Fwd: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
"Eggert, Lars" <lars@netapp.com> Wed, 21 March 2018 11:39 UTC
Return-Path: <lars@netapp.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B1D412DA27 for <quic@ietfa.amsl.com>; Wed, 21 Mar 2018 04:39:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netapp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L2aFlLw5OOTw for <quic@ietfa.amsl.com>; Wed, 21 Mar 2018 04:39:26 -0700 (PDT)
Received: from mx141.netapp.com (mx141.netapp.com [IPv6:2620:10a:4005:8000:2306::a]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63F34126DD9 for <quic@ietf.org>; Wed, 21 Mar 2018 04:39:26 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.48,340,1517904000"; d="asc'?scan'208,217";a="262685410"
Received: from vmwexchts04-prd.hq.netapp.com ([10.122.105.32]) by mx141-out.netapp.com with ESMTP; 21 Mar 2018 04:39:25 -0700
Received: from HIOEXCMBX08-PRD.hq.netapp.com (10.122.105.41) by VMWEXCHTS04-PRD.hq.netapp.com (10.122.105.32) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Wed, 21 Mar 2018 04:39:25 -0700
Received: from VMWEXCCAS01-PRD.hq.netapp.com (10.122.105.11) by hioexcmbx08-prd.hq.netapp.com (10.122.105.41) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Wed, 21 Mar 2018 04:39:25 -0700
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (10.120.60.153) by VMWEXCCAS01-PRD.hq.netapp.com (10.122.105.11) with Microsoft SMTP Server (TLS) id 15.0.1320.4 via Frontend Transport; Wed, 21 Mar 2018 04:39:25 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netapp.onmicrosoft.com; s=selector1-netapp-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=pO6dr0Hy7JDUm4+miBCbThlNA3f7D1SxmK6c2apuwMA=; b=jRteQ9rUVO25iBJQU7eIT8IZ0SF9L9cG2/ZIqvRHzXEomyXH3gaa++XBIvE5H28uYf6dDQn09/9r7YIALePUb2LPhzgtpL7xYR+MQc1841FTZRGZsBRjwq5ELWHb60mHh0TE4CNiwuTJpraQb0tyc4B/aZ0G5+1TmB8MOrUMyIc=
Received: from BLUPR06MB1764.namprd06.prod.outlook.com (10.162.224.150) by BLUPR06MB177.namprd06.prod.outlook.com (10.242.190.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.609.10; Wed, 21 Mar 2018 11:39:22 +0000
Received: from BLUPR06MB1764.namprd06.prod.outlook.com ([fe80::fcd6:68ad:7a0:55c2]) by BLUPR06MB1764.namprd06.prod.outlook.com ([fe80::fcd6:68ad:7a0:55c2%4]) with mapi id 15.20.0609.010; Wed, 21 Mar 2018 11:39:22 +0000
From: "Eggert, Lars" <lars@netapp.com>
To: IETF QUIC WG <quic@ietf.org>
Subject: Fwd: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
Thread-Topic: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
Thread-Index: AQHTwPvEz6RAIWNrtE+IHdr0a3NOaA==
Date: Wed, 21 Mar 2018 11:39:22 +0000
Message-ID: <1D79597D-9529-4ED7-A57F-3347BBDAF453@netapp.com>
References: <152162652269.6094.2447920700461328551.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.5.20)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=lars@netapp.com;
x-originating-ip: [2001:67c:370:128:4578:26d:325e:76b4]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BLUPR06MB177; 7:8TZwg3YDgpnuOZJSMMxjka6JSB6VNajPATo2tYs8qEFWaGpZQZ3V82hKcsycZ8a3NioRjmpivLPYiV8pcQ96ZpWSK0p3AhrqcaM2ldCNI0ZQavgkmanBGkauL8MDqcz6xLN5F+Cy7y2BlgHi97Qns5BdiKFpeLFHk7ZT4YYULjIwwvOdYKAqSOs4PswbAgOnF+y8Nhj+7MQzqGmXgjp3kqtJZ3xFtY8rJ9TaG+iv658OYdVkJgeXk+pkwyYh0gxI
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 07144558-2320-4f28-4123-08d58f20643f
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(49563074)(7193020); SRVR:BLUPR06MB177;
x-ms-traffictypediagnostic: BLUPR06MB177:
x-microsoft-antispam-prvs: <BLUPR06MB1776B9D6F01BA4429E639B9A7AA0@BLUPR06MB177.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(278428928389397)(120809045254105)(192374486261705)(85827821059158)(100405760836317);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(102415395)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231221)(944501322)(52105095)(93006095)(93001095)(6055026)(6041310)(20161123562045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(6072148)(201708071742011); SRVR:BLUPR06MB177; BCL:0; PCL:0; RULEID:; SRVR:BLUPR06MB177;
x-forefront-prvs: 0618E4E7E1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(39380400002)(396003)(346002)(376002)(199004)(189003)(24433001)(86362001)(2906002)(6506007)(36756003)(59450400001)(478600001)(99286004)(68736007)(106356001)(5660300001)(5250100002)(186003)(46003)(229853002)(102836004)(97736004)(316002)(76176011)(6116002)(15650500001)(606006)(6436002)(6916009)(81166006)(6486002)(236005)(54896002)(99936001)(8936002)(6306002)(57306001)(6512007)(2473003)(7736002)(966005)(3660700001)(25786009)(105586002)(14454004)(2900100001)(53936002)(8676002)(50226002)(3280700002)(33656002)(82746002)(83716003)(81156014); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR06MB177; H:BLUPR06MB1764.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: netapp.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: SwmPsUPghNxsAML/DmkSTkekVkqpJnpvq972ocAyhoD/Jj8cdX14WcOGikQohicgRUAdoYLqtoa3jZWg2CVnxaU2mnHIZ6czWkKLnedi9/orC1marjjk8hzEXiMWb5vezvhE/45ZuBGNjbBEFkJ7X3hjkH0/uqg9punrHHoqeMvqgbn8YguHSAM6uCuhl4kvJtx9jL2GLgsgJES7cIrdQ9+hmgyGkeemtxUZ5LQdGY7GBFN7g1mU2O3zTsEAVV/TAsodJ5a7h+WUuIfwNxIQrGhLS0ImUy5YGM5xDKWb5b4Iuwfqr0Dlk4++5yq7qrKXWrwems9WLk1Af0N1nt9Odw==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_B61FAA41-E036-4D4C-85A9-A5A15DB5EEAC"; protocol="application/pgp-signature"; micalg="pgp-sha512"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 07144558-2320-4f28-4123-08d58f20643f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2018 11:39:22.2166 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4b0911a0-929b-4715-944b-c03745165b3a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR06MB177
X-OriginatorOrg: netapp.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/G5r_QUOiyl_0zKORS0ESXOM5Pac>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2018 11:39:29 -0000
No more chasing TLS draft versions. Lars > Begin forwarded message: > > From: The IESG <iesg-secretary@ietf.org> > Subject: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt) > Date: March 21, 2018 at 10:02:02 GMT > To: "IETF-Announce" <ietf-announce@ietf.org> > Cc: tls@ietf.org, draft-ietf-tls-tls13@ietf.org, tls-chairs@ietf.org, Kathleen.Moriarty.ietf@gmail.com, The IESG <iesg@ietf.org>, rfc-editor@rfc-editor.org > Reply-To: ietf@ietf.org > > The IESG has approved the following document: > - 'The Transport Layer Security (TLS) Protocol Version 1.3' > (draft-ietf-tls-tls13-28.txt) as Proposed Standard > > This document is the product of the Transport Layer Security Working Group. > > The IESG contact persons are Kathleen Moriarty and Eric Rescorla. > > A URL of this Internet Draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/ > > > > > Technical Summary > > This document specifies version 1.3 of the Transport Layer Security > (TLS) protocol. TLS allows client/server applications to communicate > over the Internet in a way that is designed to prevent eavesdropping, > tampering, and message forgery. > > Working Group Summary > > The document is the work product of the members of the TLS > WG. There is strong consensus in the working group for this > document. The area that was most controversial was around > the inclusion of a 0-RTT mode that has different security > properties than the rest of TLS. s1.3 lists the major differences > from TLS1.2, as agreed by the contributors; we do not think > that the RFC needs to list the changes that occurred between > each draft. > > The draft has had 3 WGLCs to address various issues and the > chairs assessment was fair in each of these discussions. At this > point there are no known outstanding issue. > > While I personally do not agree with inclusion of 0-RTT because > there are bound to be successful attacks against the mitigations > in the future, I do agree with the chair's assessment of the WG > consensus and am pleased with the additional text on mitigating > the associated risks with 0-RTT. > > Document Quality > > There are over 10 interoperable implementations of the > protocol from different sources written in different > languages. The major web browser vendors and TLS > libraries vendors have draft implementations or have > indicated they will support the protocol in the future. In > addition to having extensive review in the TLS working > group, the protocol has received unprecedented security > review by the academic community. Several TRON (TLS > Ready or Not) conferences were held with academic > community to give them a chance to present their > findings for TLS. This has resulted in improvements to > the protocol. There was also much consideration and > discussion around any contentious points, resolved through > polls and working group last calls. > > Please note that ID-nits complains about the obsoleted/ > updated RFCs not being listed in the abstract. This is > intentional because the abstract is now a concise and > comprehensive overview and is free form citations, as > per RFC7322. > > Personnel > > The Document Shepherd is Sean Turner. > The responsible AD is Kathleen Moriarty. > > The IANA Expert(s) for the registries > in this document are > Yoav Nir <ynir.ietf@gmail.com>, > Rich Salz <rsalz@akamai.com>, and > Nick Sullivan <nick@cloudflare.com> . > > IANA Note > > This document requests the creation of the TLS SignatureScheme > Registry with values assigned via Specification Required [RFC8126]. > > This document requests the reference for several registries be > updated to point to this document. The registries include: > - TLS Cipher Suite Registry, updated via via Specification Required [RFC8126] > - TLS ContentType Registry, future values allocated via Standards Action [RFC8126] > - TLS Alert Registry, future values allocated via Standards Action [RFC8126] > - TLS HandshakeType Registry, future values allocated via Standards Action [RFC8126] > - TLS ExtensionType Registry, the policy is changed in ietf-tls-iana-registry-updates and this will be reflected in version 25 of the draft > > > RFC Editor Note > > Please ensure a reference is added prior to final publication for the > text added in section > E.6. PSK Identity Exposure > of draft-ietf-tls-tls13 >
- Fwd: Protocol Action: 'The Transport Layer Securiā¦ Eggert, Lars
- Re: Protocol Action: 'The Transport Layer Securitā¦ Spencer Dawkins at IETF