RE: Historic TLS Discussion
Nicholas Warren <nwarren@barryelectric.com> Mon, 22 January 2024 20:41 UTC
Return-Path: <nwarren@barryelectric.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D32A1C151986 for <quic@ietfa.amsl.com>; Mon, 22 Jan 2024 12:41:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=barryelectriccoop.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OcExPFtEJe-y for <quic@ietfa.amsl.com>; Mon, 22 Jan 2024 12:41:34 -0800 (PST)
Received: from BL0PR05CU006.outbound.protection.outlook.com (mail-eastusazon11013012.outbound.protection.outlook.com [52.101.51.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5477C151710 for <quic@ietf.org>; Mon, 22 Jan 2024 12:41:33 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YKaB7I+03J3NHFTC3NGK4kW6lRJFc7rvNzScBZ1COkoGw5I9bkBkZ2jJN6Gg+s2FOfjfK9GmLS9wqevHlgZKIDX9QvFAtPdjzIjdUUc0zVOR2PkxXeAEC2YbW1aMKriKkc3/26HJ2OPEBlmS/aCUzfHJ4KDD6sfIqz/trxh7XwjpoEGVlUSVaaOqXHQBA4PZTSQlsQ33E08Wt/MdbtII33v3M/NHmdO4+EWMAAl1JeRO6ye+fJdS/F6TJfYCnkOlQ6Yq+QPrEyvBSJcZc6EX16/QlNNdcstVU81ATZ8hVIejS3HCqNK99Llj2bt4WidASw+Mxs6NH83KZho5RDNzTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GvO8hGylpe1C5lnHzbsxBggItkXFaBB3BzvsNE2WyCM=; b=emY7IKQqt4e7p+pYmFKUAalyX28I4BeVB/y76W8fLijm0KJhB9SMbwhQwrXZQQgsz2L3F7m6en1+dh3UySt1qbleYtz2DpcMAT2iwmV0vmukGI0H5J79SZgxUPascjgzbDf4j5AG/NBtIQztx6+I8eFLbAqMLs08CuU6HJtuqtR0OqRT11WcABuZb9pM2NF31caVUK1GKuGtnckow7ta3zj0vwRkysxn91l/hPf1oQB62xbPI7UBsweUj5gjYxdbDzxuWNN7QbP7Fde4jyiD6loL1rz2zWjTMlPCEPfbs3hRfQFw1RyPsvlnYOtVdNBnYGF3Y9lCTRSW59Uuwyv26w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=barryelectric.com; dmarc=pass action=none header.from=barryelectric.com; dkim=pass header.d=barryelectric.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=barryelectriccoop.onmicrosoft.com; s=selector1-barryelectriccoop-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GvO8hGylpe1C5lnHzbsxBggItkXFaBB3BzvsNE2WyCM=; b=gx6xNIAb+t4lUuohRuPbSYAls8w3MfvnPzcQrqWkughI1mmnoKWwyVX3wL55ZgGblFNevynPHZG1dFIVzgwgVrgQt46gthUtw1Ppbc5zI1Dmz82QiE0WJQ8jjoybARbs9q1lEq95hMmB1k5RixJQfcXYYDbxSmAOXwH8ucpyJTo=
Received: from SA1PR04MB8561.namprd04.prod.outlook.com (2603:10b6:806:33a::17) by BL0PR04MB6547.namprd04.prod.outlook.com (2603:10b6:208:1cb::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7202.34; Mon, 22 Jan 2024 20:41:30 +0000
Received: from SA1PR04MB8561.namprd04.prod.outlook.com ([fe80::3181:2642:3e4f:8949]) by SA1PR04MB8561.namprd04.prod.outlook.com ([fe80::3181:2642:3e4f:8949%7]) with mapi id 15.20.7202.031; Mon, 22 Jan 2024 20:41:30 +0000
From: Nicholas Warren <nwarren@barryelectric.com>
To: Matt Joras <matt.joras@gmail.com>, Nick Harper <ietf@nharper.org>, "lucas@lucaspardue.com" <lucas@lucaspardue.com>
CC: "quic@ietf.org" <quic@ietf.org>
Subject: RE: Historic TLS Discussion
Thread-Topic: Historic TLS Discussion
Thread-Index: AdpNXkhoMyNk5CoDQ7S7vfzZbRW2EQAAffKAAAA9igAAA2AzEA==
Date: Mon, 22 Jan 2024 20:41:30 +0000
Message-ID: <SA1PR04MB8561574A21D536B2BBDF0C70BF752@SA1PR04MB8561.namprd04.prod.outlook.com>
References: <SA1PR04MB8561BABF161D2CF980526E56BF752@SA1PR04MB8561.namprd04.prod.outlook.com> <CACcvr==ik5+A-b5E2VsQGU4k42U7oAsJKNdaKXMANWY11Ae-4g@mail.gmail.com> <CADdTf+igvDGLoQvfD5gKKCR24xD9-NE_1FyWgDMQH5Dj=QxikQ@mail.gmail.com>
In-Reply-To: <CADdTf+igvDGLoQvfD5gKKCR24xD9-NE_1FyWgDMQH5Dj=QxikQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=barryelectric.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR04MB8561:EE_|BL0PR04MB6547:EE_
x-ms-office365-filtering-correlation-id: 4e0f5e19-f36d-454c-946c-08dc1b8a8389
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: DOu4EKFAl1ziyf+QUmrrq/GNVjBTlMsobJhiacVYUxRMfN1qSw5KzZJ816BWRU/3H4Tjn4atzoJrr78IV9+/cYV7kDCn1ikUyIqzH3YKkQ6wj833MBAocESzrtnDNbvTzDf8b+ywXstrJCVxX4N25CduEcM0evqKOohSNt7Yi4PX9IcaPosZfj9yyySrOvVjcQUtnJsE2Y7rbU8lc8VeR63Y8z3NSMbi6b9HMkRw8TNueAKwvZ3zhlALI7hDY6KuAcKslD9hN/XsVU0ysNYhUnwD48+Rid73jnbXt9h/p1HiRdxqXEfqxQtHefwis9VocJ/5hfyTOx5hdzswrxx96Eq1Uwdi7Nthaqa4wFhBNAHUPC3CsF0Zivf5l9s0VQfWkKgsGbgHA7e8ZzD9enTFWz0HlvrcInN2+XnX5jG75rmdW9uSQH+1HvmgcPvtFuBy4WzorxDoGhsHz7ghqaLHrYJbRgjgK11/EypIeCQOsnAnf9fYyv9trTqdQ9mxuJcP/XoEQH7PZjODitGPAmW918vHAG1ioUkRt2Y4TvNXLSC6EUpbAb/srp3fqLK8xxP+6RqvW55csuRnP7UheY3zBiSEacTihlQQS0xrkDy8RWaWbtuKYUUmCniKEn93mp8h
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR04MB8561.namprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(396003)(366004)(376002)(136003)(39840400004)(230922051799003)(64100799003)(186009)(1800799012)(451199024)(55016003)(66574015)(7696005)(71200400001)(122000001)(6506007)(9686003)(53546011)(26005)(38100700002)(86362001)(33656002)(38070700009)(41300700001)(52536014)(7116003)(3480700007)(83380400001)(5660300002)(2906002)(8936002)(76116006)(4326008)(110136005)(66556008)(478600001)(66446008)(8676002)(66476007)(64756008)(66946007)(316002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: lT+0AbNTX84R59v718/lCHr3deLmFo454BLSEJ/fB7NzrhzX/KaicPj3aT+Tk57EDPjLgh14SUnI1eI9swDl4lZcqaHf+MbPdBf4Fl+0ui8puB/Kfg3XbfCpily77haZlz2RSQ9J43tEZ/MFIVWqaB8EdpoEotTyAAU1RmNyJ+b4aIojtYKxvjYpFGbeim+R13AbADji/Eakb99oWZwseZFAX+Mw2Qhg5SHNMSRFPXo/M4s7NX7Jji31AA80C+NPqZwYKoZB+lLfL17SxabnW5f5qemQAZaBLusZ5sDZLeoxUR0aMkhlv9NtwXipioRIj9I8LppHGes4odPwgg2AehehF+g4+iH1rr8DEjjKwn4Sr736d65eYa2al/Gy7TgD+C+YQOkuxdqPxt+gPUQGp196yGeJ4m8v2uftLzKcKcUFhSP4krf28ziWku3s7v5ncWtCDwNcJV1gZ5NQx+CjvvBMyB818KDGX70Mk/4GDolifLtCgfJ7BREG+wO478RjhoBFgfCOxXE10KPH6xqDE/AO+5CruU8RCJxMXY2i+pYlaJN1NR4Exes34AZ6ltMyQ9fjTZgDCe5LL0lAhY6ycKcgeG7FybTlEeyQ9f0RF2090GvdQrm9jxGdg21i5qIJTMs0diLq4PHQSPyaIthXfzz02NSOLi2pv4loRe+o7l3zgPBSHg4VlK2NMEx3w7QDGuKpyhgv7Ti7kn2zgxMn669ZZz6ahsgB1LcRqkqn+y4ThUcm29kPkEtfr0WIZwr+VXozCpVIm369eSEcnkEnxEsmXHVoMIy9nISadvqiASD2D0MYu25QTGY1EODDju5MNcDYA0GaElMlpEJooZx1xNTD1J1J5ydA/GbmPib7nYpfP6qxPuZRf4TjADHqY66G60GzQLD19o0N9a6rSOXZjJ3UqhN9MhXwtstMvqiFYSrIbduzQNnGFIALcqlemEUsYtHJjHownDvx+RQWyZWfgQ20L5RHzCsqxbXkTEz1OsQ+yhhTRTOn0/FiqL56J8ZdZEphuFP9BUs5zJa0LaK5qp4UZelnI5epH4uFBtEOt8rYJts5DxNVxLaNitVmLLN8dKu7ur8bBbBiYS75TZ7WAMw+XLKLY6oAO2YOec1oHvizJU32F9yPatHIuTJjVslJ4HBjy9U6d5vyh5SgyOn2A/RZrUaSpHCdZSdATCzssNN6uS28SMPjR9iRrJC67QzEV9TfUoqPh+S+fQfsr5S98W1bKQQ7Ed//RBxKrgOpuSg2tmlmpuijf/AnE6CYKieR5hup24tgQ8nmzQyFKVfMrtCLMbVuq/dzfhMAGhWWHdYG4GeXYH2WT3zQXUWSSPLeIwmvhJMY5u+a4GKU+2/+a+zjlkjkWD/5qpnKe7LSPw7DEaakyzbNdvayzB0fIcPrX1H4CQijK+b5ca9bXcqmYNuQ99cWgjbue/OGp6GMay5iv8WNwKXkPBhVkURVA19OHu43abq1SjadlRl0B83vnLsM003VxUK306Tz6aEVA9I/ngazWIp6TeKjP3XYSotEvEwcKN+r/9O/Rr/4aGYSneNsTLSOMSpRDMYLWznUJtfU5yE61IVLLwWAxCA+WIOy
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: barryelectric.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR04MB8561.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4e0f5e19-f36d-454c-946c-08dc1b8a8389
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jan 2024 20:41:30.5516 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4c1cc0bd-23cd-45a2-879e-6826f484c56f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ROk/otCY2pD8uYI/QPWNZmSw3XfuNbYr+bFmrsrMHwWTeOHR4467VmjePIwLAEIW1aBUZVOglGAN3uqHZ3dlNQKQfZfD8k9YtmdEWj0dObY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR04MB6547
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/QX7-jm1KiZ_zTaZaQ08lSfD91bY>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jan 2024 20:41:34 -0000
My curiosity stems from two parts. The first is that QUIC, except mandatory TLS, seems to be the most attractive "out of the box" transportation protocol for a personal group project (vs. TCP, UDP, and SCTP). Our desire for plain-text communication is because we need to watch the communication. The second is slight concern that what became of TLS 1.0, 1.1, and 1.2 will become of 1.3. How will QUIC be updated to TLS1.3's successor? Lucas hinted that it's possible to swap out TLS. The answer to this concern is no doubt in the documentation you've worked on. Personally, I think mandatory TLS will be fantastic for internet traffic. I will be watching Martin Thomson's overview, thank you. -----Original Message----- From: Matt Joras <matt.joras@gmail.com> Sent: Monday, January 22, 2024 12:31 PM To: Nick Harper <ietf@nharper.org> Cc: Nicholas Warren <nwarren@barryelectric.com>; quic@ietf.org Subject: Re: Historic TLS Discussion (no hats on) What Nick says matches my understanding. Nicholas, could you elaborate why you're asking? I.e. are you curious _why_ QUIC mandates TLS 1.3, instead of something else, or leaving open the door more explicitly for something else? On Mon, Jan 22, 2024 at 10:25 AM Nick Harper <ietf@nharper.org> wrote: > > That discussion would've happened during the WG formation. That QUIC uses TLS has been in the WG charter since the first draft that I see on the datatracker, and the original approved charter calls out a key goal of "Providing always-secure transport, using TLS 1.3 by default." > > On Mon, Jan 22, 2024 at 10:12 AM Nicholas Warren <nwarren@barryelectric.com> wrote: >> >> Hello quic wg. >> >> I am curious about how quic seemingly mandates usage of TLS (rfc9000 section 5); albeit I have not completely read quic-tls. >> >> Does anyone remember when you all discussed this? I was hoping to go back and read the archived list from when the discussion had taken place. >> >> Thanks, >> >> Nich Warren
- Historic TLS Discussion Nicholas Warren
- Re: Historic TLS Discussion Nick Harper
- Re: Historic TLS Discussion Matt Joras
- RE: Historic TLS Discussion Nicholas Warren
- Re: Historic TLS Discussion Lucas Pardue
- Re: Historic TLS Discussion Marten Seemann
- Re: Historic TLS Discussion Martin Thomson
- Re: Historic TLS Discussion Christian Huitema
- Re: Historic TLS Discussion Hugo Landau
- Re: Historic TLS Discussion Dirkjan Ochtman
- Re: Historic TLS Discussion Willy Tarreau
- Re: Historic TLS Discussion Marten Seemann
- Re: Historic TLS Discussion Martin Thomson
- Re: Historic TLS Discussion Christian Huitema
- Re: Historic TLS Discussion Stephen Farrell
- Re: Historic TLS Discussion Lucas Pardue
- Re: Historic TLS Discussion Willy Tarreau
- Re: Historic TLS Discussion Martin Thomson
- Re: Historic TLS Discussion Mikkel Fahnøe Jørgensen
- Re: Historic TLS Discussion Ted Hardie
- Re: Historic TLS Discussion Nick Harper
- Re: Historic TLS Discussion Jim Roskind
- RE: Historic TLS Discussion Nicholas Warren
- Re: Historic TLS Discussion Jana Iyengar
- Re: Historic TLS Discussion Behcet Sarikaya
- Re: Historic TLS Discussion Paul Vixie
- Re: Historic TLS Discussion Stephen Farrell
- Re: Historic TLS Discussion Christian Huitema