Re: What ASN.1 got right
Michael Thomas <mike@mtcc.com> Thu, 04 March 2021 17:14 UTC
Return-Path: <mike@fresheez.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F18553A1136 for <ietf@ietfa.amsl.com>; Thu, 4 Mar 2021 09:14:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.748
X-Spam-Level:
X-Spam-Status: No, score=-1.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iOqlYICoWiYn for <ietf@ietfa.amsl.com>; Thu, 4 Mar 2021 09:14:58 -0800 (PST)
Received: from mail-pj1-x1031.google.com (mail-pj1-x1031.google.com [IPv6:2607:f8b0:4864:20::1031]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C2813A112F for <ietf@ietf.org>; Thu, 4 Mar 2021 09:14:58 -0800 (PST)
Received: by mail-pj1-x1031.google.com with SMTP id e9so6991277pjs.2 for <ietf@ietf.org>; Thu, 04 Mar 2021 09:14:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=bUAaZs6RauPwSC/N4NQdqMO1J7E5Y8z86ntZD2/2VT0=; b=Q1tEJ00jOJgyXy5Jy1RmdcFvZ8/Jx7LFnkg14aXS78hikjvFCvl2PHo1qIRVZuBEPb IwU7K+6yzCA56R1MRwoG6lJTHgHkeWkfh2Ct1SOjcFlpwCMZSBQtXn3SO8aGofewkkdz rACAg7wtsjk3YzVyixcZkbNiA84+TCGQWwTws7W4p/jiRSHtZaRM/Ou9PsRbo6zfSUJ+ a97lWdV35WIPfxjV9S75vsJ058m+ODnLpRR5+4wVkIy4x8geJOxRhMX5s6c9MokXVQuW +Mq9uo7hBccIJEsyaIvymRq6aeEiF3KOzCNeev/fkGfQYzEk930XXaGzuXlWl0JGqbzd 4mzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=bUAaZs6RauPwSC/N4NQdqMO1J7E5Y8z86ntZD2/2VT0=; b=oCTV9XgAAuCdvjsxyWUyvEl9D4OoaEm2+n/s57oB/JG8tRlD3eC3CmyBaBYGS1UnzC aJ6qLpwIBqbvWJHKEkhO4bUMOQDblPl1gxRChItfDKpXQhDPu+yGQkdj/AJI/GBoFgtr tCOtp41cPd4ZN566hR356Q1SJRk8Zq8FjT8rnUahgW7V4YFjDVgM6QAynhl6xbzZS/hS pk/8Uj11vn1mnhKZ1o1bNJpGsW0theb3dcZgz5e0QamIEa9MPDAvYGAMlxZLbcdUb6Bx s/dqjdYJD/IVK/JJSj2zc3kAecxmt0TsFM7mToo/6XJ1nQQfcMM+w8Q65+tTqwcHOpuC 6acw==
X-Gm-Message-State: AOAM533gqvRlA61Q2q3EWCyZEmn4H82oY2KQGKeDpluX7jrpHQKDn9/l 8KsakoKtUcrBcW24CcWUoeFgw+GA2gAMKA==
X-Google-Smtp-Source: ABdhPJzz8gcsHusqZE58/t2xs4i11dj7g9WgglOW1cT9W8CmGacerta2rDPLthn5FEOBVwu25N3vHQ==
X-Received: by 2002:a17:902:e80b:b029:e3:3df1:5e93 with SMTP id u11-20020a170902e80bb02900e33df15e93mr4789129plg.80.1614878096431; Thu, 04 Mar 2021 09:14:56 -0800 (PST)
Received: from mike-mac.lan (107-182-37-239.volcanocom.com. [107.182.37.239]) by smtp.gmail.com with ESMTPSA id gg22sm10796422pjb.20.2021.03.04.09.14.55 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 04 Mar 2021 09:14:55 -0800 (PST)
Subject: Re: What ASN.1 got right
To: Phillip Hallam-Baker <phill@hallambaker.com>, Jared Mauch <jared@puck.nether.net>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
References: <20210302010731.GL30153@localhost> <0632b948-9ed1-f2bd-96da-9922ebb2aa60@mtcc.com> <YECpybvczdbKHvHx@puck.nether.net> <CAMm+LwiiySi5O1_WDc4-F9x1XfMFFvE-rEbc4uw+31DHJNEHEA@mail.gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <86b382d8-dd3c-ed0a-8dde-f0837cf10e98@mtcc.com>
Date: Thu, 04 Mar 2021 09:14:54 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.8.0
MIME-Version: 1.0
In-Reply-To: <CAMm+LwiiySi5O1_WDc4-F9x1XfMFFvE-rEbc4uw+31DHJNEHEA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------0122F9E70DAE75022BAD667F"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/A0hgPyCFK4Nrx6AOB537AlkdueY>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Mar 2021 17:15:00 -0000
On 3/4/21 6:57 AM, Phillip Hallam-Baker wrote: > > > On Thu, Mar 4, 2021 at 4:35 AM Jared Mauch <jared@puck.nether.net > <mailto:jared@puck.nether.net>> wrote: > > On Mon, Mar 01, 2021 at 05:18:10PM -0800, Michael Thomas wrote: > > The combination of ASN.1 and X.509 has done irreparable harm to > identity on > > the internet. X.509 provides exactly one benefit: the ability to > verify > > offline that almost nobody cares about anymore. They have needlessly > > As someone who had to build my own fiber/internet access in > a developed country, I believe the community often misses the mark in > assuming everyone is as well connected as they are. > > I encourage you to review this assumption. > > > It is really rare that people try to use TLS without Internet > connectivity. And the deployed base really isn't good at working in > that mode. > > Kohnfelder was originally writing for email messaging. But even then, > how do you send a mail without some connectivity? > > X.509 is really optimized around the totally offline case. And that is > a bad choice for many applications. But it does work for some. > > That's the thing: the only thing that X.509 is used for at any scale is TLS and that is definitionally online. Everything else is niche in comparison. If you need offline capability, fine, but almost nothing does anymore if it's associated with the internet in any way. Mike
- Re: What ASN.1 got right Michael Thomas
- What ASN.1 got right Nico Williams
- RE: What ASN.1 got right Larry Masinter
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Tim Bray
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Keith Moore
- Re: What ASN.1 got right Theodore Ts'o
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Carsten Bormann
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Dirk-Willem van Gulik
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Dirk-Willem van Gulik
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right George Michaelson
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Christian Huitema
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right George Michaelson
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Jared Mauch
- Re: What ASN.1 got right Keith Moore
- Re: What ASN.1 got right Phillip Hallam-Baker
- Re: What ASN.1 got right Dirk-Willem van Gulik
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Nico Williams
- Re: What ASN.1 got right Michael Thomas
- TLS on disconnected/intermittently connected netw… Keith Moore
- Re: What ASN.1 got right Keith Moore
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Keith Moore
- Re: What ASN.1 got right Michael Thomas
- Re: What ASN.1 got right Keith Moore
- Re: What ASN.1 got right Michael Thomas
- Re: TLS on disconnected/intermittently connected … Viktor Dukhovni
- Re: TLS on disconnected/intermittently connected … Keith Moore
- Re: TLS on disconnected/intermittently connected … Sam Hartman
- Re: TLS on disconnected/intermittently connected … Keith Moore
- Re: TLS on disconnected/intermittently connected … Viktor Dukhovni
- Re: TLS on disconnected/intermittently connected … Sam Hartman
- Re: TLS on disconnected/intermittently connected … Keith Moore
- Re: TLS on disconnected/intermittently connected … Michael Thomas
- Re: TLS on disconnected/intermittently connected … Keith Moore
- Re: TLS on disconnected/intermittently connected … Michael Richardson