On Wed, Jul 18, 2018 at 01:17:44AM +, Patton,Christopher J wrote:
> Hi all,
>
>
> I've added a few pull requests to the draft "Delegated credentials for TLS"
> that address the proposals discussed at IETF.
>
> Specifically:
>
> * https://github.com/tlswg/tls-subcerts/pull/8 -- Creates
Below I shall try to address a few of the concerns raised in writing.
You can read just the high-level notes above my signature, diving
into the corresponding detailed exposition below my signature as
you see fit. Apologies for lack of hypertext links.
0. The draft as approved by the IESG, des
Hi all,
I've added a few pull requests to the draft "Delegated credentials for TLS"
that address the proposals discussed at IETF.
Specifically:
* https://github.com/tlswg/tls-subcerts/pull/8 -- Creates a tighter binding
of the DC to the handshake parameters;
* https://github.com/tlswg
But the draft states
Values within "obsolete_RESERVED" ranges are used in previous
versions of TLS and MUST NOT be offered or negotiated by TLS 1..3
TLS 1.3 does not define use of the Brainpool curves. Any implementation that
wants to use them in TLS 1.3 is already out-of-scope of the stan
> We've
> generally decided to limit the number of algorithms we recommend (the
> Recommended) column in the registry. I have trouble seeing any situation in
> which we would have these curves as Recommended. And so "at hand" really
> means (1) code points assigned and (2) some small number of peop
On Tue, Jul 17, 2018 at 9:45 AM, Johannes Merkle <
johannes.mer...@secunet.com> wrote:
> Eric Rescorla schrieb am 17.07.2018 um 17:47:
> > We've
> > generally decided to limit the number of algorithms we recommend (the
> > Recommended) column in the registry. I have trouble seeing any situation
>
Eric Rescorla schrieb am 17.07.2018 um 17:47:
> We've
> generally decided to limit the number of algorithms we recommend (the
> Recommended) column in the registry. I have trouble seeing any situation in
> which we would have these curves as Recommended. And so "at hand" really
> means (1) code poi
> We've been through this before, e.g.:
>
> https://www.ietf.org/mail-archive/web/tls/current/msg10271.html
> https://bada55.cr.yp.to/brainpool.html
>
> ...the latter of which quotes you as saying the repeated digits in the "A"
> and "B" values used in Brainpool seed generation process were "un
On Tue, Jul 17, 2018 at 8:04 AM, Johannes Merkle <
johannes.mer...@secunet.com> wrote:
> Hi,
>
> > There's a very strong reason against this: It creates complexity. More
> > opportunities for attacks, more fragmentation of the ecosystem. I
> > believe I speak for a lot of people here when I say th
On Tue, Jul 17, 2018 at 8:04 AM Johannes Merkle
wrote:
> Crypto agility definitely has its value. There are not so many curves
> supported by TLS 1.3, and all of them use primes
> of a very special form. Of course, this is exactly what makes these curves
> faster than the Brainpool curves, but fr
Hi,
> There's a very strong reason against this: It creates complexity. More
> opportunities for attacks, more fragmentation of the ecosystem. I
> believe I speak for a lot of people here when I say that fewer
> algorithms is better and having more algs "just because" is not a good
> reason. With
Well, I note that the text also says "or have had very little usage,"
-Ekr
On Tue, Jul 17, 2018 at 7:57 AM, Dan Brown wrote:
> It's mainly due to CFRG's advice, isn't it?
> Calling other curves potentially unsafe or inappropriate for general use
> is a bit harsh and outside the scope of TLS, i
It's mainly due to CFRG's advice, isn't it?
Calling other curves potentially unsafe or inappropriate for general use is a
bit harsh and outside the scope of TLS, isn't it?
As to using a narrow or wide set of curves, there are reputable proposals for
the latter:
ia.cr/2015/647 and ia.cr/2015/366
Hi,
I think there's been a mentality change in the TLS community that
explains this.
Back when Brainpool curves were standardized there was a "more is
better" mentality when it came to algorithms. I.e. if an algorithm is
not broken it's good to have it in TLS. Particularly all kinds of
nationalize
On Tue, Jul 17, 2018 at 12:39:31PM +, Bruckert, Leonie wrote:
> Dear WG members,
>
> I am quite astonished that the brainpool curves are eventually
> prohibited in TLS 1.3. Based on an earlier comment
> (https://www.ietf.org/mail-archive/web/tls/current/msg17204.html),
> I would have thought t
Dear WG members,
I am quite astonished that the brainpool curves are eventually prohibited in
TLS 1.3. Based on an earlier comment
(https://www.ietf.org/mail-archive/web/tls/current/msg17204.html), I would have
thought that the brainpool curves will be allowed in any future version,
especial
16 matches
Mail list logo
