1. Summary
This draft specifies seven (7) chacha20-poly1305 ciphers
that can be used with TLS and DTLS. This is the “how to
do chacha20-poly1305 with TLS” draft, where
chacha20-poly1305 is defined in RFC 7539. These cipher
suites are intended to be a back up to the AES-based suites
in case of compromise.
As far as where you should point your fingers:
- Sean Turner is the document shepherd, and;
- Stephen Farrell is the responsible Area Director.
2. Review and Consensus
There’s probably on the order of 100 messages about this
draft, and that shouldn’t come as a surprise because this
draft is really just specifying IANA code points. The real
fireworks were on the CFRG list, and we thank them for
taking that bullet(s). The cipher suites proposed in the
individual draft were modified based on WG input. There
were two WGLCs for this draft; the first didn’t generate the
expected amount of review so a second WGLC was issued
that did. There was a debate as to whether the PRF digest
should be changed to SHA-512 from SHA-256, but there
was no consensus to make this change.
3. Intellectual Property
All disclosed as confirmed by the authors on 20160310.
4. Other Points:
IANA has already assigned the cipher suites and we thank them.
These algorithms are expected to be very widely implemented
due their high performance in software implementations.
It’s currently in the deployed branches of BoringSSL GnuTLS,
OpenSSL, and others.
RFC Editor Note
RFC Editor Note
1) Please add the following to the end of the abstract: "This
document updates RFCs 5246 and 6347."
2) Please add a normative reference for SHA256 at the end
of section 3, thusly...
OLD:
The pseudorandom function (PRF) for all the cipher suites defined in
this document is the TLS PRF with SHA-256 as the hash function.
NEW:
The pseudorandom function (PRF) for all the cipher suites defined in
this document is the TLS PRF with SHA-256 [FIPS 180-4] as the hash function.
The reference to add to section 6.1 is:
[FIPS 180-4] Federal Information Processing Standards Publication
(FIPS PUB) 180-4, Secure Hash Standard (SHS), August 2015.