > > POSH IETF 87 29 July 2013 > > Co-chairs: Alexey Melnikov & Kathleen Moriarty > > Summary: The BoF had several presentations that have been posted > to the meeting materials. The scope of the effort was not clear to > all those in the room. Although discussions helped to have folks > better understand the problem space and solution, further > discussion is required to move the work ahead in the IETF. > Discussions will continue on the mailing list to review and refine > the charter. Matt Miller will revise the draft to address the > questions asked to ensure the problem space and solution is well > understood. By the way, two IETF 87 attendees implemented POSH in code for two separate XMPP servers this week. In addition to updating the I-D, Matt and I will also work to encourage further implementation and gain some operational experience with the technology. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJR+k6oAAoJEOoGpJErxa2p81AQAK1Cf8inivkqjBuO0sIlD5Hx SGtyl8jjjAuc/49HFvdOB2VOD1A5rBHPnqBECIb+Vqj9GSYbj8uMor55QO9IDE7n dkvOQ3ZqFHj0lc/thdTI6oDSESiHmqMGLcTq1glacYu9A3TqMim0KxIwoZCUt20i lotdj3XQSbIegiNO+/3EumsF3Wb7GZCoo/vjUBVX17+sssAnJ5NopM/Vj63cdPDQ aKP/te+NsHBzNFdRHjyH9E+tv/uuojYX08T81tee7nJxsLEK5obu3eBwULrbhnvX eAtQSO4c/mtwP6/8mesUmaj+uZNozsNNxLXhxz0WUG63wF2ozZCO1QrJCmZMDlGl W0pWvTeHaEyZ1jSnBEn589fRYvIOpQO97uSUn9cguuM2Y2QYtll68DA8nW2KThX3 nQvrQBqBC+gv65jvlYLUdkul9gjsFLX9cHn5lTIW51BXJPq7iw+j+JGrZ2sKXP1J 6zrEl0cfP/SdncQCEXDx8CRdBY57fcXSEYu2O9NkYkNa6+47bqDkJK5FMgocAc9w KY4fXw7Jb788Wy9/CqoIazs4ub3Yw1/5iF3t23b5pyko0k8mgjPBxumr2rDVUqkN ruczpQAmVTEAGF4+y7b/pPJe5b7V43FKCuIz/alwXPUo0+fOI/dfo/pnXwsfkTKk uFhHIl+hKlL1zWH8hMIY =vqwn -----END PGP SIGNATURE----- From Jeff.Hodges@KingsMountain.com Thu Aug 1 05:11:21 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A118911E8105 for ; Thu, 1 Aug 2013 05:11:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.629 X-Spam-Level: X-Spam-Status: No, score=-101.629 tagged_above=-999 required=5 tests=[AWL=0.637, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cMR865reOUyt for ; Thu, 1 Aug 2013 05:10:57 -0700 (PDT) Received: from oproxy9.bluehost.com (oproxy9.bluehost.com [69.89.24.6]) by ietfa.amsl.com (Postfix) with SMTP id 6BE9421F99D2 for ; Thu, 1 Aug 2013 05:08:47 -0700 (PDT) Received: (qmail 27798 invoked by uid 0); 1 Aug 2013 12:08:01 -0000 Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by oproxy9.bluehost.com with SMTP; 1 Aug 2013 12:08:01 -0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kingsmountain.com; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:To:MIME-Version:From:Date:Message-ID; bh=gDm1ddYoBo5hjz9PhVNjih6y04Oblj0HK4vYU3+YX/w=; b=J9CtE0+XB7GdnJOSJFSUeQLJqhYz81vg7BQCB2elOMSzgMCcgxXj0/W2U3dmFeb6cliAe0kLS4KTdSHkR8pD2aLPIcH+LNuXj0H0hPNbQ68V92gh0VmsT2s7chp8xyl1; Received: from [130.129.99.118] (port=57430) by box514.bluehost.com with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.80) (envelope-from ) id 1V4rfl-0001hf-HR for saag@ietf.org; Thu, 01 Aug 2013 06:08:01 -0600 Message-ID: <51FA4F9F.4080609@KingsMountain.com> Date: Thu, 01 Aug 2013 05:07:59 -0700 From: =JeffH User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130330 Thunderbird/17.0.5 MIME-Version: 1.0 To: IETF Security Area Advisory Group Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 130.129.99.118 authed with jeff.hodges+kingsmountain.com} Subject: Re: [saag] some of the papers mentioned in talk: DNS Cache-Poisoning: New Vulnerabilities and Implications X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 12:11:21 -0000 Haya Shulman's website and publications https://sites.google.com/site/hayashulman/publications ---------------------------------------------- fyi/fwiw, looks like some of the papers mentioned in today's SAAG talk are returned by this search... ### Invited Presentation - DNS Cache-Poisoning: New Vulnerabilities and Implications Amir Herzberg, Haya Shulman A number of standardises mechanisms were proposed to enhance security of DNS against cache poisoning attacks. However, we recently found vulnerabilities, allowing attackers to circumvent those defenses and poison resolvers' caches. We present techniques to foil widely deployed defenses, standardised in RFC5452,6056,4697. These works appeared/soon to be published, in ESORICS'12, ESORICS'13, IEEE CNS'13. We then discuss potential countermeasures, some of which may require changes to devices and protocols. ### From ietf@rozanak.com Thu Aug 1 06:56:24 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A8B221E8191 for ; Thu, 1 Aug 2013 06:56:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.432 X-Spam-Level: X-Spam-Status: No, score=-2.432 tagged_above=-999 required=5 tests=[AWL=0.167, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QDXRKw196CiD for ; Thu, 1 Aug 2013 06:56:18 -0700 (PDT) Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id 1D5AE21E817F for ; Thu, 1 Aug 2013 06:56:17 -0700 (PDT) Received: from kopoli (dhcp-1698.meeting.ietf.org [130.129.22.152]) by mrelay.perfora.net (node=mrus2) with ESMTP (Nemesis) id 0M9KLu-1UuPE8398o-00Ci7U; Thu, 01 Aug 2013 09:56:16 -0400 From: "Hosnieh Rafiee" To: Date: Thu, 1 Aug 2013 15:56:07 +0200 Message-ID: <000701ce8ebe$e146d850$a3d488f0$@rozanak.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: Ac6OvqJV+A2Hm5sATMWXH5SJubeJxg== Content-Language: en-us X-Provags-ID: V02:K0:7xl3KKHgPS4ff8nbFpedKTKtsnxzojYLXlCmek2LNGk dkfep6p99AfFSw/n4LY46uOJrfHKr5koTU8GAmPMCsx9tiRt6J T79a7olwiKTlkV0mhEb/J4ALH7SJFvTe46zdKHJVSU54j2iucl S0ZHXR/7BC7857Um2J5PZqCUOQdVMOAMkibaRpm+x9XY8sO0JV +RBJWIVDbaeph6753xOsd4i6SQgzRgH6AaZYh0XoBla3kpdQGs GaLPcVxFY8LHtLGQ7mSMsKd6uVGzS1rFdlBWW/hbgo7WzPyNSv RHcfwFUSO7gcsvGN6MSDiF9UqTuNnc9l2n8HJXgYn4f4C5UUno GugCkyuVQDahOUUJOSmg= Subject: [saag] a Secure and fast proposal to improve SeND X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 13:56:25 -0000 Hi, As I explained in saag open mike, I have a proposal to improve SeND. It is easy and much faster and high secure. It can be used in place of CGA and we do not need to worry about the compute intensive part of CGA. During the past two years I have had a lot of proposal regarding the improvements of CGA. But the problem you make your CPU busy when you use CGA with sec value higher than 0. If you want to use CGA sec value zero, still my proposal is fast and more secure than that. The security of my proposal for the first time when the node joins to the network and wants to check Duplicate Address Detection is 2^62. But after the first time that is the attacker only have a few seconds to break it, the security of that is the security of the whole public key. The reason is the neighbors keeps his public key in their cache. So the attacker needs to do brute force attacks against the whole public key. This algorithm has the second version too. For further discussion or comments, you can contact me. If you are around in IETF, why not to meet and discuss it further. http://tools.ietf.org/html/draft-rafiee-6man-ssas Thanks, Best, Hosnieh From ietf@rozanak.com Thu Aug 1 08:45:59 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 079B121E8195 for ; Thu, 1 Aug 2013 08:45:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.445 X-Spam-Level: X-Spam-Status: No, score=-2.445 tagged_above=-999 required=5 tests=[AWL=0.154, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cRxkGvdpNAUL for ; Thu, 1 Aug 2013 08:45:54 -0700 (PDT) Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by ietfa.amsl.com (Postfix) with ESMTP id 4129C21E818D for ; Thu, 1 Aug 2013 08:45:50 -0700 (PDT) Received: from kopoli (dhcp-1698.meeting.ietf.org [130.129.22.152]) by mrelay.perfora.net (node=mrus3) with ESMTP (Nemesis) id 0LtZQC-1U6OQ71axI-011lOd; Thu, 01 Aug 2013 11:45:45 -0400 From: "Hosnieh Rafiee" To: Date: Thu, 1 Aug 2013 17:45:35 +0200 Message-ID: <000001ce8ece$2c9da860$85d8f920$@rozanak.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: Ac6OzimSXtWiq7tETQi7GO3HbM3erA== Content-Language: en-us X-Provags-ID: V02:K0:Chseyn1bS+gCVGkhP11amoBI84L0nCAKqPHZXhGL2BI UZ8AHmJpg/TWN24STvRD9X49yoGz7RuvE8lTOkeGh4yflledpG uhh7LsU6KRhcxtXoQgMNuuR5xg4eClAYf4sy+FC5xg6UdG+gCZ 0o/dPYfAaZ/cnpCR1NJiAEBpqVN5N6chpvbwKhUcq8ld1NYJzi SVS/pn/VcZjCHW7DOfoXYw8jEA2hkDkt4Pc4U0uKvCTxS/WoIP AF8PKcSa61FmgrOQcr4uMJvlSTwIZcHqjf7AL2B5NjRveLa/Gc xbeufC5NVRpJwRmeWEUGFfL5pHjsMFNaLGIc4/ePOfh6NW/ICb j+IGXDnGWio96pIsulhQ= Subject: [saag] a Secure and fast proposal to improve SeND X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 15:45:59 -0000 Hi, As I explained in saag open mike, I have a proposal to improve SeND. It is easy and much faster and high secure. It can be used in place of CGA and we do not need to worry about the compute intensive part of CGA. During the past two years I have had a lot of proposal regarding the improvements of CGA. But the problem you make your CPU busy when you use CGA with sec value higher than 0. If you want to use CGA sec value zero, still my proposal is fast and more secure than that. The security of my proposal for the first time when the node joins to the network and wants to check Duplicate Address Detection is 2^62. But after the first time that is the attacker only have a few seconds to break it, the security of that is the security of the whole public key. The reason is the neighbors keeps his public key in their cache. So the attacker needs to do brute force attacks against the whole public key. This algorithm has the second version too. For further discussion or comments, you can contact me. If you are around in IETF, why not to meet and discuss it further. http://tools.ietf.org/html/draft-rafiee-6man-ssas Thanks, Best, Hosnieh From jhutz@cmu.edu Thu Aug 1 11:36:46 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 399E521E8227 for ; Thu, 1 Aug 2013 11:36:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y4JAuMEM21wW for ; Thu, 1 Aug 2013 11:36:40 -0700 (PDT) Received: from smtp02.srv.cs.cmu.edu (SMTP02.SRV.CS.CMU.EDU [128.2.217.197]) by ietfa.amsl.com (Postfix) with ESMTP id 4932C11E80F9 for ; Thu, 1 Aug 2013 11:36:36 -0700 (PDT) Received: from [128.2.193.239] (minbar.fac.cs.cmu.edu [128.2.193.239]) (authenticated bits=0) by smtp02.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id r71IaOpA026181 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Thu, 1 Aug 2013 14:36:24 -0400 (EDT) Message-ID: <1375382184.23365.547.camel@minbar.fac.cs.cmu.edu> From: Jeffrey Hutzelman To: saag@ietf.org Date: Thu, 01 Aug 2013 14:36:24 -0400 In-Reply-To: <15063_1375347565_r718xLPj015347_F5063677821E3B4F81ACFB7905573F24E1B90F19@MX15A.corp.emc.com> References: <15063_1375347565_r718xLPj015347_F5063677821E3B4F81ACFB7905573F24E1B90F19@MX15A.corp.emc.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.3-0ubuntu6 Content-Transfer-Encoding: 7bit Mime-Version: 1.0 X-Scanned-By: mimedefang-cmuscs on 128.2.217.197 Cc: jhutz@cmu.edu Subject: Re: [saag] POSH Summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 18:36:46 -0000 On Thu, 2013-08-01 at 04:58 -0400, Moriarty, Kathleen wrote: > Hello, > > Here is the short summary for POSH. > > > POSH > IETF 87 > 29 July 2013 > > Co-chairs: Alexey Melnikov & Kathleen Moriarty > > Summary: The BoF had several presentations that have been posted to the > meeting materials. The scope of the effort was not clear to all those > in the room. Although discussions helped to have folks better > understand the problem space and solution, further discussion is > required to move the work ahead in the IETF. Discussions will continue > on the mailing list to review and refine the charter. Matt Miller will > revise the draft to address the questions asked to ensure the problem > space and solution is well understood. This sounds like pretty much every WG-forming BoF ever. Which is fine, but it also doesn't tell me anything about what the BoF was about. From Adam.Montville@cisecurity.org Sun Aug 4 07:15:02 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5BAA21F93F8 for ; Sun, 4 Aug 2013 07:15:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.783 X-Spam-Level: X-Spam-Status: No, score=-2.783 tagged_above=-999 required=5 tests=[AWL=-0.185, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bkpJqkaVJAAD for ; Sun, 4 Aug 2013 07:14:56 -0700 (PDT) Received: from mail1.bemta8.messagelabs.com (mail1.bemta8.messagelabs.com [216.82.243.195]) by ietfa.amsl.com (Postfix) with ESMTP id AD04F21F937E for ; Sun, 4 Aug 2013 07:14:56 -0700 (PDT) Received: from [216.82.242.179:63841] by server-3.bemta-8.messagelabs.com id 22/E2-07295-FD16EF15; Sun, 04 Aug 2013 14:14:55 +0000 X-Env-Sender: Adam.Montville@cisecurity.org X-Msg-Ref: server-12.tower-86.messagelabs.com!1375625694!31436385!1 X-Originating-IP: [69.195.43.86] X-StarScan-Received: X-StarScan-Version: 6.9.11; banners=cisecurity.org,-,- X-VirusChecked: Checked Received: (qmail 5489 invoked from network); 4 Aug 2013 14:14:54 -0000 Received: from mail.msisac.org (HELO mail.msisac.org) (69.195.43.86) by server-12.tower-86.messagelabs.com with AES128-SHA encrypted SMTP; 4 Aug 2013 14:14:54 -0000 Received: from CISEXCHANGE1.msisac.org.local ([fe80::4f0:b68d:e779:38c3]) by CISEXCHANGE2.msisac.org.local ([fe80::9d91:1cd4:d9fb:616c%14]) with mapi id 14.02.0342.003; Sun, 4 Aug 2013 10:14:47 -0400 From: Adam Montville To: "saag@ietf.org" Thread-Topic: SACM Meeting Summary Thread-Index: Ac6RHIZBC6oDZcNtS8OR5gdbN2zcSA== Date: Sun, 4 Aug 2013 14:14:47 +0000 Message-ID: <05BCCEB107AF88469B9F99783D47C1D673BFA5@CISEXCHANGE1.msisac.org.local> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.168.252.38] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [saag] SACM Meeting Summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Aug 2013 14:15:02 -0000 Hello, Here is the summary from the (first!) SACM WG meeting. Regards, Adam SACM IETF 87 2013-08-02 Co-chairs: Dan Romascanu, Adam Montville Summary:=20 The WG had three discussions (available materials posted). The first disc= ussion centered on a Use Case draft (fifth revision), the second centered = on requirements, and a third briefly presented current architecture propos= als. The WG will be asked to take in the Use Case document as a WG docume= nt - there were no objections in the room, and rough consensus will be jud= ged from the list. Dave Waltermire will be taking on the next revision of= the Use Case document (David Harrington had done the 05 revision); Nancy = Cam-Winget will be the primary author of the requirements document. Archi= tecture proposals are encouraged. =20 A timeline of the way forward between now and IETF 88 was presented withou= t objection in the room - this will be posted to list for rough consensus.= Attendance: 30+ in room; a handful on jabber Note Taker: Chris Inacio Jabber Scribe: Jon Baker . . . From derek@ihtfp.com Mon Aug 5 08:03:57 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2129A21F9FC3 for ; Mon, 5 Aug 2013 08:03:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.293 X-Spam-Level: X-Spam-Status: No, score=-102.293 tagged_above=-999 required=5 tests=[AWL=-0.306, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4rLM2dhLGWgv for ; Mon, 5 Aug 2013 08:03:50 -0700 (PDT) Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) by ietfa.amsl.com (Postfix) with ESMTP id B300D21F9FF3 for ; Mon, 5 Aug 2013 08:03:50 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 3EAB4260245; Mon, 5 Aug 2013 11:03:49 -0400 (EDT) Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 17299-01; Mon, 5 Aug 2013 11:03:47 -0400 (EDT) Received: from mocana.ihtfp.org (unknown [IPv6:fe80::224:d7ff:fee7:8924]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "cliodev.ihtfp.com", Issuer "IHTFP Consulting Certification Authority" (not verified)) by mail2.ihtfp.org (Postfix) with ESMTPS id DD82F2600CC; Mon, 5 Aug 2013 11:03:46 -0400 (EDT) Received: (from warlord@localhost) by mocana.ihtfp.org (8.14.7/8.14.5/Submit) id r75F3kxU023495; Mon, 5 Aug 2013 11:03:46 -0400 From: Derek Atkins To: "Hosnieh Rafiee" References: <000701ce8ebe$e146d850$a3d488f0$@rozanak.com> Date: Mon, 05 Aug 2013 11:03:45 -0400 In-Reply-To: <000701ce8ebe$e146d850$a3d488f0$@rozanak.com> (Hosnieh Rafiee's message of "Thu, 1 Aug 2013 15:56:07 +0200") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: Maia Mailguard 1.0.2a Cc: saag@ietf.org Subject: Re: [saag] a Secure and fast proposal to improve SeND X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Aug 2013 15:03:57 -0000 SAAG Members: I spoke with Hosnieh on Thursday and Friday; she is looking for some people from the Security Area to look at her draft and give her comments on the cryptographic security of her proposal. I think it has merit, but she would like other people to also read it and comment as well. Thanks, -derek "Hosnieh Rafiee" writes: > Hi, > > As I explained in saag open mike, I have a proposal to improve SeND. It is > easy and much faster and high secure. It can be used in place of CGA and we > do not need to worry about the compute intensive part of CGA. During the > past two years I have had a lot of proposal regarding the improvements of > CGA. But the problem you make your CPU busy when you use CGA with sec value > higher than 0. > If you want to use CGA sec value zero, still my proposal is fast and more > secure than that. The security of my proposal for the first time when the > node joins to the network and wants to check Duplicate Address Detection is > 2^62. But after the first time that is the attacker only have a few seconds > to break it, the security of that is the security of the whole public key. > The reason is the neighbors keeps his public key in their cache. So the > attacker needs to do brute force attacks against the whole public key. > > This algorithm has the second version too. > > For further discussion or comments, you can contact me. > If you are around in IETF, why not to meet and discuss it further. > http://tools.ietf.org/html/draft-rafiee-6man-ssas > > Thanks, > Best, > Hosnieh > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant From stephen.farrell@cs.tcd.ie Tue Aug 13 04:30:03 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EECA11E814D for ; Tue, 13 Aug 2013 04:30:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zNy7OIKtVCzp for ; Tue, 13 Aug 2013 04:29:58 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id AB5AB11E80EF for ; Tue, 13 Aug 2013 04:29:58 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 124F3BE50; Tue, 13 Aug 2013 12:29:58 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HocpTx5Ajutc; Tue, 13 Aug 2013 12:29:57 +0100 (IST) Received: from [134.226.63.225] (cswireless63-225.scss.tcd.ie [134.226.63.225]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id DAAA3BE38; Tue, 13 Aug 2013 12:29:57 +0100 (IST) Message-ID: <520A18B6.1050706@cs.tcd.ie> Date: Tue, 13 Aug 2013 12:29:58 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8 MIME-Version: 1.0 To: ietf-ssh@NetBSD.org, "saag@ietf.org" References: In-Reply-To: X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [saag] I-D Action: draft-ietf-netconf-reverse-ssh-00.txt X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Aug 2013 11:30:03 -0000 Hi, I just noticed this IPR declaration. [1] Not sure if that updates an earlier one or what but since it won't be sent to saag or the ssh lists via tooling and this draft was discussed on those lists, I thought it might be useful for folks to know about it. S. [1] https://datatracker.ietf.org/ipr/2170/ From stephen.farrell@cs.tcd.ie Wed Aug 14 03:58:36 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B504011E81AB for ; Wed, 14 Aug 2013 03:58:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.6 X-Spam-Level: X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uOAoAHNz62uM for ; Wed, 14 Aug 2013 03:58:30 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id ADD5211E8122 for ; Wed, 14 Aug 2013 03:58:30 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 75105BE4C; Wed, 14 Aug 2013 11:58:27 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gtV1QdUkJ7fe; Wed, 14 Aug 2013 11:58:27 +0100 (IST) Received: from [134.226.63.225] (cswireless63-225.scss.tcd.ie [134.226.63.225]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1DD91BE4D; Wed, 14 Aug 2013 11:58:27 +0100 (IST) Message-ID: <520B62D3.7040605@cs.tcd.ie> Date: Wed, 14 Aug 2013 11:58:27 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8 MIME-Version: 1.0 To: "saag@ietf.org" X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: [saag] new nonwg list proposal X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Aug 2013 10:58:36 -0000 Hi, Following on from the discussions in Berlin with the Tor folks and others I plan to ask for a new IETF list to be setup with the description below. I'll do that in a day or so, but just wanted to see if folks have any comments as to its scope before then. If you have comments, please send them to Sean and I. If you're interested in the topic, I'll send the list info here when its set up. S. The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. The list is not intended to be a precursor to a working group but rather to for example discuss ways in which IETF protocols at any layer can be made more robust against pervasive passive monitoring. If subsequent protocol work is to be done in the IETF that would likely happen in existing or new protocol-specific working groups. From stephen.farrell@cs.tcd.ie Wed Aug 14 17:09:39 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 650EF21F99EF for ; Wed, 14 Aug 2013 17:09:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SjOfhXrcgW5N for ; Wed, 14 Aug 2013 17:09:33 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id B09B821F996F for ; Wed, 14 Aug 2013 17:09:33 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id EBDF7BE53 for ; Thu, 15 Aug 2013 01:09:32 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IZACG67-+9Ib for ; Thu, 15 Aug 2013 01:09:31 +0100 (IST) Received: from [10.87.48.8] (unknown [86.44.78.40]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id A1C81BE38 for ; Thu, 15 Aug 2013 01:09:31 +0100 (IST) Message-ID: <520C1C3B.3040104@cs.tcd.ie> Date: Thu, 15 Aug 2013 01:09:31 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8 MIME-Version: 1.0 To: "saag@ietf.org" References: <520B62D3.7040605@cs.tcd.ie> In-Reply-To: <520B62D3.7040605@cs.tcd.ie> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [saag] new nonwg list proposal X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Aug 2013 00:09:39 -0000 List now exists. [1] Subscribe away. Let's give it a day or two before kicking off the discussion so folks have time to subscribe. (The ietf-announce mail will also take a ticket-processing cycle.) S. [1] https://www.ietf.org/mailman/listinfo/perpass On 08/14/2013 11:58 AM, Stephen Farrell wrote: > > Hi, > > Following on from the discussions in Berlin with the Tor > folks and others I plan to ask for a new IETF list to be > setup with the description below. I'll do that in a day > or so, but just wanted to see if folks have any comments > as to its scope before then. > > If you have comments, please send them to Sean and I. If > you're interested in the topic, I'll send the list info > here when its set up. > > S. > > The perpass list is for discussion of the privacy properties > of IETF protocols and concrete ways in which those could be > improved. The list is not intended to be a precursor to a > working group but rather to for example discuss ways in which > IETF protocols at any layer can be made more robust against > pervasive passive monitoring. If subsequent protocol work > is to be done in the IETF that would likely happen in > existing or new protocol-specific working groups. > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > From rgm-sec@htt-consult.com Fri Aug 23 05:44:19 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD00C11E8161 for ; Fri, 23 Aug 2013 05:44:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.669 X-Spam-Level: X-Spam-Status: No, score=-2.669 tagged_above=-999 required=5 tests=[AWL=-0.070, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KWW-rzK+UUM7 for ; Fri, 23 Aug 2013 05:44:19 -0700 (PDT) Received: from klovia.htt-consult.com (klovia.htt-consult.com [IPv6:2607:f4b8:3:0:218:71ff:fe83:66b9]) by ietfa.amsl.com (Postfix) with ESMTP id 297F911E81B3 for ; Fri, 23 Aug 2013 05:44:11 -0700 (PDT) Received: from localhost (unknown [127.0.0.1]) by klovia.htt-consult.com (Postfix) with ESMTP id 16F1462A8F for ; Fri, 23 Aug 2013 12:44:05 +0000 (UTC) X-Virus-Scanned: amavisd-new at localhost Received: from klovia.htt-consult.com ([127.0.0.1]) by localhost (klovia.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0I95FhMriNqZ for ; Fri, 23 Aug 2013 08:43:54 -0400 (EDT) Received: from lx120e2.htt-consult.com (lx120e2.htt-consult.com [208.83.67.155]) (Authenticated sender: rgm-sec@htt-consult.com) by klovia.htt-consult.com (Postfix) with ESMTPSA id 8236462A82 for ; Fri, 23 Aug 2013 08:43:54 -0400 (EDT) Message-ID: <5217590A.5090707@htt-consult.com> Date: Fri, 23 Aug 2013 08:43:54 -0400 From: Robert Moskowitz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 MIME-Version: 1.0 To: IETF Security Area Advisory Group Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 12:44:19 -0000 The popular technical press has picked up Blackhat talks on the approaching end of RSA and DH and thus the need to move to ECC: http://www.technewsdaily.com/18662-internet-security-cryptopalypse.html Cryptopalypse ??? Like Metcalf predicting the death of the Internet in the mid 90s? We (the IETF) have been doing well positioning for ECC. Or so it seems to me. But is there a sense of urgency as I seem to recall with MD5 and SHA1. Or is it that we have done everything we reasonably can to 'lead the horse to the water'? Curious to get a reading on this from an IETF prospective. From ynir@checkpoint.com Fri Aug 23 12:10:50 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70D5E11E80EC for ; Fri, 23 Aug 2013 12:10:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.699 X-Spam-Level: X-Spam-Status: No, score=-10.699 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PjyUcBcTd8s8 for ; Fri, 23 Aug 2013 12:10:46 -0700 (PDT) Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id 8DE4711E80E4 for ; Fri, 23 Aug 2013 12:10:45 -0700 (PDT) Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r7NJAWgq005847; Fri, 23 Aug 2013 22:10:32 +0300 X-CheckPoint: {5217B3A8-F-1B221DC2-1FFFF} Received: from IL-EX10.ad.checkpoint.com ([169.254.2.105]) by DAG-EX10.ad.checkpoint.com ([169.254.3.223]) with mapi id 14.02.0342.003; Fri, 23 Aug 2013 22:10:32 +0300 From: Yoav Nir To: Robert Moskowitz Thread-Topic: [saag] Time now for ECC? Thread-Index: AQHOn/6FqtgKHVsfeES8CPAVdjLmYJmi9qCA Date: Fri, 23 Aug 2013 19:10:31 +0000 Message-ID: <99AE069D-EB89-4F7B-8ED5-7FADB0BAF1C0@checkpoint.com> References: <5217590A.5090707@htt-consult.com> In-Reply-To: <5217590A.5090707@htt-consult.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [172.31.20.177] x-kse-antivirus-interceptor-info: scan successful x-kse-antivirus-info: Clean x-cpdlp: 115299d07249e2ded06d58aab3e0b5619a764f2d55 Content-Type: text/plain; charset="us-ascii" Content-ID: <38C0AFBB0D5BAD419F66BA24E1362CE2@ad.checkpoint.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 19:10:50 -0000 On Aug 23, 2013, at 3:43 PM, Robert Moskowitz wro= te: > The popular technical press has picked up Blackhat talks on the approachi= ng end of RSA and DH and thus the need to move to ECC: >=20 > http://www.technewsdaily.com/18662-internet-security-cryptopalypse.html "Such academic work, the presenters pointed out, quickly rendered useless t= he MD5 one-way encryption algorithm a few years ago". "Quickly" is a weird = word to use there. The academic work exposing flaws in MD5 dates back to 19= 94, so that RFC 2459 from January 1999 recommended not to use it. Colliding= buffers happened in 2004, and a fake certificate was generated in late 200= 8. Do 14-15 years count as "quickly" on the Internet? >=20 > Cryptopalypse ??? >=20 > Like Metcalf predicting the death of the Internet in the mid 90s? >=20 > We (the IETF) have been doing well positioning for ECC. Or so it seems t= o me. But is there a sense of urgency as I seem to recall with MD5 and SHA= 1. The urgency is so great that most certificates are still signed with RSA+SH= A-1. The certificate for https://www.ietf.org is like that, as is the certi= ficate for Paypal. MD5 does seem to have disappeared. > Or is it that we have done everything we reasonably can to 'lead the hors= e to the water'? >=20 > Curious to get a reading on this from an IETF prospective. We can write draft-ietf-water-horse. We can publish it and give it an RFC n= umber. We have no control as to who decides to implement it. Yoav From nico@cryptonector.com Fri Aug 23 12:49:49 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58FDD21F9DA1 for ; Fri, 23 Aug 2013 12:49:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.952 X-Spam-Level: X-Spam-Status: No, score=-1.952 tagged_above=-999 required=5 tests=[AWL=0.025, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fo594JFe5+9X for ; Fri, 23 Aug 2013 12:49:44 -0700 (PDT) Received: from homiemail-a65.g.dreamhost.com (caiajhbdcbhh.dreamhost.com [208.97.132.177]) by ietfa.amsl.com (Postfix) with ESMTP id E3B8611E8168 for ; Fri, 23 Aug 2013 12:49:39 -0700 (PDT) Received: from homiemail-a65.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a65.g.dreamhost.com (Postfix) with ESMTP id DE5E37E4075 for ; Fri, 23 Aug 2013 12:49:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=EV/2Jm3GadqNr7V9OgbR 2l8OgU8=; b=gZR5fPbom2zj32m+ijs0ahmp9gf10z5QEOW4xOAQwpup5w9Sb9FV hKQUNeLagv5dR2F0BSsIo9Z1HW/GCAu9EnKOPkXovXDvq/yAfKoDmJ2yQGf5GPQ1 hgGNTrcD00rQdRe6XOY3/xZHt7w3nYRPPqI0knpNNXRulBId2eaDz/c= Received: from mail-wg0-f44.google.com (mail-wg0-f44.google.com [74.125.82.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a65.g.dreamhost.com (Postfix) with ESMTPSA id 880167E403E for ; Fri, 23 Aug 2013 12:49:37 -0700 (PDT) Received: by mail-wg0-f44.google.com with SMTP id x12so779790wgg.23 for ; Fri, 23 Aug 2013 12:49:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=4cKl4DIr1ZHVCkpGV3QZHyYfLmaifLbz3nGUoWbU/r4=; b=TvrdI96PaFFz1Bz1LUDFvgSWIHfy8j9XpzbJ5isBffY+OPYBio9l/9j2ljK81ssye8 b6LIEqW7ksqgbp2WM2P21kJotbyUU1MLiOquZwkEX1O0ifBuQ16Ozwwd92EoS97OKnvC rfJaAMl3k0HHO8emKxGe9p3oboBXrX3l+vjp9ajNXI8aFWTcgvcbibZ+gHYaSSy3X9Os FAzkLI9jNCJ4SY/saix5tDG0NnlSlZsXKNt38PV7VPLydiaBSh5jB+KgSXJp12rRkHZX QbKCECce5xEdsJjK6daedwzOevYI0kj0w9KHc7Fu6bSTBcr5JSLlrTOHwO+gtKcsWxRf vBOw== MIME-Version: 1.0 X-Received: by 10.180.183.206 with SMTP id eo14mr3306205wic.33.1377287376090; Fri, 23 Aug 2013 12:49:36 -0700 (PDT) Received: by 10.216.31.193 with HTTP; Fri, 23 Aug 2013 12:49:36 -0700 (PDT) In-Reply-To: <5217590A.5090707@htt-consult.com> References: <5217590A.5090707@htt-consult.com> Date: Fri, 23 Aug 2013 14:49:36 -0500 Message-ID: From: Nico Williams To: Robert Moskowitz Content-Type: text/plain; charset=UTF-8 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 19:49:49 -0000 If we want ECC take-up I think we should standardize Curve25519 ECCDH and Ed25519 ECC signatures, as their authors make strong (at least plausible) arguments for patent non-encumberment of those algorithms and their various implementations. Plus those algorithms happen to have some useful advantages over competitors, primarily speed. I'm curious as to why there's been so little adoption of Curve25519/Ed25519 here at the IETF (and, for that matter, NIST and similar agencies of national governments other than the U.S.). I've not done much research as to this point, but whenever I've asked I've received no responses. Nico -- From rgm-sec@htt-consult.com Fri Aug 23 13:27:42 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42A2021F9C88 for ; Fri, 23 Aug 2013 13:27:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.634 X-Spam-Level: X-Spam-Status: No, score=-2.634 tagged_above=-999 required=5 tests=[AWL=-0.035, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BkQNjCwfTf-z for ; Fri, 23 Aug 2013 13:27:41 -0700 (PDT) Received: from klovia.htt-consult.com (klovia.htt-consult.com [IPv6:2607:f4b8:3:0:218:71ff:fe83:66b9]) by ietfa.amsl.com (Postfix) with ESMTP id C941721F9C69 for ; Fri, 23 Aug 2013 13:27:41 -0700 (PDT) Received: from localhost (unknown [127.0.0.1]) by klovia.htt-consult.com (Postfix) with ESMTP id E1F8362A9B; Fri, 23 Aug 2013 20:27:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at localhost Received: from klovia.htt-consult.com ([127.0.0.1]) by localhost (klovia.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o0JijxDyCeMH; Fri, 23 Aug 2013 16:27:23 -0400 (EDT) Received: from lx120e2.htt-consult.com (lx120e2.htt-consult.com [208.83.67.155]) (Authenticated sender: rgm-sec@htt-consult.com) by klovia.htt-consult.com (Postfix) with ESMTPSA id 874BA62A82; Fri, 23 Aug 2013 16:27:23 -0400 (EDT) Message-ID: <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 16:27:08 -0400 From: Robert Moskowitz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 MIME-Version: 1.0 To: Nico Williams References: <5217590A.5090707@htt-consult.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 20:27:42 -0000 On 08/23/2013 03:49 PM, Nico Williams wrote: > If we want ECC take-up I think we should standardize Curve25519 ECCDH > and Ed25519 ECC signatures, as their authors make strong (at least > plausible) arguments for patent non-encumberment of those algorithms > and their various implementations. Plus those algorithms happen to > have some useful advantages over competitors, primarily speed. Where are these documented? > > I'm curious as to why there's been so little adoption of > Curve25519/Ed25519 here at the IETF (and, for that matter, NIST and > similar agencies of national governments other than the U.S.). I've > not done much research as to this point, but whenever I've asked I've > received no responses. > > Nico > -- > From nico@cryptonector.com Fri Aug 23 14:14:06 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBE7511E8137 for ; Fri, 23 Aug 2013 14:14:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.726 X-Spam-Level: X-Spam-Status: No, score=-1.726 tagged_above=-999 required=5 tests=[AWL=-0.117, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, URI_HEX=0.368] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VqiiCAEz7-qY for ; Fri, 23 Aug 2013 14:14:02 -0700 (PDT) Received: from homiemail-a49.g.dreamhost.com (mailbigip.dreamhost.com [208.97.132.5]) by ietfa.amsl.com (Postfix) with ESMTP id 4974411E8108 for ; Fri, 23 Aug 2013 14:14:02 -0700 (PDT) Received: from homiemail-a49.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a49.g.dreamhost.com (Postfix) with ESMTP id 1A720200B9916 for ; Fri, 23 Aug 2013 14:14:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=U6e9nDbG8kxXsiAYgzlt Z1a/Ug0=; b=AU9hqZpSTAkrjnF199YAZnAYaAdblUL5C5yzVSfRC4tgDlaGn51k ZKQtjxScj/rLwgNUzrvpBdMRp85l8ZjwvEqJDD3cN38tYW9bIVnvs+wXO0GwSm2o dgruuDziNZlfEH283JZwg6GD7QN3n2GVFJi6wg1PrEmAk+FAVnhmcTo= Received: from mail-wi0-f169.google.com (mail-wi0-f169.google.com [209.85.212.169]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a49.g.dreamhost.com (Postfix) with ESMTPSA id ABA41200B990C for ; Fri, 23 Aug 2013 14:14:01 -0700 (PDT) Received: by mail-wi0-f169.google.com with SMTP id l12so2497817wiv.0 for ; Fri, 23 Aug 2013 14:14:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dwcQJzbG0m7apMKngBqgQtH/DPlssF15ywYYGuUPFJA=; b=ML5oK1btHN16midolHAlc5mS/sRx10cMPw18B585YQZgYqLvyxlyhpVEnwW20wxowU PoocfQzpyhx+MIiWYiX3cVmF/2Onr1NJWc4fokOhSJhewZ4+5UWkcltW+8nlvBZC8ccT HGQ27GzfFqG/PX1vpMCwjL36fXKqwkEkklpVsZAMimMmCLiukcwJsaG+Xq5wi6pjHkF8 ZO0Fu6Rgz8xaRp1iqf+niLQDKiQOzjJgm1Ch4aePIjAwOLeWnwKe2r3b+j5eebBthJKm asJVKcLQsh1sEWmT7Fz9Txif/rqGvLQpEwePSPkr8amuGPV4Y3zQ54katldB8epTorts 1HJA== MIME-Version: 1.0 X-Received: by 10.194.8.9 with SMTP id n9mr1295256wja.11.1377292440199; Fri, 23 Aug 2013 14:14:00 -0700 (PDT) Received: by 10.216.31.193 with HTTP; Fri, 23 Aug 2013 14:14:00 -0700 (PDT) In-Reply-To: <5217C59C.2030002@htt-consult.com> References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 16:14:00 -0500 Message-ID: From: Nico Williams To: Robert Moskowitz Content-Type: text/plain; charset=UTF-8 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 21:14:07 -0000 On Fri, Aug 23, 2013 at 3:27 PM, Robert Moskowitz wrote: > On 08/23/2013 03:49 PM, Nico Williams wrote: >> >> If we want ECC take-up I think we should standardize Curve25519 ECCDH >> and Ed25519 ECC signatures, as their authors make strong (at least >> plausible) arguments for patent non-encumberment of those algorithms >> and their various implementations. Plus those algorithms happen to >> have some useful advantages over competitors, primarily speed. > > > Where are these documented? http://cr.yp.to/ecdh.html http://ed25519.cr.yp.to/ A number of implementations are floating about. The ease of estimating patent [non-]encumbrance certainty (alternatively: low cost of and availability of patent licensing on reasonable terms) is often the most important factor for many implementors after "good enough security and performance". If we want ECC adoption to pick up steam then we should want to standardize ECC curves that make this easy; IMO curve25519 does that. (But IANAL.) From SRS0=Nld5=SE=acm.org=bmoeller@srs.kundenserver.de Fri Aug 23 15:11:43 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36AAF11E8124 for ; Fri, 23 Aug 2013 15:11:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.626 X-Spam-Level: X-Spam-Status: No, score=-1.626 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Koav2vPRCyHe for ; Fri, 23 Aug 2013 15:11:38 -0700 (PDT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.186]) by ietfa.amsl.com (Postfix) with ESMTP id 1A2F711E80EF for ; Fri, 23 Aug 2013 15:11:38 -0700 (PDT) Received: from mail-oa0-f48.google.com (mail-oa0-f48.google.com [209.85.219.48]) by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis) id 0Lbh0d-1VwFhO02RP-00kjeP; Sat, 24 Aug 2013 00:11:33 +0200 Received: by mail-oa0-f48.google.com with SMTP id o17so1412606oag.7 for ; Fri, 23 Aug 2013 15:11:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=AQMM7x06RP3ZGo53UakyLeKp00jQItgj7Mpnvk1MN5I=; b=YlH5NB5A6VlYLL2C8E0NEVjeZpnLdeDXT8UfzxcydsCDyYlzglaziP0E1jlB1E4KgC LHtT7MVfIKqONDqL0IN8HiwU/6f0cRnnuOuaOnDxhYrEcH9MIbYQOxj8NHRy6t3D7lvw KPSsgKh/8RzZ/JgvPR9SLM3o1ydY//9cOYFZKfRjFcAZ7wbtWgGiBG4IwWwDwM+zAJ1K qwDwdCkI66aTSKlNrrldSYfhN4QA5kjx05AEnjnCES3NVDO6OFg1p5XWstWd9aVvpRll I7SblbqRuAtZRNoZP0A3GYx5aX4bkeWjGBvRYES8mYu2+JKL2Yl/oAfwV7Bw4YfV9G/M gyIA== MIME-Version: 1.0 X-Received: by 10.182.226.199 with SMTP id ru7mr1594881obc.12.1377295891596; Fri, 23 Aug 2013 15:11:31 -0700 (PDT) Received: by 10.60.172.145 with HTTP; Fri, 23 Aug 2013 15:11:31 -0700 (PDT) In-Reply-To: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 15:11:31 -0700 Message-ID: From: Bodo Moeller To: Nico Williams Content-Type: multipart/alternative; boundary=001a11c309aa5e90bd04e4a4b0b9 X-Provags-ID: V02:K0:UPSSAw9HYzbfKYcMNz3u6RYNerWxMCsLblIEggq8rBk VTsUdNw0N0hhqgK7uo+jb3EldPvg81gHVUdbit32sWxuODaEJn txPRstmSMYVmwO3CzPv38fO8yK07xUdcx434fjW6F2vkB8hdU3 GAmR0peE8c4QiK++wqr2RHr9ODlFdAn99y1CfcigZ58oqAsDpR TE/dJ0poTyEYj2eu67S6jCZ4v9lTAmd+IxzdorfeZQokVVFb/c tSctjikPriOJ6J6gdJ47deUvXiu3BZPmwT1KEU0QwEVyhrskZW +yghHjq6mMylQDMz7BDFhEKKig9XrpamQMHWhgqRgDlZA0EY/x lKlW1twgE520Ktt7571TI6sRzCR2qBBMc50MX7THL+4EcORh1g 0u7Wyp/NcG8y5wxJQfeOX1o7WnBALa6y4zMHCZ52jIT8ulm6Bv 4MOTt Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 22:12:13 -0000 --001a11c309aa5e90bd04e4a4b0b9 Content-Type: text/plain; charset=ISO-8859-1 > > > The ease of estimating patent [non-]encumbrance certainty > (alternatively: low cost of and availability of patent licensing on > reasonable terms) is often the most important factor for many > implementors after "good enough security and performance". If we want > ECC adoption to pick up steam then we should want to standardize ECC > curves that make this easy; IMO curve25519 does that. (But IANAL.) > There's RFC 6090, and then there's http://www.certicom.com/index.php/ip-contributions. Various interoperable implementations supporting the widely standardized curves do exist (open-source and otherwise): TLS connections to www.google.com, for example, normally do use ECDH (with curve NIST P-256) these days. Offering more specifications to choose from could make a broad migration harder because it's a detriment to interoperability. That said, Curve25519 *is* nice (although for new specs you'd probably pick the Ed25519 curve representation even for ECDH instead). Based on its merits, this newer work certainly seems worthy of standardization. (*That* said, the recent claims that the end of RSA and DH is approaching are horribly overblown -- at increasing key sizes, they are becoming increasingly inconvenient to use compared to elliptic curves, but that has been known for a long time. The recent results for certain discrete logarithms are a useful reminder that the known cryptanalytic algorithms can indeed improve, but they don't apply to DH using MODP groups or to RSA.) Bodo --001a11c309aa5e90bd04e4a4b0b9 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

The ease of estimating patent [non-]encumbrance certainty
(alternatively: low cost of and availability of patent licensing on
reasonable terms) is often the most important factor for many
implementors after "good enough security and performance". =A0If = we want
ECC adoption to pick up steam then we should want to standardize ECC
curves that make this easy; IMO curve25519 does that. =A0(But IANAL.)

There's RFC 6090, and then there's <= a href=3D"http://www.certicom.com/index.php/ip-contributions" target=3D"_bl= ank">http://www.certicom.com/index.php/ip-contributions. Various intero= perable implementations supporting the widely standardized curves do exist = (open-source and otherwise): TLS connections to www.google.com, for example, normally do use E= CDH (with curve NIST P-256) these days. Offering more specifications to cho= ose from could make a broad migration harder because it's a detriment t= o interoperability.

That said, Curve25519 *is* nice (although for new specs= you'd probably pick the Ed25519 curve representation even for ECDH ins= tead). Based on its merits, this newer work certainly seems worthy of stand= ardization.

(*That* said, the recent claims that the end of RSA and DH is approach= ing are horribly overblown -- at increasing key sizes, they are becoming in= creasingly inconvenient to use compared to elliptic curves, but that has be= en known for a long time. =A0The recent results for certain discrete logarithms are= a useful reminder that the known cryptanalytic algorithms can indeed impro= ve, but they don't apply to DH using MODP groups or to RSA.)

Bodo

--001a11c309aa5e90bd04e4a4b0b9-- From cabo@tzi.org Fri Aug 23 15:13:46 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 789E611E8124 for ; Fri, 23 Aug 2013 15:13:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.158 X-Spam-Level: X-Spam-Status: No, score=-106.158 tagged_above=-999 required=5 tests=[AWL=0.091, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jp49i5-7RUHL for ; Fri, 23 Aug 2013 15:13:40 -0700 (PDT) Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id 6541211E80EF for ; Fri, 23 Aug 2013 15:13:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.4/8.14.4) with ESMTP id r7NMDSEw003739; Sat, 24 Aug 2013 00:13:28 +0200 (CEST) Received: from [192.168.217.105] (p548929D6.dip0.t-ipconnect.de [84.137.41.214]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id C8650CE5; Sat, 24 Aug 2013 00:13:27 +0200 (CEST) Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: text/plain; charset=iso-8859-1 From: Carsten Bormann In-Reply-To: Date: Sat, 24 Aug 2013 00:13:26 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <2EB6AC73-6DF3-46CD-9724-9A881C5D286B@tzi.org> References: <5217590A.5090707@htt-consult.com> To: Nico Williams X-Mailer: Apple Mail (2.1508) Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 22:13:46 -0000 On Aug 23, 2013, at 21:49, Nico Williams wrote: > If we want ECC take-up I think we should standardize For CoAP, we just zoomed in rather heavily on secp256r1, a.k.a. NIST = P-256. All the (D)TLS moving parts needed for this are in place*). Implementers are advised that the techniques documented in RFC 6090 are = available for implementation. The WG feels pretty good about that. And there certainly would be synergies if the not-so-constrained parts = of the Internet used the same curve that light switches and thermostats = are going to use. Gr=FC=DFe, Carsten *) Well, we are waiting for two more SEC area specs to be finished = because we don't always use full certs and our chips like AES-CCM. But = that shouldn't stop anyone else. From nico@cryptonector.com Fri Aug 23 15:16:19 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 942E211E813F for ; Fri, 23 Aug 2013 15:16:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[AWL=0.078, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d7o15HWvRRLz for ; Fri, 23 Aug 2013 15:16:15 -0700 (PDT) Received: from homiemail-a74.g.dreamhost.com (caiajhbdccac.dreamhost.com [208.97.132.202]) by ietfa.amsl.com (Postfix) with ESMTP id 43A4611E80EF for ; Fri, 23 Aug 2013 15:16:14 -0700 (PDT) Received: from homiemail-a74.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a74.g.dreamhost.com (Postfix) with ESMTP id BF7D167C072 for ; Fri, 23 Aug 2013 15:16:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=scfEyEdYdMtvHWUBBHPY 4YAV2kA=; b=fAjs+otgkclkkEklAtMqY6k5CFigMcEZztmXq5D42AtQapul5Vfu AxCRJE7GXdcUPBHfSewiAHdhPFVnorHrp3pog92eHSn/FQ9OHiNeD8hgbmZqJGnb Btho2bXmslOs3BqtoSSMeafcochwtjyFP0gU6y9gFdc5+c8Q0gRmKCc= Received: from mail-wi0-f181.google.com (mail-wi0-f181.google.com [209.85.212.181]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a74.g.dreamhost.com (Postfix) with ESMTPSA id 7317667C075 for ; Fri, 23 Aug 2013 15:16:14 -0700 (PDT) Received: by mail-wi0-f181.google.com with SMTP id ey16so1094111wid.8 for ; Fri, 23 Aug 2013 15:16:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=xXxDUr/uOd4wjXz54GcK46IjYiyTm1xZHXRnKmrGnm0=; b=Fsim736ABYwzfKQ7S+sIrbogEvJN7CIkQjC+S/4DxGlMj3myMJloznhxpILGINVd4x aPe8UdG4pYXJmt4lweGbNncgbeyB6w4blSj4HNwL/wZde6e4toZnzAZTPdSroEeLRJyy I++IEKILhuccgAjMYG0GfH4bT2FUJimNFj/gVbS07GyACaMRAZsBUAzoobdCrIKutMzm pMnikAtLGs/1ntERxsSq5ASbMp114ExvmWqjIxfEo3cVtDzWQ0fbT54sV/UjfD8YuTlf uRSuM+7ZKUNcGxZLsze6LNnM0RwvfQ53xxUf2ibf2R34v3HNg3fDspbFAKoCp361xPOH byvA== MIME-Version: 1.0 X-Received: by 10.194.95.10 with SMTP id dg10mr1341892wjb.36.1377296172912; Fri, 23 Aug 2013 15:16:12 -0700 (PDT) Received: by 10.216.31.193 with HTTP; Fri, 23 Aug 2013 15:16:12 -0700 (PDT) In-Reply-To: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 17:16:12 -0500 Message-ID: From: Nico Williams To: Bodo Moeller Content-Type: text/plain; charset=UTF-8 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 22:16:19 -0000 On Fri, Aug 23, 2013 at 5:11 PM, Bodo Moeller wrote: > There's RFC 6090, and then there's > http://www.certicom.com/index.php/ip-contributions. Various interoperable > implementations supporting the widely standardized curves do exist > (open-source and otherwise): TLS connections to www.google.com, for example, > normally do use ECDH (with curve NIST P-256) these days. Offering more > specifications to choose from could make a broad migration harder because > it's a detriment to interoperability. That's particularly true for TLS for reasons very specific to TLS. In general adding more DH groups is not a big deal for any protocol that supports DH for key exchange. > That said, Curve25519 *is* nice (although for new specs you'd probably pick > the Ed25519 curve representation even for ECDH instead). Based on its > merits, this newer work certainly seems worthy of standardization. Agreed. I think these are compelling. > (*That* said, the recent claims that the end of RSA and DH is approaching > are horribly overblown -- at increasing key sizes, they are becoming > increasingly inconvenient to use compared to elliptic curves, but that has > been known for a long time. The recent results for certain discrete > logarithms are a useful reminder that the known cryptanalytic algorithms can > indeed improve, but they don't apply to DH using MODP groups or to RSA.) I agree that the warnings of RSA's and DH's impending deaths are overblown, but we should make sure we have ECC equivalents in place. Nico -- From SRS0=Nld5=SE=acm.org=bmoeller@srs.kundenserver.de Fri Aug 23 15:56:59 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70BC411E80EF for ; Fri, 23 Aug 2013 15:56:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.592 X-Spam-Level: X-Spam-Status: No, score=-1.592 tagged_above=-999 required=5 tests=[AWL=0.034, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z4r3n+rdERUg for ; Fri, 23 Aug 2013 15:56:53 -0700 (PDT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.9]) by ietfa.amsl.com (Postfix) with ESMTP id 4A8B911E80DF for ; Fri, 23 Aug 2013 15:56:53 -0700 (PDT) Received: from mail-oa0-f41.google.com (mail-oa0-f41.google.com [209.85.219.41]) by mrelayeu.kundenserver.de (node=mreu4) with ESMTP (Nemesis) id 0Loeg3-1Vj3BA3FYx-00glyr; Sat, 24 Aug 2013 00:56:52 +0200 Received: by mail-oa0-f41.google.com with SMTP id j6so1466309oag.14 for ; Fri, 23 Aug 2013 15:56:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Hn7i9c4ohOwAfdo7sBlFGz41ieuDpZzfRA8KcFtIOAE=; b=hPeg5v2+iiLJ+cU7GuRblx4Tq4IcVkq+R/Z7QF/4/ihN7keu/rucFZjq/LHsWkfVh4 b+7D03NmyfrLxP3O3hJgr1MK6cVC5DmK5mPYf7Uno3BR5HhUgADx6PMMzZMc/tT9oe9O tJ6eq+Pa7khSsTMtxkv22OBJwFQLJIz5amqMQ7aAQtbYgDeLtsAxPZqFz8eLIDJeLJW4 XEq4LgD3cchz/y+JNBFE8nptsmcb/XxPe/PEdOBhvL2osSQc/YHj21PQco1B6G0Od4V2 s3OUPRXi+5pTfgtDh0sJtUQey6WzmutSkEBvbjkl6nFTRtrqwU5IxvLYxtmWdfgGzCzn XQmw== MIME-Version: 1.0 X-Received: by 10.182.46.232 with SMTP id y8mr1745721obm.13.1377298610451; Fri, 23 Aug 2013 15:56:50 -0700 (PDT) Received: by 10.60.172.145 with HTTP; Fri, 23 Aug 2013 15:56:50 -0700 (PDT) In-Reply-To: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 15:56:50 -0700 Message-ID: From: Bodo Moeller To: Nico Williams Content-Type: multipart/alternative; boundary=047d7bfe97e06cff8704e4a55268 X-Provags-ID: V02:K0:FwUDvDw5Rs6CYjOu5LhO5GgQdx9p3CnxZEmuCjp7gpS HuaRJFUvLyLC+dRUrVsA6HPyFblaQ9pJWeg8qwbo1OrrzMJrIW v290kYr6E/d1D/LG3AhNSfiQnQ+YqAvEBsJX0le0y5JlQLFAXg 3At7HKR9S8CGkTWFIRRJAuRvrQ+cNqYQPbYJfMs4eRDixqe1xt wNou1jWaI1kGhfyVMMVN1gYQVrTjjHMUPKOi3ZAX6frv5pLApA zyPXZiCOi/TabgTpauf4CHxe64qqpBAiELL3WShFsdYkfkHSdB oiS/hZ0VTBysqMmtPr26d5eDuIbT5A5AWpLtKYV6HBb8ETOGPM YYG+dUn+gKZNRON5v9FMe/ERCiFVp15vP8hlmHhE8DI8ypfMHr +525FNAA0Bb7X4RTtzjgiBPwxks7HRsSe4W0L1rTrd2c3fivTZ zcsl1 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 22:56:59 -0000 --047d7bfe97e06cff8704e4a55268 Content-Type: text/plain; charset=ISO-8859-1 > That's particularly true for TLS for reasons very specific to TLS. In > general adding more DH groups is not a big deal for any protocol that > supports DH for key exchange. > I don't agree that the reasons are specific to TLS. Whereas for MODP DH adding more groups is not a big deal, in the case of ECC you're essentially looking at independent implementations for different groups -- if you support NIST P-256, you'll have to add very different code to also support Ed25519. [You can create more general code for families of curves, e.g. NIST P-###, but it will cost you dearly in performance.] So sticking to a small set of curves makes it more likely that different implementations will actually be able to interoperate with each other [efficiently] without falling back to good ol' MODP DH or RSA. The best strategy to prevent more widespread deployment of elliptic-curve cryptography is to create standards that cover every curve that's out there :-) > I agree that the warnings of RSA's and DH's impending deaths are > overblown, but we should make sure we have ECC equivalents in place. > Certainly! For various protocols, ECC with NIST curves is already getting traction. {Curve,Ed}25519 allows for performance improvements significant enough that, *despite* the general interoperability concerns, it would be a shame not to support this also; and hopefully this will eventually become a government-vetted curve too. Bodo --047d7bfe97e06cff8704e4a55268 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

=
That's particularly true for TLS for reasons very specific to TLS. =A0I= n
general adding more DH groups is not a big deal for any protocol that
supports DH for key exchange.

I don'= ;t agree that the reasons are specific to TLS. =A0Whereas for MODP DH addin= g more groups is not a big deal, in the case of ECC you're essentially = looking at independent implementations for different groups -- if you suppo= rt NIST P-256, you'll have to add very different code to also support E= d25519. =A0[You can create more general code for families of curves, e.g. N= IST P-###, but it will cost you dearly in performance.] =A0So sticking to a= small set of curves makes it more likely that different implementations wi= ll actually be able to interoperate with each other [efficiently] without f= alling back to good ol' MODP DH or RSA.

The best strategy to prevent more widespread deployment= of elliptic-curve cryptography is to create standards that cover every cur= ve that's out there :-)


I agree that the warnings of RSA's and DH's impending deaths = are
overblown, but we should make sure we have ECC equivalents in place.

Certainly! =A0For various protocols, ECC with= NIST curves is already getting traction. =A0{Curve,Ed}25519 allows for per= formance improvements significant enough that, *despite* the general intero= perability concerns, it would be a shame not to support this also; and hope= fully this will eventually become a government-vetted curve too.

Bodo

--047d7bfe97e06cff8704e4a55268-- From nico@cryptonector.com Fri Aug 23 16:08:40 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F78821F99EC for ; Fri, 23 Aug 2013 16:08:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.954 X-Spam-Level: X-Spam-Status: No, score=-1.954 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DlZEaZvUIkDh for ; Fri, 23 Aug 2013 16:08:35 -0700 (PDT) Received: from homiemail-a65.g.dreamhost.com (caiajhbdcaib.dreamhost.com [208.97.132.81]) by ietfa.amsl.com (Postfix) with ESMTP id 2081E21F9974 for ; Fri, 23 Aug 2013 16:08:35 -0700 (PDT) Received: from homiemail-a65.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a65.g.dreamhost.com (Postfix) with ESMTP id AA5BB7E4073 for ; Fri, 23 Aug 2013 16:08:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=T1w+u52TyGMaHBryKaCM KaZhHKY=; b=iIbkeXrTs4JtnqSqu/17Dn0CeoG+mBlI1ePmxM1Mhgt1Jc/QguaA BUxpL9p3r581V6WvK3LqDvDpbQbkkweItAjy/RZQImpW3JXBKlLIjAlHmVoE4Vnq Xd7QsiY2riW/jrO9bpw8h4oyP4ejjFTafOFwG5lYYFmM7LErpPUKPuY= Received: from mail-wg0-f44.google.com (mail-wg0-f44.google.com [74.125.82.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a65.g.dreamhost.com (Postfix) with ESMTPSA id 5537B7E406F for ; Fri, 23 Aug 2013 16:08:34 -0700 (PDT) Received: by mail-wg0-f44.google.com with SMTP id x12so902582wgg.35 for ; Fri, 23 Aug 2013 16:08:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=uwqFmBxpEJkWIjU7huAt6MGAcOmWPafO0o/lyjo6ORQ=; b=PbRGNI242NXlK6PTcRPZH7i6gTAnStVTE6b26f4zp23WztMikwStQVooB75oaBFnn+ +1KRTSTrq6PZWJxKi81drOW4ZjdmqHWN6OyKVOYVbG4/gCR65xDsBLrUUow9p5Lv+0VJ JAhU9WmLugMXIi0BrUTT1V3GTga6ALSGU0ZnzTh6+E5uOXp0BiNKwQLckqrTq9vtRw2T EqaR5S2UP13pBzQCDjMZActc1LWzkrOarM266JA+ZjcR6SNIPNv7CmxmJv0CFz+AKrBq A19YLFKl8qJH0yqnbW1jaTQ5R1H32VHFZmWSe8CnWvy2QQD5ep0C/l9d225poXaAmv1A k2ng== MIME-Version: 1.0 X-Received: by 10.180.187.41 with SMTP id fp9mr1381094wic.33.1377299312826; Fri, 23 Aug 2013 16:08:32 -0700 (PDT) Received: by 10.216.31.193 with HTTP; Fri, 23 Aug 2013 16:08:32 -0700 (PDT) In-Reply-To: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 18:08:32 -0500 Message-ID: From: Nico Williams To: Bodo Moeller Content-Type: text/plain; charset=UTF-8 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 23:08:40 -0000 On Fri, Aug 23, 2013 at 5:56 PM, Bodo Moeller wrote: >> That's particularly true for TLS for reasons very specific to TLS. In >> general adding more DH groups is not a big deal for any protocol that >> supports DH for key exchange. > > I don't agree that the reasons are specific to TLS. Whereas for MODP DH > adding more groups is not a big deal, in the case of ECC you're essentially > looking at independent implementations for different groups -- if you > support NIST P-256, you'll have to add very different code to also support > Ed25519. [You can create more general code for families of curves, e.g. > NIST P-###, but it will cost you dearly in performance.] So sticking to a > small set of curves makes it more likely that different implementations will > actually be able to interoperate with each other [efficiently] without > falling back to good ol' MODP DH or RSA. The point is that for protocols other than TLS (which don't have "handshake message too large, proxy went catatonic" problems adding DH groups and curves is not difficult. Yes, for ECC DH adding curves requires deploying code, which is not correspondingly true of modular DH, but that's not a real problem. Now, more code is more code and generally that's not a good thing, but sometimes the benefits are compelling, and I believe that in this case they are. > The best strategy to prevent more widespread deployment of elliptic-curve > cryptography is to create standards that cover every curve that's out there > :-) There have to be REQUIRED to implement curves, no doubt, and there must be very few of those (maybe two). Beyond that, and ignoring TLS-specific issues (see above), having 100 possible curves or just 3 makes little difference, at least to me -- it's easy to ignore all the non-REQUIRED ones, after all. >> I agree that the warnings of RSA's and DH's impending deaths are >> overblown, but we should make sure we have ECC equivalents in place. > > Certainly! For various protocols, ECC with NIST curves is already getting > traction. {Curve,Ed}25519 allows for performance improvements significant > enough that, *despite* the general interoperability concerns, it would be a > shame not to support this also; and hopefully this will eventually become a > government-vetted curve too. I can agree with this. I would very much like for NIST to review {Curve,Ed}25519 and -assuming it stands up to cryptanalysts- standardize it. I would only add that the IETF does not have to wait for NIST, and that I'd like to see more analysis of {Curve,Ed}25519. Nico -- From SRS0=Nld5=SE=acm.org=bmoeller@srs.kundenserver.de Fri Aug 23 16:46:15 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62CFC21F995A for ; Fri, 23 Aug 2013 16:46:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.604 X-Spam-Level: X-Spam-Status: No, score=-1.604 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id riqb3DLNpkVx for ; Fri, 23 Aug 2013 16:46:07 -0700 (PDT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.10]) by ietfa.amsl.com (Postfix) with ESMTP id 9E6F521F95DC for ; Fri, 23 Aug 2013 16:46:06 -0700 (PDT) Received: from mail-oa0-f44.google.com (mail-oa0-f44.google.com [209.85.219.44]) by mrelayeu.kundenserver.de (node=mreu3) with ESMTP (Nemesis) id 0Lv4go-1WBpAV1ksU-010PyH; Sat, 24 Aug 2013 01:46:05 +0200 Received: by mail-oa0-f44.google.com with SMTP id l20so1509215oag.31 for ; Fri, 23 Aug 2013 16:46:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=PNXazWVGQHYJEfSGEmsORxBKHJ8wzOU9nDm7dNMKjDM=; b=kchTa/tO4oyVY9Ry1OKuFrpEvBNxkj9PdbetnCWmg5kU/HXYU+NsjnlGYP9GcUwutK EqkzPm2ew7L4QDOgxaSDy/Wcudd4Zgw/7LTbFzFrCvstcvLIcf5U9+gH0KrDyKpsIYIx v81Kii4FvKY4SrhG+/G3Lj5eeLgFjyouhVJ9Zw0VpW6Oi5ymX6WUPrZ0LTKmLGXbNBZt IMSIA14lnxA3UddWz6Z+gSYpLHi3qxAJ54E/gVSqpaiaeMJzyj5RHjwK2Z+VQzPB5CBZ HIOsRI+R4w90eZC8D9/9550wd5rkTePLPAttijbgkxc/0tiLE3pvfi8SFgKXI0rZfsFP f8AQ== MIME-Version: 1.0 X-Received: by 10.60.62.4 with SMTP id u4mr1894736oer.35.1377301564126; Fri, 23 Aug 2013 16:46:04 -0700 (PDT) Received: by 10.60.172.145 with HTTP; Fri, 23 Aug 2013 16:46:04 -0700 (PDT) In-Reply-To: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 16:46:04 -0700 Message-ID: From: Bodo Moeller To: Nico Williams Content-Type: multipart/alternative; boundary=089e012953ba7a7db704e4a602f1 X-Provags-ID: V02:K0:haqt5PzCup5CGOPwjEl7shO+78eeGgFPUcZdGGrCjAr XL7DSFPfHyk5GU2RCGLAh16DHm8P/LapH/cY9JnQZfR0eHOEFt 58+mkQrzt5UXvUjdtXStQbxjJCbIGey3V3Tb8zG4vgtSB0DWgj EQt/zXC5rYoOWbYS0lIjubITdvNYFqZFJLHuMxpt9+Bxs6LRNn LSoDpuMeSSwCbalobkvkKbc4uFKZH0W+HQD+rUBr8MRuq06tT/ 05NyiDNQVlfVaLZl2slvvCgCxW6c/UeX0ORH1cxk6+SOPF/Tv/ B0OEF3GGhop/GElKjkYHynwuYVaXuTPonNvvKl632JVNTaB3iB ukx8Cq7ygcctRED3aLlST8Exj4vWoODF4hpTsUxBR4WDixTysj 6UlICxrrSqpKX7ImcqHst/vUbZadYXVsIHdZBmdQE5OTCW0q44 J3iUr Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 23:46:15 -0000 --089e012953ba7a7db704e4a602f1 Content-Type: text/plain; charset=ISO-8859-1 > > > There have to be REQUIRED to implement curves, no doubt, and there > must be very few of those (maybe two). > Right, if you *require* certain curves and implementations actually obey the requirement, then adding further optional curves is not as much of an issue -- at least in theory, because as long as it remains possible to simply stick to RSA or to MODP DH, implementors might decide to skip the "required" part of ECC support. For what it's worth, I think if you are going to require any single curve, the most suitable candidate right now would be NIST P-256 (taking into account aspects such as *current* deployment with IETF protocols and existing non-IETF standards). It's sort of ancient, but this also means it's been around for analysis for a long while. (As appealing as Ed25519 is, requiring a second curve seems counterproductive. It would be perfect as an optional curve.) Bodo --089e012953ba7a7db704e4a602f1 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

There have to be REQUIRED to implement curve= s, no doubt, and there
must be very few of those (maybe two).

= Right, if you *require* certain curves and implementations actually obey th= e requirement, then adding further optional curves is not as much of an iss= ue -- at least in theory, because as long as it remains possible to simply = stick to RSA or to MODP DH, implementors might decide to skip the "req= uired" part of ECC support.

For what it's worth, I think if you are going to re= quire any single curve, the most suitable candidate right now would be NIST= P-256 (taking into account aspects such as *current* deployment with IETF = protocols and existing non-IETF standards). It's sort of ancient, but t= his also means it's been around for analysis for a long while. =A0(As a= ppealing as Ed25519 is, requiring a second curve seems counterproductive. I= t would be perfect as an optional curve.)

Bodo

--089e012953ba7a7db704e4a602f1-- From nico@cryptonector.com Fri Aug 23 18:20:37 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D68E121F9E33 for ; Fri, 23 Aug 2013 18:20:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.912 X-Spam-Level: X-Spam-Status: No, score=-1.912 tagged_above=-999 required=5 tests=[AWL=0.065, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ivQYMFG1x9LY for ; Fri, 23 Aug 2013 18:20:33 -0700 (PDT) Received: from homiemail-a64.g.dreamhost.com (mailbigip.dreamhost.com [208.97.132.5]) by ietfa.amsl.com (Postfix) with ESMTP id EA68221F9DFC for ; Fri, 23 Aug 2013 18:20:32 -0700 (PDT) Received: from homiemail-a64.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a64.g.dreamhost.com (Postfix) with ESMTP id 6D96443807C for ; Fri, 23 Aug 2013 18:20:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=o2yuoO4IEqoWq7pn6vLA 4NupCfY=; b=qOPXUAc7KryUNUX9JxVzDJt8PwvYOTNfHrI05fHlW0JZSo1pws53 O9hqTzG+pfqkUq5AAePkDagbm/zu0L0AXI7dkVXYzWODqYPnAzdeVioeX1utZKGy HcWQsOrmRnTG0vzsYsQjueRIbMjzXqJ8CMSK5hbZiWJc7HvabBy9bY0= Received: from mail-wi0-f171.google.com (mail-wi0-f171.google.com [209.85.212.171]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a64.g.dreamhost.com (Postfix) with ESMTPSA id 1026C438079 for ; Fri, 23 Aug 2013 18:20:31 -0700 (PDT) Received: by mail-wi0-f171.google.com with SMTP id hr7so2575939wib.16 for ; Fri, 23 Aug 2013 18:20:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=+6qciN3EfSD/VB2YEfnIcnQPMFrOO8FxofhICugW/BQ=; b=i9XhXTRO6NXGEc2E9UH8vLFNkLGGX2WhnhD/AHg4mJfLy+XfEcJOYgAvXhEA0ha/3i LBpJ8RyOi7Kzy3kmX44wV48rz+W9PGFBekW2O0GHRfcUB1cUI2plbUAG3jH/gRo0i2jQ 7JPPoyJupldH/CwcmVcAocLhc4oDL7U2krIaym27C/WPBU2O4WUHGh9UptjESE6I+u9S V5AJ4tFHEiJphCJLQWpqi+vv8ul0AuZYUKbG065vk0p/72nz/dpqcDL9dF3kvaWVeJVe rWvcvIYnftrTn9qvUjdIi7URzh37tcnU6P6eQzhTGzT8KZ1zhoNKtfiJcgkxklS25cAg pXTQ== MIME-Version: 1.0 X-Received: by 10.180.187.41 with SMTP id fp9mr1646470wic.33.1377307230573; Fri, 23 Aug 2013 18:20:30 -0700 (PDT) Received: by 10.216.31.193 with HTTP; Fri, 23 Aug 2013 18:20:30 -0700 (PDT) In-Reply-To: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Date: Fri, 23 Aug 2013 20:20:30 -0500 Message-ID: From: Nico Williams To: Bodo Moeller Content-Type: text/plain; charset=UTF-8 Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2013 01:20:38 -0000 I'm not proposing {Curve, Ed}25519 as a required one. I don't object to -and do recommend- having two required to implement algorithms for certain types of operations, first to exercise algorithm agility, and second because that has saved our bacon on occasion (I'm thinking of the SSHv2 IV chaining issues from years ago). Nico -- From kent@bbn.com Sat Aug 24 05:38:59 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EEFE21F99C2 for ; Sat, 24 Aug 2013 05:38:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.549 X-Spam-Level: X-Spam-Status: No, score=-106.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tBU4m26kxAq6 for ; Sat, 24 Aug 2013 05:38:53 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 3979021F87B7 for ; Sat, 24 Aug 2013 05:38:52 -0700 (PDT) Received: from dommiel.bbn.com ([192.1.122.15]:47800 helo=fritz.unitedclub.com) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1VDD78-0001jh-QP for saag@ietf.org; Sat, 24 Aug 2013 08:38:46 -0400 Message-ID: <5218A959.9000106@bbn.com> Date: Sat, 24 Aug 2013 08:38:49 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: saag@ietf.org References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2013 12:38:59 -0000 Another issue to consider is hardware support. While SW support may not be terribly hard to generalize, HW support may be more curve (family)-specific. Folks operating servers, who make use of hardware acceleration, would be adversely affected if we encourage use of curve families that are not supported. I suggest we try to get input from folks to gauge the availability of HW support for ECDH. Steve From pgut001@cs.auckland.ac.nz Sat Aug 24 18:10:25 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CAE5011E81C6 for ; Sat, 24 Aug 2013 18:10:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E0JgSRxp2r+9 for ; Sat, 24 Aug 2013 18:10:20 -0700 (PDT) Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) by ietfa.amsl.com (Postfix) with ESMTP id 5DD5011E81BF for ; Sat, 24 Aug 2013 18:10:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1377393020; x=1408929020; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=39TmajNlXeVX8Ln/77ZzRwZ8EwfirD0GOZY8h5WRdfQ=; b=QgQC6X6vtgRgUUOSrUmjXCFuVucb7zFb2A2UJSOBwHAfeSoS5tuNdSHH N4lohEi+mmD8QWcaCPzXYZf4pRGa/MF9eP94UKJzaoG1SOY0p+aQ5alIV jM0VUJGNMiWOixsnTUnBOoDCtmprDJJSwo6nMom5OklY2wWsYH2RAgf1c Y=; X-IronPort-AV: E=Sophos;i="4.89,949,1367928000"; d="scan'208";a="207186520" X-Ironport-HAT: MAIL-SERVERS - $RELAYED X-Ironport-Source: 130.216.4.112 - Outgoing - Outgoing Received: from uxchange10-fe1.uoa.auckland.ac.nz ([130.216.4.112]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 25 Aug 2013 13:10:13 +1200 Received: from UXCN10-6.UoA.auckland.ac.nz ([169.254.10.48]) by uxchange10-fe1.UoA.auckland.ac.nz ([130.216.4.112]) with mapi id 14.02.0318.004; Sun, 25 Aug 2013 13:07:36 +1200 From: Peter Gutmann To: "saag@ietf.org" Thread-Topic: [saag] Time now for ECC? Thread-Index: Ac6hL3wC1PJj0+GrTHml/EdKzYc0+Q== Date: Sun, 25 Aug 2013 01:07:35 +0000 Message-ID: <9A043F3CF02CD34C8E74AC1594475C7344728594@uxcn10-6.UoA.auckland.ac.nz> Accept-Language: en-NZ, en-GB, en-US Content-Language: en-NZ X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [130.216.158.4] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Aug 2013 01:10:25 -0000 Stephen Kent writes:=0A= =0A= >Another issue to consider is hardware support. While SW support may not be= =0A= >terribly hard to generalize, HW support may be more curve (family)-specifi= c.=0A= >Folks operating servers, who make use of hardware acceleration, would be= =0A= >adversely affected if we encourage use of curve families that are not=0A= >supported. I suggest we try to get input from folks to gauge the=0A= >availability of HW support for ECDH.=0A= =0A= In PKCS #11, hardware support even for the NIST curves is barely there (the= =0A= number of bugs I've found in the few devices that support ECC would indicat= e=0A= that even fewer apps ever bother using it). So the good news is that the= =0A= delta between functioning support for NIST curves and support for random-= =0A= exotic-curve is very small, i.e. it's not that big a leap. The bad news is= =0A= that functioning support of any kind is only slightly larger.=0A= =0A= Peter.=0A= From kent@bbn.com Sun Aug 25 22:42:23 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2B8B11E8155 for ; Sun, 25 Aug 2013 22:42:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.561 X-Spam-Level: X-Spam-Status: No, score=-106.561 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id csl6GyGcbhhC for ; Sun, 25 Aug 2013 22:42:17 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 2DB9A11E8109 for ; Sun, 25 Aug 2013 22:42:16 -0700 (PDT) Received: from dommiel.bbn.com ([192.1.122.15]:48571 helo=[IPv6:::1]) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1VDpZ9-00040K-JW for saag@ietf.org; Mon, 26 Aug 2013 01:42:15 -0400 Message-ID: <521AEAB9.3040403@bbn.com> Date: Mon, 26 Aug 2013 01:42:17 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: saag@ietf.org References: <9A043F3CF02CD34C8E74AC1594475C7344728594@uxcn10-6.UoA.auckland.ac.nz> In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C7344728594@uxcn10-6.UoA.auckland.ac.nz> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Aug 2013 05:42:23 -0000 Peter, Crypto accelerates for web sites may not require PKCS-11 compatibility, and that's the hardware to which I tried to allude. Users can employ SW, as usual. Steve From magnus.westerlund@ericsson.com Mon Aug 26 02:49:45 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5495221F9223 for ; Mon, 26 Aug 2013 02:49:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -105.613 X-Spam-Level: X-Spam-Status: No, score=-105.613 tagged_above=-999 required=5 tests=[AWL=0.636, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D9-GDRLj2kid for ; Mon, 26 Aug 2013 02:49:39 -0700 (PDT) Received: from mailgw2.ericsson.se (mailgw2.ericsson.se [193.180.251.37]) by ietfa.amsl.com (Postfix) with ESMTP id 6A29E21F9A71 for ; Mon, 26 Aug 2013 02:49:35 -0700 (PDT) X-AuditID: c1b4fb25-b7eff8e000000eda-7e-521b24ac6fa5 Received: from ESESSHC022.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw2.ericsson.se (Symantec Mail Security) with SMTP id 10.20.03802.CA42B125; Mon, 26 Aug 2013 11:49:32 +0200 (CEST) Received: from [127.0.0.1] (153.88.183.146) by smtp.internal.ericsson.com (153.88.183.86) with Microsoft SMTP Server id 14.2.328.9; Mon, 26 Aug 2013 11:49:32 +0200 Message-ID: <521B24F2.2030108@ericsson.com> Date: Mon, 26 Aug 2013 11:50:42 +0200 From: Magnus Westerlund User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: References: <521B211E.4010707@ericsson.com> In-Reply-To: <521B211E.4010707@ericsson.com> X-Enigmail-Version: 1.5.2 X-Forwarded-Message-Id: <521B211E.4010707@ericsson.com> Content-Type: multipart/mixed; boundary="------------000204050104040405050006" X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrHKsWRmVeSWpSXmKPExsUyM+Jvje4aFekggyl39Sym9HcyOTB6LFny kymAMYrLJiU1J7MstUjfLoErY8V1s4Jn1hWfvqxgaWA8ZdrFyMkhIWAisamzixnCFpO4cG89 G4gtJHCYUaLnZnAXIxeQvZxRYuKKmywgCV4BbYnHTYvYQWwWAVWJhU/+gTWwCVhI3PzRCGaL CgRLtG//ygZRLyhxcuYTsF4RAWGJDU/XMoHYwgLuEkuff2OFWKYtcebAJTCbU0BHonXqX3aI gyQlti06BmWbS9zfdxXsUGaBAIkDn5bA9TY0dbBOYBSchWTdLCRlELaexJSrLYwQtrzE9rdz mCHsFInmM0+xiNdJ9PZeYZ8Ftppfov30GaA4KCw2Mkpcb5nOBOHsYpR4s20VVGYKo8SN7U/A MiwCX5glrv++xgbRryjRt2gC2CwWAQWJ2Q0NjBAdqxklnm5ewQxRpCExY+UFoAQH2MK1h5Rn QeOk72wzK4TNK3F6ynGomUsYJQ780IeYc55R4vGpc6wQzj5GiY/TVkJ1mEi8OPeIDSJxFOjy jZ1QVcAo3dRyk3EWNEpvrJvENAsapd3b5oDZsCidBY7SUIlN++aDnSoioCSxY9I2qLMhUQQy VEJgP6fEtbe72BYwmqxiZM9NzMxJLzfaxAhMowe3/FbdwXjnnMghRmkOFiVx3s16ZwKFBNIT S1KzU1MLUovii0pzUosPMTJxcEo1MMa8kxB02pkafNLtxkn7Ex95zhyUelTHq7rZ3k/qBU9S 36GFfw0+dj0LzryVWHhlVcjnd0/OSz/OWpxve0kp8avVmudbzvzYYbyv4L9ORFX2z18SvpN7 ygyijrWFzPgXeuFXavS8L28/LAhostRdkLb0dCnn7H+7Um8fNNGrFv3wOFOzRmfT+jNKLMUZ iYZazEXFiQDqetgPcQMAAA== Subject: [saag] Fwd: [AVTCORE] WG last call on draft-ietf-avtcore-aria-srtp-04 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Aug 2013 09:49:45 -0000 --------------000204050104040405050006 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit Hi, AVTCORE WG has just started a WG last call (runs until the 16th Sep) on SRTP Crypto transforms based on ARIA. This includes registrations for the key-management systems using DTLS-SRTP, Security Descriptions and MIKEY. The WG would highly appreciate any reviews of any aspects of the definition of the SRTP Crypto transforms as well as the key-management registrations. Thanks Magnus Westerlund AVTCORE WG chair --------------000204050104040405050006 Content-Type: message/rfc822; name="[AVTCORE] WG last call on draft-ietf-avtcore-aria-srtp-04.eml" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename*0="[AVTCORE] WG last call on draft-ietf-avtcore-aria-srtp-04.em"; filename*1="l" X-Mozilla-Keys: Received: from sessmg10.ericsson.net (153.88.183.147) by smtp.internal.ericsson.com (153.88.183.76) with Microsoft SMTP Server id 14.2.328.9; Mon, 26 Aug 2013 11:34:36 +0200 Received: from mail.ietf.org (mail.ietf.org [12.22.58.30]) by sessmg10.ericsson.net (Symantec Mail Security) with SMTP id DC.2B.05165.B212B125; Mon, 26 Aug 2013 11:34:35 +0200 (CEST) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A720911E8179; Mon, 26 Aug 2013 02:34:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1377509671; bh=kH6GpNK7VmAKFY3xjt6qoL7fnxZoWks6Yh0wAo2kKe4=; h=Message-ID:Date:From:MIME-Version:To:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Content-Transfer-Encoding:Sender; b=t9A4uQK5pqLMtUlV18CZrampTBynSIoc1WamdT4kc+Wf9h9Cozy6sfDbfKEdVE/XW rZ3/2wD3jQzDjON2f0UQSUhBM87Pu4YVscXMbnIix56M45s12cUzR20q5uvBGhq5YQ BaqHWHAiJ/1hvZYBbcmJyoZJ5roBtFYC0zjqsejo= X-Original-To: avt@ietfa.amsl.com Delivered-To: avt@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C409921F99E8 for ; Mon, 26 Aug 2013 02:33:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -105.569 X-Spam-Level: X-Spam-Status: No, score=-105.569 tagged_above=-999 required=5 tests=[AWL=0.680, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sg5p96d1+rQ5 for ; Mon, 26 Aug 2013 02:33:45 -0700 (PDT) Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id 3FF3A11E8183 for ; Mon, 26 Aug 2013 02:33:17 -0700 (PDT) X-AuditID: c1b4fb3e-b7f808e00000142d-79-521b212a6eca Received: from ESESSHC014.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id DF.6C.16099.7D02B125; Mon, 26 Aug 2013 11:33:12 +0200 (CEST) Received: from [127.0.0.1] (153.88.183.148) by smtp.internal.ericsson.com (153.88.183.62) with Microsoft SMTP Server id 14.2.328.9; Mon, 26 Aug 2013 11:33:11 +0200 Message-ID: <521B211E.4010707@ericsson.com> Date: Mon, 26 Aug 2013 11:34:22 +0200 From: Magnus Westerlund User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 To: IETF AVTCore WG X-Enigmail-Version: 1.5.2 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrBJsWRWlGSWpSXmKPExsXCI2Ylp6utKB1kcGmXkUXT3S3sFhdmHma0 2HSzwGLT8pVMFu+uH2W36F05j9Xixol2JoutvQ2sFhdO/mG2uLT+HpPFzLnxFndW3mK0mPsz 0KL3ehOLxYFbjewW+w98Y7O49/Mrm8X0VluLI6feMTsIe/z6epUtgDGKyyYlNSezLLVI3y6B K+PG1e0sBVc4K5b8+83awDiBo4uRk0NCwETixblHbBC2mMSFe+uBbC4OIYEdjBJ/ls9hgnCm MUq8aDkH5rAIfGGWuP77GlSLokTfognsIDaLgILE7IYGRoiO1YwSe37ugSrSkJix8gJQggPI 5pdYe0gZZl3f2WZWCJtP4uKLH0wQ9hJGiQM/9CHmXGSUuLXvAAuEs49RYsORtcwwh8+YuBVq 21FGiY6/nVDOckaJY0umgc3lFdCWuLFuEhPEfaoS3dvmgNlsAhYSN380gp0nKhAqsWnffGaI ekGJkzOfsIDYIgJKEjsmbYPaJimxbdExdpAFEgKzWCVeTPnKCJIQFnCSuPv0MBtM0e19Lxlh 7K7eJ+CAERAQkJi3ZCfYYh4BO4kb27+yQtiFEtOObmWawKgxC8luEJtZQE/ixtQpbBC2tsSy ha+ZFzAyr2IULU4tLs5NNzTQSy3KTC4uzs/Ty0st2cQITF4Ht/y228F47aHhIUZJDiYlUd6V 8tJBQnxJ+SmVGYnFGfFFpTmpxYcYpTlYlMR5LTTOBAoJpCeWpGanphakFsFkZTg4lCR494F0 ChalpqdWpGXmlCCkmTg4DzFKcPAoifCuAanhLS5IzC3OTIfIn2JUlBLnPQCSEABJZJTmwfXC MsAlRlkpYV5GBgYGIR6gvbmZJajyrxjFORiVhHlngkzhycwrgZv+CmgxE9Dig8slQRaXJCKk pBoY1ymVHM7OiJSPs51ideziGktpV5WL23tczffP/9LsraHif6RkftVC7dhdc74tzllqayUq IOL8edW5Z9+mKV03940y9+pTdUmW+2ek2Ms5Q7+xd+vMpV9WVd2PF2rz5i39d70umylSttlL +4z8kRyVipvp7DoTWQLvlHn4/4zQ3y5X+PNBVpoSS3FGoqEWc1FxIgBWTnhz+wMAAA== X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrEJMWRmVeSWpSXmKPExsUyM+Jvje4NBekgg/a3XBYve1ayOzB6LFny kymAMYrLJiU1J7MstUjfLoErY/GlnIJ9HBWHFrYyNTC2sncxcnJICJhIzJi4lRHCFpO4cG89 WxcjF4eQwGFGiTUPJzNCOMsZJebsfwfWwSugLXFj3SQmEJtFQFWie9scMJtNwELi5o9GNhBb VCBYon37VzaIekGJkzOfsIDYIgJKEjsmbWMGsYWB6jfMbWSC2CwpsW3RMbD5zAJ6ElOutjBC 2PISzVtng9ULAe1taOpgncDIPwvJ2FlIWmYhaVnAyLyKkT03MTMnvdxwEyMwnA5u+a27g/HU OZFDjNIcLErivJv0zgQKCaQnlqRmp6YWpBbFF5XmpBYfYmTi4JRqYHSKTZ/Dckj00zbLYK7C HOUdHG0Fh4P+ekcF5h//HKDZubs/oiNfcIZR/M1U2eQ5DT/D5ku9LUtcdDGxvNZjo4FIhdTE v2+0j1vsuLjZK+Rn9vKGyzN6Fp5+qcz2KNAkPGwOx7ILSacmarrqTjidwPTigV3DbL8nEafC fYuPMRjX1UyaKZe/WYmlOCPRUIu5qDgRANvKMMj1AQAA Subject: [AVTCORE] WG last call on draft-ietf-avtcore-aria-srtp-04 X-BeenThere: avt@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Audio/Video Transport Core Maintenance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: Errors-To: avt-bounces@ietf.org Return-Path: avt-bounces@ietf.org X-MS-Exchange-Organization-AuthSource: ESESSHC019.ericsson.se X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-AVStamp-Mailbox: MSFTFF;1;0;0 0 0 MIME-Version: 1.0 WG, This starts the WG last call on draft-ietf-avtcore-aria-srtp-04 to be published as proposed standard. Please provide any feedback or review comments by September 16. Even if you have just read it and found no issue, please state so. Draft: https://datatracker.ietf.org/doc/draft-ietf-avtcore-aria-srtp In addition any comments about current or planned implementation of this draft are appreciated. As a WG chair I really want some persons that really understand crypto algorithms and/or the key-management mechanisms used to review this and will solicit reviews outside of the WG also. Cheers Magnus Westerlund ---------------------------------------------------------------------- Multimedia Technologies, Ericsson Research EAB/TVM ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 F=E4r=F6gatan 6 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com ---------------------------------------------------------------------- _______________________________________________ Audio/Video Transport Core Maintenance avt@ietf.org https://www.ietf.org/mailman/listinfo/avt --------------000204050104040405050006-- From mcr@sandelman.ca Mon Aug 26 06:46:48 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8A6211E819E for ; Mon, 26 Aug 2013 06:46:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.614 X-Spam-Level: X-Spam-Status: No, score=-1.614 tagged_above=-999 required=5 tests=[AWL=-0.318, BAYES_00=-2.599, DATE_IN_PAST_12_24=0.992, HOST_MISMATCH_NET=0.311] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Jd1KKCS++TB for ; Mon, 26 Aug 2013 06:46:40 -0700 (PDT) Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) by ietfa.amsl.com (Postfix) with ESMTP id 7427211E819B for ; Mon, 26 Aug 2013 06:46:40 -0700 (PDT) Received: from sandelman.ca (unknown [209.87.252.140]) by relay.sandelman.ca (Postfix) with ESMTPS id C720422079; Mon, 26 Aug 2013 09:46:39 -0400 (EDT) Received: from sandelman.ca (quigon.sandelman.ca [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id B184BCA0D9; Sun, 25 Aug 2013 21:31:30 -0400 (EDT) From: Michael Richardson To: Nico Williams In-reply-to: References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> Comments: In-reply-to Nico Williams message dated "Fri, 23 Aug 2013 17:16:12 -0500." X-Mailer: MH-E 8.2; nmh 1.3; GNU Emacs 23.2.1 MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" Date: Sun, 25 Aug 2013 21:31:30 -0400 Message-ID: <6756.1377480690@sandelman.ca> Sender: mcr@sandelman.ca Cc: IETF Security Area Advisory Group Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Aug 2013 13:46:49 -0000 --=-=-= Content-Transfer-Encoding: quoted-printable Nico Williams wrote: > I agree that the warnings of RSA's and DH's impending deaths are > overblown, but we should make sure we have ECC equivalents in place. I wonder if widespread and ubiquitous use of RSA did not occur until after Sept. 2000, when the patent expired, and everyone was "sure" =2D-=20 Michael Richardson =2Dat the cottage- --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJSGq/uAAoJEKD0KQ7Gj3P2ThoH/03h2MLq3Fzd4P2C5Z8T6xhc ZuuV3Kz/+jb4A/pxcQCUo7ENyyP/hvS8W9NatOhSqaeSPEse5rGCy3pOaSZfar97 XP0xM9IyInVo8nk8/J+ADHRrhfDYV5Djj2aONqphLqs39xvHXcaCy+i1NHRETgRY EnjqMVebejfjrVWPxwXnwsxHX7mNEICk2Dp2DbgCzMqy/1mT2uCCoMT6Ww+0LC+W BJzu/45BAQQDYWhpHmekVWw14zpdA4UV6RjeP1EgJ9JcjAYv1tUscIv4JJCJ2z8O 5i88A4Yzun6kPUaUxkqF9wKgFQ4AGjiN+6BOLopTxplnogHqxxmgC4BJ82XcQJU= =mQP/ -----END PGP SIGNATURE----- --=-=-=-- From openpgp@brainhub.org Mon Aug 26 14:56:56 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6411E11E80E4 for ; Mon, 26 Aug 2013 14:56:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.437 X-Spam-Level: X-Spam-Status: No, score=-0.437 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wLTBM08A6icD for ; Mon, 26 Aug 2013 14:56:50 -0700 (PDT) Received: from qmta14.emeryville.ca.mail.comcast.net (qmta14.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:44:76:96:27:212]) by ietfa.amsl.com (Postfix) with ESMTP id 8A07111E80C5 for ; Mon, 26 Aug 2013 14:56:49 -0700 (PDT) Received: from omta01.emeryville.ca.mail.comcast.net ([76.96.30.11]) by qmta14.emeryville.ca.mail.comcast.net with comcast id HZ4Y1m0040EPchoAEZwpJ2; Mon, 26 Aug 2013 21:56:49 +0000 Received: from [127.0.0.1] ([69.181.162.123]) by omta01.emeryville.ca.mail.comcast.net with comcast id HZwn1m00k2g33ZR8MZwoYn; Mon, 26 Aug 2013 21:56:49 +0000 Message-ID: <521BCE38.9050306@brainhub.org> Date: Mon, 26 Aug 2013 14:52:56 -0700 From: Andrey Jivsov User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 MIME-Version: 1.0 To: saag@ietf.org References: <5217590A.5090707@htt-consult.com> <5217C59C.2030002@htt-consult.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1377554209; bh=oTT2unRIHaauOfvlvpJIxiBQR1ML+X5lco8/P90lK/U=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=j233bW4n7iwy2I6YyyMB7Zspp6adt8PzQSDinSpmVHWyaFIYzzaInN67GeQKS5j1R 6VxGBT72lG0s8Ma3RlB9nE1Ml0HY9+hW8nQNWgguUQMPwPyLcS2VIUN90lAolTFaSr 19EAkacvkCZWG+ru+6yT+XOGaUCa6GIpSSpVVC/0AtCsRV4ew0gO6dPU9Y9H0rltoP 3GZii0Ug5+I7KglYrxOFPDLyzTeMqDDuZQ/sP37tYgsxhOZ2EDlSAfe1egNe9tq1JD IFG6hLG5B71FYeMNAtHlX96C9ghTXmh7JOjWEgTnW9cUpd1jocbaiQ7qu0+fjHCsRt nSqBxF75MC4lQ== Subject: Re: [saag] Time now for ECC? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Aug 2013 21:56:56 -0000 On 08/23/2013 04:46 PM, Bodo Moeller wrote: > > There have to be REQUIRED to implement curves, no doubt, and there > must be very few of those (maybe two). > > > Right, if you *require* certain curves and implementations actually obey > the requirement, then adding further optional curves is not as much of > an issue -- at least in theory, because as long as it remains possible > to simply stick to RSA or to MODP DH, implementors might decide to skip > the "required" part of ECC support. > > For what it's worth, I think if you are going to require any single > curve, the most suitable candidate right now would be NIST P-256 (taking > into account aspects such as *current* deployment with IETF protocols > and existing non-IETF standards). It's sort of ancient, but this also > means it's been around for analysis for a long while. (As appealing as > Ed25519 is, requiring a second curve seems counterproductive. It would > be perfect as an optional curve.) I will second the benefit of the limited choice for the benefit of adoption of ECC. P-256 seems to be the best choice to bootstrap the ecosystem into the ECC world. The availability of too many "best" choices could be a negative thing, sending a confusing message for what to implement and focus on first. One issue that was not mentioned here is the needs of off-line protocols, where, unlike as in TLS, you don't know anything about the recipients. Typically, these are signing protocols where the potential recipients are the whole World. For example, consider SMIME application. Typically the security is bootstrapped by signing a message, after which the recipient will learn some facts about sender's capabilities through SMIMECapabilities. But this doesn't answer the question of what to do in the first signed message (sent to a large group). Or, which ECDSA a CA should use to sign X.509 certificates? Which OpenPGP personal key should I generate? Unlike the choice between RSA 2048 and 2096, ECC P-256 and P-384 are quite different and are probably viewed as separate algorithms by most implementations (knowing that a peer supports P-256 doesn't give you certainty that P-384 is supported). If Edwards curves are added, this is yet another set of essentially different algorithms. They are fine as optional choices, but given the SuiteB, the clear lowest common denominator is P-256. From turners@ieca.com Wed Aug 28 06:56:29 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8572711E81B6 for ; Wed, 28 Aug 2013 06:56:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -100.481 X-Spam-Level: X-Spam-Status: No, score=-100.481 tagged_above=-999 required=5 tests=[AWL=-0.816, BAYES_50=0.001, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 23+pX2XdMsON for ; Wed, 28 Aug 2013 06:56:22 -0700 (PDT) Received: from gateway13.websitewelcome.com (gateway13.websitewelcome.com [67.18.88.6]) by ietfa.amsl.com (Postfix) with ESMTP id 4246711E81A4 for ; Wed, 28 Aug 2013 06:56:22 -0700 (PDT) Received: by gateway13.websitewelcome.com (Postfix, from userid 5007) id 7345C1ACD49E7; Wed, 28 Aug 2013 08:56:03 -0500 (CDT) Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway13.websitewelcome.com (Postfix) with ESMTP id 4B8521ACD4992 for ; Wed, 28 Aug 2013 08:56:03 -0500 (CDT) Received: from [96.231.225.44] (port=54121 helo=thunderfish.local) by gator3286.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1VEgEO-0006KL-NX; Wed, 28 Aug 2013 08:56:20 -0500 Message-ID: <521E0183.20905@ieca.com> Date: Wed, 28 Aug 2013 09:56:19 -0400 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: saag@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator3286.hostgator.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ieca.com X-BWhitelist: no X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (thunderfish.local) [96.231.225.44]:54121 X-Source-Auth: sean.turner@ieca.com X-Email-Count: 13 X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20= Subject: [saag] efforts to take mptcp to standard track X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Aug 2013 13:56:29 -0000 Hi, The mptcp wg is planning to move mptcp (multipath tcp) from experimental to stadanrds track. If you're interest in this topic area let Stephen or I know. spt From turners@ieca.com Wed Aug 28 09:53:01 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C350611E8280 for ; Wed, 28 Aug 2013 09:53:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -100.52 X-Spam-Level: X-Spam-Status: No, score=-100.52 tagged_above=-999 required=5 tests=[AWL=-0.669, BAYES_40=-0.185, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NvMQjvQBCDzF for ; Wed, 28 Aug 2013 09:52:55 -0700 (PDT) Received: from gateway15.websitewelcome.com (gateway15.websitewelcome.com [69.93.243.14]) by ietfa.amsl.com (Postfix) with ESMTP id 9B55311E8278 for ; Wed, 28 Aug 2013 09:52:55 -0700 (PDT) Received: by gateway15.websitewelcome.com (Postfix, from userid 5007) id 6F1CF4B5DF9B1; Wed, 28 Aug 2013 11:52:54 -0500 (CDT) Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway15.websitewelcome.com (Postfix) with ESMTP id C78C04B5DD5D4 for ; Wed, 28 Aug 2013 11:52:45 -0500 (CDT) Received: from [96.231.225.44] (port=54660 helo=thunderfish.local) by gator3286.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1VEiz7-0005F3-BS for saag@ietf.org; Wed, 28 Aug 2013 11:52:45 -0500 Message-ID: <521E2ADC.8010003@ieca.com> Date: Wed, 28 Aug 2013 12:52:44 -0400 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: saag@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator3286.hostgator.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ieca.com X-BWhitelist: no X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (thunderfish.local) [96.231.225.44]:54660 X-Source-Auth: sean.turner@ieca.com X-Email-Count: 9 X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20= Subject: [saag] saag meeting minutes X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Aug 2013 16:53:01 -0000 I know somebody volunteered to take minutes at the session. If you did could you send them ;) Thanks, spt From magnus.westerlund@ericsson.com Wed Aug 28 23:03:07 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A50A21F9FB9 for ; Wed, 28 Aug 2013 23:03:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -105.686 X-Spam-Level: X-Spam-Status: No, score=-105.686 tagged_above=-999 required=5 tests=[AWL=0.563, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ifjrlefhrkjR for ; Wed, 28 Aug 2013 23:03:02 -0700 (PDT) Received: from mailgw2.ericsson.se (mailgw2.ericsson.se [193.180.251.37]) by ietfa.amsl.com (Postfix) with ESMTP id 3AB3D21F9FBC for ; Wed, 28 Aug 2013 23:03:02 -0700 (PDT) X-AuditID: c1b4fb25-b7eff8e000000eda-73-521ee4143fe5 Received: from ESESSHC013.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw2.ericsson.se (Symantec Mail Security) with SMTP id A8.F3.03802.414EE125; Thu, 29 Aug 2013 08:03:01 +0200 (CEST) Received: from [127.0.0.1] (153.88.183.18) by smtp.internal.ericsson.com (153.88.183.59) with Microsoft SMTP Server id 14.2.328.9; Thu, 29 Aug 2013 08:03:00 +0200 Message-ID: <521EE42C.2060808@ericsson.com> Date: Thu, 29 Aug 2013 08:03:24 +0200 From: Magnus Westerlund User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrMJMWRmVeSWpSXmKPExsUyM+Jvja7oE7kgg7az7BZT+juZHBg9liz5 yRTAGMVlk5Kak1mWWqRvl8CV0f7jIVtBM0vFvdW72BoYVzN3MXJySAiYSBw/dQfKFpO4cG89 WxcjF4eQwGFGiZapbSwQzjJGiU8/VzKCVPEKaEvM7frLBmKzCKhKzLi3nQXEZhOwkLj5oxEs LioQLNG+/SsbRL2gxMmZT8BqRASEJTY8XcsEYgsLuEu0n2tng9gsKbFt0TF2EJtZQE9iytUW RghbXmL72zlg1wkB7W1o6mCdwMg/C8nYWUhaZiFpWcDIvIqRPTcxMye93GgTIzCgDm75rbqD 8c45kUOM0hwsSuK8m/XOBAoJpCeWpGanphakFsUXleakFh9iZOLglGpgbMjxWCacYOE1+3x1 r4671aHt3mb9hrKbG43KNKz99IyPJDbe2G+0x8tdxpxPX2J114JD6xYI8px87Z1daCKzUXxF xuZXjOnrz0Q+jvTxOpLNdkd52/zPf8VtH/zUkGL2MHmnv1B5j88zr8tJGfPzM44Jp2ZOL563 Xypk47sfUxpMNob0TC5QYinOSDTUYi4qTgQAxf4PGvYBAAA= Subject: [saag] New non-WG list to discuss NAT/FW traversal using HTTP connect X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Aug 2013 06:03:07 -0000 Hi, In RTCWEB WG we have an proposal that WebRTC end-points may use the NAT/FW traversal relay protocol TURN/TCP and TURN/TLS over HTTP Connect to establish its peer to peer media transport flows. This appear to have some security implications. Interested persons can subscribe to this new mailing list. List address: pntaw@ietf.org Archive: http://www.ietf.org/mail-archive/web/pntaw/ To subscribe: https://www.ietf.org/mailman/listinfo/pntaw Best Regards Magnus Westerlund RTCWEB WG chair