IETF Logo Mail Archive

Re: [TLS] Last Call: draft-ietf-tls-renegotiation (Transport Layer Security (TLS) Renegotiation Indication Extension) to Proposed Standard

Yoav Nir <ynir@checkpoint.com> Tue, 01 December 2009 10:06 UTC

Return-Path: <ynir@checkpoint.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 093813A6A2C; Tue, 1 Dec 2009 02:06:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.527
X-Spam-Level:
X-Spam-Status: No, score=-2.527 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G3LeS9TcE8dM; Tue, 1 Dec 2009 02:06:30 -0800 (PST)
Received: from dlpdemo.checkpoint.com (dlpdemo.checkpoint.com [194.29.32.54]) by core3.amsl.com (Postfix) with ESMTP id F3F6E3A63D3; Tue, 1 Dec 2009 02:06:29 -0800 (PST)
X-CheckPoint: {4B14E6A3-2-14201DC2-FFFF}
Received: by dlpdemo.checkpoint.com (Postfix, from userid 105) id 67EF129C008; Tue, 1 Dec 2009 12:06:21 +0200 (IST)
Received: from michael.checkpoint.com (michael.checkpoint.com [194.29.32.68]) by dlpdemo.checkpoint.com (Postfix) with ESMTP id 49E4029C002; Tue, 1 Dec 2009 12:06:21 +0200 (IST)
X-CheckPoint: {4B14E6A3-0-14201DC2-FFFF}
Received: from il-ex01.ad.checkpoint.com (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id nB1A6KGo022925; Tue, 1 Dec 2009 12:06:20 +0200 (IST)
Received: from il-ex01.ad.checkpoint.com ([126.0.0.2]) by il-ex01.ad.checkpoint.com ([126.0.0.2]) with mapi; Tue, 1 Dec 2009 12:06:27 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: "ietf@ietf.org" <ietf@ietf.org>
Date: Tue, 01 Dec 2009 12:06:18 +0200
Subject: Re: [TLS] Last Call: draft-ietf-tls-renegotiation (Transport Layer Security (TLS) Renegotiation Indication Extension) to Proposed Standard
Thread-Topic: [TLS] Last Call: draft-ietf-tls-renegotiation (Transport Layer Security (TLS) Renegotiation Indication Extension) to Proposed Standard
Thread-Index: AcpybfHMmvFP/j9QRVGxAqdKUE6NZg==
Message-ID: <7C44D6AC-C936-4AAB-983C-A6928FE01637@checkpoint.com>
References: <20091130153734.D44C63A6AA9@core3.amsl.com>
In-Reply-To: <20091130153734.D44C63A6AA9@core3.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "tls@ietf.org Group" <tls@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2009 10:06:31 -0000

On Nov 30, 2009, at 5:37 PM, The IESG wrote:

> The IESG has received a request from the Transport Layer Security WG 
> (tls) to consider the following document:
> 
> - 'Transport Layer Security (TLS) Renegotiation Indication Extension '
>   <draft-ietf-tls-renegotiation-01.txt> as a Proposed Standard
> 
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action.  Please send substantive comments to the
> ietf@ietf.org mailing lists by 2009-12-14. Exceptionally, 
> comments may be sent to iesg@ietf.org instead. In either case, please 
> retain the beginning of the Subject line to allow automated sorting.

I oppose publishing the current draft. 

There are two unresolved issues still being discussed on the TLS mailing list: 
 1. non-extension signaling for older versions (SSLv3 and maybe TLS 1.0)
 2. explicit vs implicit addition of old verify_data to the PRF (also known as fail-unsafe vs fail-safe)

I think the WG is converging, and that a couple of more weeks of discussion may lead to consensus. 

I agree with David-Sarah Hopwood that a last call (WG or IETF) is still premature.

v2.23.0 | Report a Bug | By Email