Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02.txt
mohamed.boucadair@orange.com Fri, 23 October 2020 12:31 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B4793A0AE7 for <opsawg@ietfa.amsl.com>; Fri, 23 Oct 2020 05:31:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8DZYOvyosXUN for <opsawg@ietfa.amsl.com>; Fri, 23 Oct 2020 05:31:45 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC5F13A0A3D for <opsawg@ietf.org>; Fri, 23 Oct 2020 05:31:44 -0700 (PDT)
Received: from opfednr05.francetelecom.fr (unknown [xx.xx.xx.69]) by opfednr23.francetelecom.fr (ESMTP service) with ESMTP id 4CHkB70cq7z60kB; Fri, 23 Oct 2020 14:31:43 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1603456303; bh=vw5MpKsMLmGF2QzEvToKHQ3sGdNHCcuHfIpzAqXBroM=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version; b=haQ7XcxXTR+vCO0LSpyLge1qQ3taA/TA91eoyyX8J0T62tr3+8ufITIEVXWtOW7h8 eHx7EyLnstUhHKm3kXvS9Ln8iIeI0xRpQ9N5InAk2wqWl2tcw8ZLn2JPcahxHLq/hQ HL8xKzesnBAWpk+39zSisU/eVr0sDvMqrjOf/J+OfNvsr6Uct2/Wf/62C0Vx9VEDbA OQCGRR9vE4+X6FD7KcSjG952L1wkC61GQH4Q2qglcrrjTRL8BNnbnw3KXuRsUlStF7 V6AkSB9zThbJAJi7OEtlt1T4rf7KgVzrNtZIjeEgJTXOt26rqcZy/exRKvr0LnyBCt GCFhGMdvxkqvA==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.38]) by opfednr05.francetelecom.fr (ESMTP service) with ESMTP id 4CHkB66wF5zyQ7; Fri, 23 Oct 2020 14:31:42 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: tirumal reddy <kondtir@gmail.com>
CC: opsawg <opsawg@ietf.org>
Thread-Topic: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02.txt
Thread-Index: AQHWqTemM0IhmhnAWU2UW47vJSTPyKmlHgpQ
Date: Fri, 23 Oct 2020 12:31:42 +0000
Message-ID: <11081_1603456303_5F92CD2F_11081_366_1_787AE7BB302AE849A7480A190F8B9330315659E5@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <160327221739.8041.18219202941238311184@ietfa.amsl.com> <CAFpG3geYjzMN4GYAa+rmXX6q4aCJXrJZG4vKyF17=0dGrRy2nQ@mail.gmail.com> <18014.1603299252@localhost> <CAFpG3ge6jt8cx5GAOH+JDAyv=9EyefJNXJAtoJE6YMkYmmu6DA@mail.gmail.com> <10924_1603357776_5F914C50_10924_84_1_787AE7BB302AE849A7480A190F8B933031564E60@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAFpG3gc7tE2687nQOQrAeS8gArpFJ85hCic61ei2hcNwu+EjUg@mail.gmail.com> <26350_1603367263_5F91715F_26350_133_1_787AE7BB302AE849A7480A190F8B933031564F3F@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAFpG3ge3tUUbNESVD5WH3Efp+sKYoQYp1GFP4T8FeV2m1MNXhA@mail.gmail.com>
In-Reply-To: <CAFpG3ge3tUUbNESVD5WH3Efp+sKYoQYp1GFP4T8FeV2m1MNXhA@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B9330315659E5OPEXCAUBMA2corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/rYZ5z8ODqwC-k7N9KcJ-UhMeNck>
Subject: Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Oct 2020 12:31:47 -0000
Hi Tiru, Thanks. I sent you a PR (https://github.com/tireddy2/MUD-TLS-profile/pull/5/files) Cheers, Med De : tirumal reddy [mailto:kondtir@gmail.com] Envoyé : vendredi 23 octobre 2020 14:26 À : BOUCADAIR Mohamed TGI/OLN <mohamed.boucadair@orange.com> Cc : Michael Richardson <mcr+ietf@sandelman.ca>; opsawg <opsawg@ietf.org> Objet : Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02.txt On Thu, 22 Oct 2020 at 17:17, <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> wrote: Re-, Yes, I know. This is why I suggested it to be added on TLS-related specs. That’s superior to the current approach in the draft. I have updated the draft to discuss the rationale for adding a new registry, please see Section 5.3 in https://github.com/tireddy2/MUD-TLS-profile/blob/master/draft-ietf-opsawg-mud-tls-03.txt -Tiru Cheers, Med De : tirumal reddy [mailto:kondtir@gmail.com<mailto:kondtir@gmail.com>] Envoyé : jeudi 22 octobre 2020 13:34 À : BOUCADAIR Mohamed TGI/OLN <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> Cc : Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr%2Bietf@sandelman.ca>>; opsawg <opsawg@ietf.org<mailto:opsawg@ietf.org>> Objet : Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02.txt On Thu, 22 Oct 2020 at 14:39, <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> wrote: Hi Tiru, all, Ideally, the version registry should be maintained and updated by the relevant (D)TLS specs. This can be part of draft-ietf-tls-dtls13 or draft-ietf-tls-rfc8446bis-00<https://tools.ietf.org/html/draft-ietf-tls-rfc8446bis-00#section-11>. TLS does not define any version specific registry maintained by IANA. In TLS 1.3, version support is determined by the presence of supported_versions extension and the version field should have the value 0x0304. In prior versions, legacy_version field is used to indicate older TLS version (e.g., 0x0304 is used to indicate TLS 1.2). Cheers, -Tiru Cheers, Med De : OPSAWG [mailto:opsawg-bounces@ietf.org<mailto:opsawg-bounces@ietf.org>] De la part de tirumal reddy Envoyé : jeudi 22 octobre 2020 08:43 À : Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr%2Bietf@sandelman.ca>> Cc : opsawg <opsawg@ietf.org<mailto:opsawg@ietf.org>> Objet : Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02.txt On Wed, 21 Oct 2020 at 22:24, Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr%2Bietf@sandelman.ca>> wrote: tirumal reddy <kondtir@gmail.com<mailto:kondtir@gmail.com>> wrote: > a) Added two new YANG modules iana-tls-profile ((D)TLS parameters and > (D)TLS versions) and ietf-mud-tls (MUD (D)TLS Profile Extension). I browsed through the differences. Do I understand that iana-tls-profile would be updated by IANA as they handed out TLS protocol numbers ? Yes, iana-tls-profile will be updated by IANA. The procedure to update (D)TLS versions/parameters registries and iana-tls-profile is explained in https://tools.ietf.org/html/draft-ietf-opsawg-mud-tls-02#section-10.1 Cheers, -Tiru -- Michael Richardson <mcr+IETF@sandelman.ca<mailto:mcr%2BIETF@sandelman.ca>> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tls-02… internet-drafts
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… tirumal reddy
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… Michael Richardson
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… tirumal reddy
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… mohamed.boucadair
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… tirumal reddy
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… mohamed.boucadair
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… tirumal reddy
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… mohamed.boucadair
- Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-tl… tirumal reddy