Re: [Cfrg] Closing out tls1.3 "Limits on key usage" PRs (#765/#769)
Martin Thomson <martin.thomson@gmail.com> Fri, 10 February 2017 05:45 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C167F129FD6 for <cfrg@ietfa.amsl.com>; Thu, 9 Feb 2017 21:45:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dmCrWS4ZXoy6 for <cfrg@ietfa.amsl.com>; Thu, 9 Feb 2017 21:44:59 -0800 (PST)
Received: from mail-qk0-x22a.google.com (mail-qk0-x22a.google.com [IPv6:2607:f8b0:400d:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B014B129FD2 for <cfrg@irtf.org>; Thu, 9 Feb 2017 21:44:59 -0800 (PST)
Received: by mail-qk0-x22a.google.com with SMTP id s186so28828569qkb.1 for <cfrg@irtf.org>; Thu, 09 Feb 2017 21:44:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pEtd0fEv8U6PQOY3b8h8LYIS+jtgiM/ZK3qdRssSQA8=; b=DW9veGmHWC8l6IejdO54hCUeH9G38cZW7v1+zMQm7avCsPea5+6KGcH9ghraHy+Kky eFVKQL0hc4MwOyJ95D77ofu6N773JDLpzdM4ZHM1mDZk4MT2on48nwTpM2hd/qv/Gbyc ksRvFhVeP6/h5CXZsLETM/Im5W8SRMpPEXKFGpdqUV5LRDkIlj+64tFOHKXfdBRxMAdl zsfs9FgCYcR6uEQ2HXqhrZQR6ptGf5HmBOXewG1IESNLMVJl6IrQIqwiXSAI29TVQF6m FuUVVaixpqhpfkwQ888tPnZIo9RR/vbHCv+TP52q/GoPj6uwEi0MQkVtwck1dE5XEfJD pwkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pEtd0fEv8U6PQOY3b8h8LYIS+jtgiM/ZK3qdRssSQA8=; b=tbqHT70dMSyXKNQ5HMx37bSVQrl7gUK6nADuKP6+NGb2yhIbTn/BGuhfSqXKxF182A rNu2Lyn4WEtJ/t/BRmK1qa9oqiXM7/a50I8pkGiQ0ep7IRbKMF7/s8ZVd6nEEntgssGh B/0HfA8Rq8KKrPxcA7bFvPWFAkKhMtTW4pcyV++dTrGPqfRpseadjyJjBzEW1Hx4IX47 a0v7jFUeTo3svBU9xoH3phoxzF9/qOkPAnZ9Y+QZhKfGt1ko4TAWKmDZpXm3vOFV3mA+ DYKVRYJZzFLOfc3HgcirxB5WRf7j9+3zgbo0fQRLABpVgQ3khPlXijCxhpa+l9qcnu3J MhgA==
X-Gm-Message-State: AMke39lvDV2M62rjta1KOKQUwlq10uZ8TiUYg4sJaM7/GklNrtq72rfjkEAFtHF2Z0npSCSB9fPNxBlziuSaeg==
X-Received: by 10.55.151.7 with SMTP id z7mr7060987qkd.316.1486705498946; Thu, 09 Feb 2017 21:44:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.112 with HTTP; Thu, 9 Feb 2017 21:44:58 -0800 (PST)
In-Reply-To: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com>
References: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 10 Feb 2017 16:44:58 +1100
Message-ID: <CABkgnnVrFGHe0eKREXbG_pv=y18ouopZsE2c5+Czz0HAGko6rg@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/KXVvh2KMZePtJlyiVmibmvlJmkU>
Cc: IRTF CFRG <cfrg@irtf.org>, "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [Cfrg] Closing out tls1.3 "Limits on key usage" PRs (#765/#769)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2017 05:45:01 -0000
On 10 February 2017 at 16:07, Sean Turner <sean@sn3rd.com> wrote: > a) Close these two PRs and go with the existing text [0] > b) Adopt PR#765 [1] > c) Adopt PR#769 [2] a) I'm happy enough with the current text (I've implemented that any it's relatively easy). I could live with c, but I'm opposed to b. It just doesn't make sense. It's not obviously wrong any more, but the way it is written it is very confusing and easily open to misinterpretation.
- [Cfrg] Closing out tls1.3 "Limits on key usage" P… Sean Turner
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Stanislav V. Smyshlyaev
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Martin Thomson
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Paterson, Kenny
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Ilari Liusvaara
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Rene Struik
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Rene Struik
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Andrey Jivsov
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Andrey Jivsov
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Martin Thomson
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Andrey Jivsov
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Markulf Kohlweiss
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Aaron Zauner
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Tony Arcieri
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Atul Luykx
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Atul Luykx
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Aaron Zauner
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Aaron Zauner
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Aaron Zauner
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Aaron Zauner
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Watson Ladd
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Brian Smith
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Andrey Jivsov
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Hal Murray
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Andrey Jivsov
- Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Sean Turner
- Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Russ Housley