[dispatch] dispatching draft-farrell-tls-wkesni
Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 04 April 2022 23:06 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 047E93A1BBB for <dispatch@ietfa.amsl.com>; Mon, 4 Apr 2022 16:06:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.01
X-Spam-Level:
X-Spam-Status: No, score=-7.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sq1CffLAHNuM for <dispatch@ietfa.amsl.com>; Mon, 4 Apr 2022 16:06:36 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20717.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::717]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C275F3A1BCA for <dispatch@ietf.org>; Mon, 4 Apr 2022 16:06:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Tl7xWJ2LEw3vqQxXWRVdOi7lK6KIbPxDgZjG9IwJaWXvdvGEY2xUsnePrUUraqRIoCmlo3U8rQ2Qklo5e9UCtvCWrIxA9riVWtS9kvE7q2cAVEvo/IlZqgej7Prpv4PmurRJ6pyAIrA2xfiCVZNDjLFFAD8QD4SQvIBj7PGjm8mzx24rPOed+chlYJzLAntN7zGxWqiyTWvX/JrBRZaBCojke3wmrlpxvWzHviWWV1MBksaTRBEEZ2ZvP/XO8fVGnpc97EqCE2fWAQm7vX/GisOuMS5WrUbhoIclHHb5BtWS+4T0SZG5QLbQH3Irca9Z28EGEoXtlqdTphkKLLoFAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YL2WNY4ymX+BSKA1SM1bzWna6Dtj7km9IaBKU8xH5qc=; b=AzdkGcS/OAqc9Gkuw2rCKkW5BHJrmzl338pfvVPHrXk43YjNMalINWne4RfiUz5JuVy9tHPSosYXyRdE4uPsJDLyZ09dX2z1l21E9uT2Jwt6eY2s7lBuk4ui5sj+b7XsXzQ6BI+jIHxOIjePw/Q1W3ad3XiLVgfzlLllxa4DKcH1LFuIQZWl+sH7tuQ7yP9cSbUucmWlavdxDulx5lZ68MUPNKzMMF+DEO/X16j4zX+v4HKlQzs2bGP/2t5m9ML3/q7S//wB1XKiiq8WuKvV75EuxYqpwdWokXWVV7h+qWMsi4MFsJVAWrtvOeMxkSlK8sULDPcSLsvDkAnYzG51Sw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YL2WNY4ymX+BSKA1SM1bzWna6Dtj7km9IaBKU8xH5qc=; b=Fpwob1jwkwlDNuNFo0FSVPsUJw3nAqbBt+Sde5cO6oI7SlJtQc7B2Eruw2qiVn8DAAcMcdifP9HudJ+OIE0jH2D2sK8MtVvhlbnD+oYCXrF08xOBH+qyxfuuGdagx6AdD7XWv0MykjJfHw9CaFKrmFhzkrsZXjWV0pq5XZPmEd5ZXga8wQ35kygHdvAg4h2v9EU3bv8dUSA03vbECX+Wo3L+F8FApCo1nOteyZvTH/eyLLbYeUn49zed/l2CPA24brQAm44RgwyMpPCzVnCZXeqCtN0HTzmZrT5pB+cuzX9vZYY0wiVpOMZ5p3LgWTF2USlsEJdPhNCzX7sDlGltcg==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by AS4PR02MB7975.eurprd02.prod.outlook.com (2603:10a6:20b:4ba::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.31; Mon, 4 Apr 2022 23:06:30 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::c183:9519:74b5:b606]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::c183:9519:74b5:b606%7]) with mapi id 15.20.5123.031; Mon, 4 Apr 2022 23:06:30 +0000
Message-ID: <0bea9330-4c05-05e8-323a-a5474be6c515@cs.tcd.ie>
Date: Tue, 05 Apr 2022 00:06:27 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: DISPATCH list <dispatch@ietf.org>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------wLc83gX05jXwl8y5XFM2FBVr"
X-ClientProxiedBy: DB9PR06CA0012.eurprd06.prod.outlook.com (2603:10a6:10:1db::17) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 6f30f317-46ce-4e72-cd04-08da168fc0a4
X-MS-TrafficTypeDiagnostic: AS4PR02MB7975:EE_
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <AS4PR02MB7975FBF0FBA495421E5CFA15A8E59@AS4PR02MB7975.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: kfwkj3QnCj1x4cpUT8WX13IuqdK9sbZ5TK0Ne3MyPKFR5UqgXN4TOh2oAhO3oSMKAQxVM+iU8xwKJdXufFEiEs+Cl6WkEMGpcMFZmW19DsPZtSxcDsgVMCcGmwBWTH1HqkOAsUp2feIp0BzKlTtu+Uaf6nJKfrrYPsFGUSwIlZkE3mxiBHrYSX8JXu40cA05AWeVDPCgtQ7/XjAxfj1sxVtXJ8esS4dND7vDvIpBw8h0hZQ5vBRBZeFzrg+tjFcCSxBskufPseL1qCFT3pP61wSdL/YVHNjUHeFPASIoxDiA9j1FMQwOZuCoz+71wOX2uJyZP6QHV9AF6IIrsv1YRTJrndAnMJwNCDHHclupw/jRfcbUnWsfuvLpzO+R2tNPVWKm/s9DIcFS0xqWYiTXxK8fwjzphz4/TxxS9dA4yUpyygZHrRdxZbGOL30qQVLjAZmP62U5z+sZFHLNvmTBzrGw7BgorHLRvc7l9D7hDdZzknEPypapsCqxyEkyDJs9ETNSAtMy48CQ9EP2tXHbumoek5Xvf8tuMC/rZza83iXMbwaYClcUjcTAdR45cW5wu/B6Z5KOcqLAjMAbD83IWhU1lXHb4uRJc+1tRlqxZyJyUK5D+desBcsIyIaz2ozHSmBeyPeF2ve7hDl6emQ7ghaDCKZk3NuTORSLqON5NSvbNXIAj7Z/OhmCRNHU8xCTodq2qGChyKr9DSD2t0N0FqakipGn7Nrh4rZWY7qquEcWbb/dhZHQufbSxPcN5jwJc5b4YMPVHd4c+nz9ohsrC/mJW+xNPUzC+CiIYEqCpo7W5k89ejq9KJTiHAxM20BZ
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(2616005)(966005)(508600001)(186003)(33964004)(6506007)(21480400003)(6486002)(6666004)(44832011)(2906002)(86362001)(31696002)(6512007)(5660300002)(83380400001)(316002)(786003)(66556008)(66476007)(66946007)(235185007)(36756003)(31686004)(38100700002)(6916009)(8676002)(8936002)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2
X-MS-Exchange-AntiSpam-MessageData-0: qAkk+IU5K1gVo+kZ6e+EcmZKw34PZ+QZdRpJlKBDe2heimQPrFQ5voDudgOHLDZlyozWkkaynZJZDZiFOHAKyjOStF2O441bFJo40YgCntU3lzw0zk0J9v30y5BR2rPm38JMqDFFssArTgcfAEc8alDSVpWyAUiYeON2ix8EwrwTC3+6c7qIp56cnSGL7pc68dPGnR49JblQMsGz2n/SRHb+J/ZjkxaQ3Z22t28N4Gxun/cvFYZrLbOwWrZFoSHIjCkkENdgdoqM5NO/L+NWJLekfu1QP+rQ5aRovMwPepnlxf9BotoAhc2KpeFXwS4JUzahuL0YQ4EYUIn4gloUQ3ryH09WMWG47mjVer1lrwjcU23qbsq6nzfhKVuyPjK1MnbVCUoF7nFeJ/eW7PeIm6MZsGrLzCTvt+3jX81oZA2Fb/3oEAMyUMAbh4mZo9D/Etb6aO9g3eBr8WYkHq3kk5FpE25H4r3LgxwKW3aaihgBLaeZDTTmv/OBubn4AO73juvQMNueZvpcVnMbVMHhfXZw+WT2tnOtNjuggvo/i4xCxhdrV271lCFMKvXgYezxa7Z6ThGFsqqb6edb9M+q98C3M1YWXJ6b5OkqOTwnYNkQE/5+tGDaIh1Z8SBnjJ3L3xAShD9ZguV5rokFcIusao4ax4QxdTCaAgxhvTdtM3ulQzErAU4l4x24DP0q52XWEa1ClgVr+5nfPo43DYmcRnomXK2L2BI5sFQBJT4z4YimydOhjj03cC4DEVz4nHDDUvkihwUQJVrCoIwGOcuQv1aBQzrkIElpcPpvDBrwuec3GT/TgYMQDTeZOJvN4NngFYArQR2xDIwyK5eOrUIb9ppK3wjbr+eBFvsGtZ42KFw8R5cKQPZ2gd/jinZFNEpCksGuYUTfUo/Z+zzeKHNg0yVh5DdKI1gdHDr0Lxn35J4szveyID/CNh+m+7lnRV6SFWhCsFRRqo9voGqvidodyNj1bcAvbkhZUIQneNJGqdFp+g3PBGQE3Rs3KszunuANmkKrgqloPFagrGE3Tuuh1XoMrhq2ZNFdKW/b1aZu0RiCPgzSqQ+4tKI9pSS8QopkfjodLd1nKDUJbBhHMurc8GiH0IM/jsSE4L6PRkokkgSzuF8PEBrRDSja2/PxSy8FYSclHOqf1WAFA/anyglC/9YOeHvjxILZMVuyhtJgjsBPQKwkN/3srtdDQxdI4wl5BQGYnuGhelko7/sGWpSMLbfzZiAXAJK+x9ZLyNWmp0HAElLHs5ETs4l1uwiri98Rf9JqKnj5QkHZjNe4x9CXXFIrrW6FjEAxIm7wGo6wGs2Yz98WMQ/tNITMXVFtWR539FNN65RTUtXWQkVM3leE9I6LyomiiNt7T81WwQTn3KZ8bL4SMiYTXnW36UH8du7VBGkkLIGWVeCuxlUZdTlbcaO+nDdNgwTKU2UYdX3Mv8d/a9ueOPvxrEsAv5EVbukNYv2UTVetfxpOT63TAFBdYyhCYk+5mrHXUOkSsH+BbLnPnuKcEjrk/dYDm9OFuiGBw8i0+60wUQKWXRh/E7XHeMeq2SVw0+TuphWr/UpDPmpV7GBfreFPcYuhcMCPMCmar+jR+I3fHtGHm7Yd4u3g7fYTXt4yh+G7EgL3RLXiYFtCtxSzkcGB3EmrYu69i/g+5tbYZpZ4oVB70zOw2XZpxDxN3s5Xh2KgMqmYwmV9RAoMuLNZvrUCVjiF+vFYIYyrNWuQ5TI1hRBEp5GU/xPB92D/A9m6I4AvCj4AOGp96FZI7e5osjwTQna078TyrrHdwVz+/CR3
X-MS-Exchange-AntiSpam-MessageData-1: +l3k9CfcwU6OLg==
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 6f30f317-46ce-4e72-cd04-08da168fc0a4
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Apr 2022 23:06:29.9350 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: whdxVr1a66V/uWpKePPi0vnV6a04FhccNVImjLbFzk5Z25qyWS7Lw1NjgPIS3FXy
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR02MB7975
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/QuOn03ZxxkcuVzUqfgwBonz7Gxs>
Subject: [dispatch] dispatching draft-farrell-tls-wkesni
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2022 23:06:55 -0000
Hi all, (Thanks again to Joe Salowey for presenting this in Vienna when I had to be in another room.) My impression of the discussion [1] of this draft [2] is that there's interest in the draft but people were fuzzy as to where it might best be processed. The meeting notes indicate that more dispatch discussion on this list was the desired outcome, so here goes... My take, in case it helps: ask TLS to adopt with review from HTTPBIS. I fully agree it ought be processed by an IETF WG. Responding to what I think is the main technical issue identified at the meeting (relevant to the dispatch question) and that will need to be addressed during WG processing: the appropriate level of generality here is a tricky issue, and (again as pointed out in the notes) needs input from those who'll operate servers. I figure though that there's a useful guideline we can use here. The relevant HTTP server for this spec is the ECH private key holder. The ECH private key holder processes the outer ClientHello so whatever they wish to ask be used there by eventual TLS clients, in the outer ClientHello, seems like it should be supported here. And that's the ECHConfigList which is already an extensible structure and is the meat of the HTTP response defined here. What ought be in the inner ClientHello is up to the eventual/backend web origin (the "publisher" of the HTTPS/SVCB RR) which is the HTTP client in this spec and so ought not be represented in the JSON (or whatever) HTTP response messages defined here. IOW, that's an argument for the current design in [2]. Of course, experience may demonstrate that some more is needed, but I'm sure that'd emerge in WG processing, regardless of which WG "owns" the spec. Also looking at the notes, I agree that the timing for this ought be driven by ECH (also a TLS spec) - from my POV, this one would ideally turn into an RFC a few months after the ECH spec, which again, for me, argues that the TLS WG is best placed to process this. Cheers, S. [1] https://notes.ietf.org/notes-ietf-113-dispatch#A-well-known-URI-for-publishing-ECHConfigList-values-20-mins [2] https://datatracker.ietf.org/doc/html/draft-farrell-tls-wkesni
- [dispatch] dispatching draft-farrell-tls-wkesni Stephen Farrell
- Re: [dispatch] dispatching draft-farrell-tls-wkes… Ben Schwartz
- Re: [dispatch] dispatching draft-farrell-tls-wkes… Stephen Farrell