[TLS] Fwd: [Uta] RFC 7525bis (TLS BCP) and ChaCha-Poly

Thu, 24 Jun 2021 08:46:10 -0700 

FYI for those not on the UTA WG list. Please discuss there.

/psa

-------- Forwarded Message --------
Subject:        [Uta] RFC 7525bis (TLS BCP) and ChaCha-Poly
Date:   Thu, 24 Jun 2021 12:34:59 +0300
From:   Yaron Sheffer <yaronf.i...@gmail.com>
To:     u...@ietf.org <u...@ietf.org>



Hi,

 

Here’s to remind the working group that we are moving along with the bis
document. We recently added an author, Thomas Fossati. Our activity is
on GitHub [1] and we welcome your inputs. We have been steadily closing
issues and plan to have a “feature complete” version -01 before IETF-111.

 

And now a question to the list: the authors have been debating whether
we should add TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 as a fifth
recommended cipher suite for TLS 1.2. Reminder: a similar cipher suite
is already recommended for TLS 1.3 implementation in RFC 8446.

 

Pro:

  * The cipher suite is widely implemented in libraries.
  * There is already non-negligible usage of ChaCha-Poly (it is not
    clear from the data what percentage is on TLS 1.2).
  * Cipher diversity is clearly a good thing, and currently we only
    recommend AES-GCM cipher suites.

 

Con:

  * Usage is quite low, at most 10% or so, and there are indications
    that people are moving back to AES-GCM on mobile, given new CPU
    support on ARM.
  * No need for cipher diversity in TLS 1.2, if people want ChaCha they
    can move to 1.3.
  * More generally, we should try to minimize changes to the TLS 1.2
    ecosystem. Our recommendations for TLS 1.2 are less likely to be
    adopted, and in general we would rather move people to 1.3.

 

We would appreciate the list weighing in.

 

Thanks,

                Yaron, Peter and Thomas

 

[1] https://github.com/yaronf/I-D/tree/main/BCP195bis
<https://github.com/yaronf/I-D/tree/main/BCP195bis> and
https://github.com/yaronf/I-D/issues?q=is%3Aissue+is%3Aopen+label%3ABCP195
<https://github.com/yaronf/I-D/issues?q=is%3Aissue+is%3Aopen+label%3ABCP195>

 


_______________________________________________
Uta mailing list
u...@ietf.org
https://www.ietf.org/mailman/listinfo/uta


_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to