[Ach] news from the IETF

Aaron Zauner azet at azet.org
Fri Mar 7 11:29:24 CET 2014


aaron wrote:
> Hi,
> Here is a short summary from the IETF and the STRINT workshop. (More
> infos coming later as soon as my laptop works again). 
> I and Azet attended the STRINT workshop last FR and Saturday.
> https://www.w3.org/2014/strint/ The website lists a lot of interesting
> background reading and position papers.  Worth reading.
> Generally, there is a strong trend at the IETF to go towards the
> direction of opportunistic encryption by default.
I did remotely participate in the TLS WG. Couple of interesting new
things to come in TLS 1.3, nothing final, but everyone seems to agree
that's the way to go (aka the thing that browsers will support by 2020):

	* encrypt-then-mac for MACs in cipherstrings (which will be useless
anyways if we only have AEADs left - see below)
	* compression will be removed as long as there's no safe compression
algo. to use in TLS or HTTP (CRIME, BREACH)
	* all remaining stream ciphers will be removed (only rc4 left)
	* bernstein curves will be supported
	* non-AEAD ciphers will be removed, which leaves us with:
		AES-GCM and ChaCha20
	* there's an abundance of new TLS extensions proposed that enhance
security and performance of the TLS stack (please see TLS WG website)
	* TACK (tack.io) is a beautiful protocol that might finally put an end
to the whole X.509 and CA bullshit.

..and there was a lot more actually, but right now that's the most
important points I can remember right away.

> Right now I am sitting in the UTA WG meeting
> (https://datatracker.ietf.org/doc/charter-ietf-uta/) which overlaps a
> lot with the bettercrypto.org project.  In fact at the UTA WG there is
> the wish to explicit list the reasoning behind certain cipherstring
> choices that we made and document them as IETF I-D.  Hannes Tschofernig
> agreed to help us in documenting this.

Just to state that publicly: Agreed. I think we should invest our time
in this. Although IETF processes should not alter the path that our
paper has taken so far. It's good that we're not that slow an can react
fast to comments/critique and new research. I think that is a very
important part of this project.

> My feeling is that we should do that since it 
> a) gives the project more visibility and 
> b) helps us as well in clarifying some choices by explicitly writing
> them down and
> c) this way our ideas/thoughts and background research might end up as
> input for new, strengthed default settings in many software products.
> And of course it is also nice to have an RFC I-D :)
> Concerning the next meeting:
> Monday, 10th of March 18:30 at Karlsplatz again.
> Who would be available to come?
> See you on Monday.


azet (no capital A :P)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140307/d6ab3468/attachment.sig>

More information about the Ach mailing list