Fwd: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)

"Eggert, Lars" <lars@netapp.com> Wed, 21 March 2018 11:39 UTC

Return-Path: <lars@netapp.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 1B1D412DA27 for <quic@ietfa.amsl.com>; Wed, 21 Mar 2018 04:39:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netapp.onmicrosoft.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id L2aFlLw5OOTw for <quic@ietfa.amsl.com>; Wed, 21 Mar 2018 04:39:26 -0700 (PDT)
Received: from mx141.netapp.com (mx141.netapp.com [IPv6:2620:10a:4005:8000:2306::a]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63F34126DD9 for <quic@ietf.org>; Wed, 21 Mar 2018 04:39:26 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.48,340,1517904000"; d="asc'?scan'208,217";a="262685410"
Received: from vmwexchts04-prd.hq.netapp.com ([]) by mx141-out.netapp.com with ESMTP; 21 Mar 2018 04:39:25 -0700
Received: from HIOEXCMBX08-PRD.hq.netapp.com ( by VMWEXCHTS04-PRD.hq.netapp.com ( with Microsoft SMTP Server (TLS) id 15.0.1320.4; Wed, 21 Mar 2018 04:39:25 -0700
Received: from VMWEXCCAS01-PRD.hq.netapp.com ( by hioexcmbx08-prd.hq.netapp.com ( with Microsoft SMTP Server (TLS) id 15.0.1320.4; Wed, 21 Mar 2018 04:39:25 -0700
Received: from NAM01-BN3-obe.outbound.protection.outlook.com ( by VMWEXCCAS01-PRD.hq.netapp.com ( with Microsoft SMTP Server (TLS) id 15.0.1320.4 via Frontend Transport; Wed, 21 Mar 2018 04:39:25 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netapp.onmicrosoft.com; s=selector1-netapp-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=pO6dr0Hy7JDUm4+miBCbThlNA3f7D1SxmK6c2apuwMA=; b=jRteQ9rUVO25iBJQU7eIT8IZ0SF9L9cG2/ZIqvRHzXEomyXH3gaa++XBIvE5H28uYf6dDQn09/9r7YIALePUb2LPhzgtpL7xYR+MQc1841FTZRGZsBRjwq5ELWHb60mHh0TE4CNiwuTJpraQb0tyc4B/aZ0G5+1TmB8MOrUMyIc=
Received: from BLUPR06MB1764.namprd06.prod.outlook.com ( by BLUPR06MB177.namprd06.prod.outlook.com ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.609.10; Wed, 21 Mar 2018 11:39:22 +0000
Received: from BLUPR06MB1764.namprd06.prod.outlook.com ([fe80::fcd6:68ad:7a0:55c2]) by BLUPR06MB1764.namprd06.prod.outlook.com ([fe80::fcd6:68ad:7a0:55c2%4]) with mapi id 15.20.0609.010; Wed, 21 Mar 2018 11:39:22 +0000
From: "Eggert, Lars" <lars@netapp.com>
To: IETF QUIC WG <quic@ietf.org>
Subject: Fwd: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
Thread-Topic: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
Thread-Index: AQHTwPvEz6RAIWNrtE+IHdr0a3NOaA==
Date: Wed, 21 Mar 2018 11:39:22 +0000
Message-ID: <1D79597D-9529-4ED7-A57F-3347BBDAF453@netapp.com>
References: <152162652269.6094.2447920700461328551.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-mailer: Apple Mail (2.3445.5.20)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=lars@netapp.com;
x-originating-ip: [2001:67c:370:128:4578:26d:325e:76b4]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BLUPR06MB177; 7:8TZwg3YDgpnuOZJSMMxjka6JSB6VNajPATo2tYs8qEFWaGpZQZ3V82hKcsycZ8a3NioRjmpivLPYiV8pcQ96ZpWSK0p3AhrqcaM2ldCNI0ZQavgkmanBGkauL8MDqcz6xLN5F+Cy7y2BlgHi97Qns5BdiKFpeLFHk7ZT4YYULjIwwvOdYKAqSOs4PswbAgOnF+y8Nhj+7MQzqGmXgjp3kqtJZ3xFtY8rJ9TaG+iv658OYdVkJgeXk+pkwyYh0gxI
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 07144558-2320-4f28-4123-08d58f20643f
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(49563074)(7193020); SRVR:BLUPR06MB177;
x-ms-traffictypediagnostic: BLUPR06MB177:
x-microsoft-antispam-prvs: <BLUPR06MB1776B9D6F01BA4429E639B9A7AA0@BLUPR06MB177.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(278428928389397)(120809045254105)(192374486261705)(85827821059158)(100405760836317);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(102415395)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231221)(944501322)(52105095)(93006095)(93001095)(6055026)(6041310)(20161123562045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(6072148)(201708071742011); SRVR:BLUPR06MB177; BCL:0; PCL:0; RULEID:; SRVR:BLUPR06MB177;
x-forefront-prvs: 0618E4E7E1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(39380400002)(396003)(346002)(376002)(199004)(189003)(24433001)(86362001)(2906002)(6506007)(36756003)(59450400001)(478600001)(99286004)(68736007)(106356001)(5660300001)(5250100002)(186003)(46003)(229853002)(102836004)(97736004)(316002)(76176011)(6116002)(15650500001)(606006)(6436002)(6916009)(81166006)(6486002)(236005)(54896002)(99936001)(8936002)(6306002)(57306001)(6512007)(2473003)(7736002)(966005)(3660700001)(25786009)(105586002)(14454004)(2900100001)(53936002)(8676002)(50226002)(3280700002)(33656002)(82746002)(83716003)(81156014); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR06MB177; H:BLUPR06MB1764.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: netapp.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: SwmPsUPghNxsAML/DmkSTkekVkqpJnpvq972ocAyhoD/Jj8cdX14WcOGikQohicgRUAdoYLqtoa3jZWg2CVnxaU2mnHIZ6czWkKLnedi9/orC1marjjk8hzEXiMWb5vezvhE/45ZuBGNjbBEFkJ7X3hjkH0/uqg9punrHHoqeMvqgbn8YguHSAM6uCuhl4kvJtx9jL2GLgsgJES7cIrdQ9+hmgyGkeemtxUZ5LQdGY7GBFN7g1mU2O3zTsEAVV/TAsodJ5a7h+WUuIfwNxIQrGhLS0ImUy5YGM5xDKWb5b4Iuwfqr0Dlk4++5yq7qrKXWrwems9WLk1Af0N1nt9Odw==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_B61FAA41-E036-4D4C-85A9-A5A15DB5EEAC"; protocol="application/pgp-signature"; micalg="pgp-sha512"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 07144558-2320-4f28-4123-08d58f20643f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2018 11:39:22.2166 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4b0911a0-929b-4715-944b-c03745165b3a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR06MB177
X-OriginatorOrg: netapp.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/G5r_QUOiyl_0zKORS0ESXOM5Pac>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2018 11:39:29 -0000

No more chasing TLS draft versions.


> Begin forwarded message:
> From: The IESG <iesg-secretary@ietf.org>
> Subject: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
> Date: March 21, 2018 at 10:02:02 GMT
> To: "IETF-Announce" <ietf-announce@ietf.org>
> Cc: tls@ietf.org, draft-ietf-tls-tls13@ietf.org, tls-chairs@ietf.org, Kathleen.Moriarty.ietf@gmail.com, The IESG <iesg@ietf.org>, rfc-editor@rfc-editor.org
> Reply-To: ietf@ietf.org
> The IESG has approved the following document:
> - 'The Transport Layer Security (TLS) Protocol Version 1.3'
>  (draft-ietf-tls-tls13-28.txt) as Proposed Standard
> This document is the product of the Transport Layer Security Working Group.
> The IESG contact persons are Kathleen Moriarty and Eric Rescorla.
> A URL of this Internet Draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/
> Technical Summary
>   This document specifies version 1.3 of the Transport Layer Security
>   (TLS) protocol.  TLS allows client/server applications to communicate
>   over the Internet in a way that is designed to prevent eavesdropping,
>   tampering, and message forgery.
> Working Group Summary
>  The document is the work product of the members of the TLS
>  WG.  There is strong consensus in the working group for this
>  document.  The area that was most controversial was around
>  the inclusion of a 0-RTT mode that has different security
>  properties than the rest of TLS.  s1.3 lists the major differences
>  from TLS1.2, as agreed by the contributors; we do not think
>  that the RFC needs to list the changes that occurred between
>  each draft.
>  The draft has had 3 WGLCs to address various issues and the
>  chairs assessment was fair in each of these discussions.  At this
>  point there are no known outstanding issue.
>  While I personally do not agree with inclusion of 0-RTT because
>  there are bound to be successful attacks against the mitigations
>  in the future, I do agree with the chair's assessment of the WG
>  consensus and am pleased with the additional text on mitigating
>  the associated risks with 0-RTT.
> Document Quality
>  There are over 10 interoperable implementations of the
>  protocol from different sources written in different
>  languages.  The major web browser vendors and TLS
>  libraries vendors have draft implementations or have
>  indicated they will support the protocol in the future.  In
>  addition to having extensive review in the TLS working
>  group, the protocol has received unprecedented security
>  review by the academic community.  Several TRON (TLS
>  Ready or Not) conferences were held with academic
>  community to give them a chance to present their
>  findings for TLS.  This has resulted in improvements to
>  the protocol.  There was also much consideration and
>  discussion around any contentious points, resolved through
>  polls and working group last calls.
>  Please note that ID-nits complains about the obsoleted/
>  updated RFCs not being listed in the abstract. This is
>  intentional because the abstract is now a concise and
>  comprehensive overview and is free form citations, as
>  per RFC7322.
> Personnel
>   The Document Shepherd is Sean Turner.
>   The responsible AD is Kathleen Moriarty.
>   The IANA Expert(s) for the registries
>   in this document are
>     Yoav Nir <ynir.ietf@gmail.com>,
>     Rich Salz <rsalz@akamai.com>, and
>     Nick Sullivan <nick@cloudflare.com> .
> IANA Note
>  This document requests the creation of the TLS SignatureScheme
>  Registry with values assigned via Specification Required [RFC8126].
>  This document requests the reference for several registries be
>  updated to point to this document.  The registries include:
>  - TLS Cipher Suite Registry, updated via via Specification Required [RFC8126]
>  - TLS ContentType Registry, future values allocated via Standards Action [RFC8126]
>  - TLS Alert Registry, future values allocated via Standards Action [RFC8126]
>  - TLS HandshakeType Registry, future values allocated via Standards Action [RFC8126]
>  - TLS ExtensionType Registry, the policy is changed in ietf-tls-iana-registry-updates and this will be reflected in version 25 of the draft
> RFC Editor Note
> Please ensure a reference is added prior to final publication for the
> text added in section
> E.6. PSK Identity Exposure
> of draft-ietf-tls-tls13