(Apologies for this duplicate mail... I am still trying to figure out this mailing list usage) Thank you for your response. I am not a cryptography expert either - so perhaps crypto experts even from Microsoft may have a different take on this. >The RFC does specifically say that "Server implementations... MUST support >AEAD_AES_SIV_CMAC_256." (RFC 8915, section 4.1. This is a requirement for standards compliant implementation no doubt, but limiting an implementation to only this algorithm type seems to limit the flexibility made available in NTS-KE AEAD algorithm negotiation (also in Section 4.1.5 of RFC 8915). I can give one more compelling reason for this proposal besides finding matching algorithms between OpenSSL and SymCrypt libraries. Based on my (admittedly limited) reading, NTS-NTP appears to be the primary RFC taking a dependency on AES_SIV_CMAC algorithms. The additional algorithms suggested for inclusion see widespread use and have common name recognition among administrators and users, in addition to being common to both OpenSSL and SymCrypt libraries. Adding support for these algorithms will give users a choice of readily recognizable crypto algorithms and in my opinion, help lower the barriers for adoption of NTS-NTP protocol. RFC8915 is an important protocol and standards-compliant implementations further interoperability. Having said that, I am unable to comment on future releases from Microsoft at this time. -Sarath
_______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
