Implementing NTS options

Hal Murray hmurray at megapathdsl.net
Sat Feb 2 12:54:18 UTC 2019 

Eric said:
> So tell me: can we conform by *discovering* the cipher set at startup time
> and shipping that list to NTS-KE?  Because if the RFCs don't for some insane
> reason *forbid* that behavior, it's clearly the right thing. 

I don't know how to do that with a clean/simple API.  I'm far from a wizard, 
but I have poked around a bit in that area and would have added it to 
digest-find if I had noticed anything like that.

We might be able to brute force scan a few thousand slots.

I think there are command line tools or man pages that list them all.  We 
could look at the source for the command line tool - or ask on their mailing 
list.

My straw man would be to pick a small handful of good ones and check that they 
are supported.  That gets us off the ground.  The list needs to be reviewed 
occasionally or we need to fix that code sometime.

$ openssl ciphers
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_
AES_128_CCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:EC
DHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-CCM:
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-CC
M:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDH
E-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:
AES256-CCM:AES128-GCM-SHA256:AES128-CCM:AES256-SHA256:AES128-SHA256:AES256-SHA:
AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-C
CM:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-CCM:DHE-RSA-AES256-SHA256:DHE-RSA-A
ES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:PSK-AES256-GCM-SHA384:PSK-CH
ACHA20-POLY1305:PSK-AES256-CCM:PSK-AES128-GCM-SHA256:PSK-AES128-CCM:PSK-AES256-
CBC-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA:DHE-PSK-AES256-GCM-SHA384:DHE-
PSK-CHACHA20-POLY1305:DHE-PSK-AES256-CCM:DHE-PSK-AES128-GCM-SHA256:DHE-PSK-AES1
28-CCM:DHE-PSK-AES256-CBC-SHA:DHE-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA:
ECDHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA25
6:ECDHE-PSK-AES128-CBC-SHA
$


-- 
These are my opinions.  I hate spam.

More information about the devel mailing list