On Sun, Aug 23, 2015 at 2:33 PM, David Mazieres <dm-list-tcpcr...@scs.stanford.edu> wrote: > Watson Ladd <watsonbl...@gmail.com> writes: > >>> Such a linear ordering would be very hard to achieve, given that >>> different parts of the world trust/mistrust different crypto algorithms. >>> Even among cipher suites discussed so far, how would we order >>> P-256/AES-128 vs. Curve25519/Chacha/Poly1305. The former set is better >>> is the sense that it is more established. The latter is better in the >>> sense that it is newer, potentially more efficient, and (for the >>> paranoid) less tainted by government involvement. I think realistically >>> the preference has to be left to the individual host configuration >>> rather than the IETF. >> >> Let's consider what this actually means. Hosts that implement 1 of two >> options because they don't trust the other one to provide adequate >> security will not talk to the ones that make the wrong choice. Hosts >> that implement both would be fine picking just one, in fact prefer it >> as it reduces the amount of work they have to do. >> >> But by having ranking preferences, we're in fact saying "you would be >> fine with picking one for improved interop, but we're going to force >> you to make a choice that complicates your implementation, because we >> assume you are an expert in cryptanalysis research and we are not". >> Picking one suite that's widely acceptable is far better than >> providing a smorgasbord. > > Well, hypothetically, say the US prefers spec X and the EU prefers spec > Y. The goal is that two hosts in the US would always choose spec X and > two hosts in the EU would always chose spec Y. But when a host in the > US communicates with a host in the EU, we don't really care as > much--they could choose X or Y, so we might as well base it on the > preferences of the passive opener. However, hard-coding the spec > rankings risks delaying standardization to argue over which specs should > take priority.
Suppose everyone behaves the way you suggest. How unhappy are they with using X or Y? Clearly not very much: they were willing to use it if the other side didn't want their preference. The result of wanting to support every possible combination of preferences and admin interface is having dead options linger forever as the sysadmins keep copypasta in config files alive forever. I'd rather order my crypto from McSorley's. > David -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
