Hi Kohei,
Personally I support the idea of alternative (or "standby") ciphers, see
http://tools.ietf.org/html/draft-mcgrew-standby-cipher-00. However there
was very little interest in this idea when we brought it up at CFRG.
IMHO for inclusion in the BCP there should be wide consensus about both
the need for standby ciphers (and there is none, as far as I can tell)
as well as the individual algorithms.
Thanks,
Yaron
On 08/11/2014 11:27 AM, Kohei Kasamatsu wrote:
Exactly.
Thank you very much for your comments.
I also think that we need to deal with problem you pointed out.
Not all want crypto agility because it involves costs.
However, the reverse is also true as you agreed.
I think that we can solve the concern and recommend cipher suites for
crypto agility by specifying rational and minimal set of cipher suites
with alternative algorithms as "optional"
It prevents developers who need crypto agility from preparing insecure
algorithms.
What do you think about it?
Because you cannot force developers to implement algorithms that they
do not want to. You cannot force developers to implement algorithms
they have barely heard of, such as those that are have good support
in basically only one nation or basically only in system environment >
(hardware or software).
I proposed candidates for alternative algorithms which require criteria
including wide implementations and public documents in standardizing
organizations and estimations by trusted organizations.
So I believe that it is not fact that developers do not want to
implement these candidates and have barely heard of them.
What do you think about it?
(2014/08/05 23:17), Paul Hoffman wrote:
On Aug 5, 2014, at 3:19 AM, Kohei Kasamatsu <[email protected]>
wrote:
You mean that if protocols have multiple mandatory-to-implement (MTI)
algorithms some of these MTI algorithms are not implemented and it
causes interoperability failures?
Exactly.
Clearly, TLS needs to have crypto agility in case of crypto failures,
but the current BCP does not prevent that.
Why cannot "current" BCP prevent that?
Because you cannot force developers to implement algorithms that they do not
want to. You cannot force developers to implement algorithms they have barely
heard of, such as those that are have good support in basically only one nation
or basically only in system environment (hardware or software).
--Paul Hoffman
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
