Re: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Wed, 21 March 2018 14:49 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5265F126DED for <quic@ietfa.amsl.com>; Wed, 21 Mar 2018 07:49:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ckKlA3hks03u for <quic@ietfa.amsl.com>; Wed, 21 Mar 2018 07:49:24 -0700 (PDT)
Received: from mail-yb0-x229.google.com (mail-yb0-x229.google.com [IPv6:2607:f8b0:4002:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FC91126E64 for <quic@ietf.org>; Wed, 21 Mar 2018 07:49:24 -0700 (PDT)
Received: by mail-yb0-x229.google.com with SMTP id v66-v6so1805726ybv.2 for <quic@ietf.org>; Wed, 21 Mar 2018 07:49:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=w0hxJcH4fhpVIGGlTEABez9MFFr8yIkoCWqP+psLvUo=; b=MyPNVQU/ly6Z5bX5X+gDj4voObQgXRJJUILbbgHnWyJSWL0DtNW68do7qSLkqwMwtU 9hyJLsRVT/JGNR90ObN2b4A6qNdW7p6XxlVLwVOIbVU4bE74y9muJu30b/mkDQ+3UoXQ 8e06NyZUPWnFD2GrDG347ITEBk9G0E2TgA6HPSHBvvHme7xA+2aeptP5lNMTfW4t/ByV 0LU+vIvnON2041y3EZD85ipdt9eWRvJWG4riw5HLGIB7j05z10U5OjpX0S9+UN9Msqsk jVcIPMpncjazpGkEHOrAK6Yo3ELhVqTZtu138NtzE66t7AbZIOQmlUTvJr/46sYhyjnY AKyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=w0hxJcH4fhpVIGGlTEABez9MFFr8yIkoCWqP+psLvUo=; b=T4PIxg2u5WiBX8eMo82lRPDcaWy+eR2yOmFj6hqyzVQiUMZEjXQKbqDvMJ6DuUWzh/ aOqBTLjk5pSfaWlEXELnEXeRIhdWU81nX2xC5dYz+f4hXi0RAPbytw47/7/BOnwMoWK1 TxpG905glmPQOI5deE4E6ivI1UdAzY6GF3hJpTac3G2R/La5LyKOEY1Oyi4JFWtg5GWF C0zxJ/RiXIXGlwcs4Oni0An/p64PYR1RTr3clLl5ZToqSo54Vx+mlTzTom6yhjLmAsys A785CDAkyhyIBt0UPxFlftAmpFmRoPkmVNvwiUz7RGuxYaJleUj0iMxO0cKjKAyG4X9m Kmug==
X-Gm-Message-State: AElRT7H4PHST1w9l1o4/JYqaQfFEXpqAd6hOQBLZvtzLGXGXdP4zsXZP D+mupXEHsFWzDW+fUUYt139DaaAf511R6fekxgo=
X-Google-Smtp-Source: AG47ELtWEQk68fvs+OK7I/TM9OmDuyab3jbBSrlVlLomLDei17Otxqn2o76gC4aBTcQd267mkKEeSHYhT2euifWVtD0=
X-Received: by 2002:a25:888c:: with SMTP id d12-v6mr12203304ybl.110.1521643763418; Wed, 21 Mar 2018 07:49:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a25:e757:0:0:0:0:0 with HTTP; Wed, 21 Mar 2018 07:49:22 -0700 (PDT)
In-Reply-To: <1D79597D-9529-4ED7-A57F-3347BBDAF453@netapp.com>
References: <152162652269.6094.2447920700461328551.idtracker@ietfa.amsl.com> <1D79597D-9529-4ED7-A57F-3347BBDAF453@netapp.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Wed, 21 Mar 2018 14:49:22 +0000
Message-ID: <CAKKJt-eVmaomactHTB-ze9E3Hr_B9L1svi5M6ET1kOh_hgp09w@mail.gmail.com>
Subject: Re: Protocol Action: 'The Transport Layer Security (TLS) Protocol Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)
To: "Eggert, Lars" <lars@netapp.com>
Cc: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fe4cc10567ed4b35"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/uzZ1UBHGspphbgMLomN16rubinw>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2018 14:49:27 -0000
On Wed, Mar 21, 2018 at 11:39 AM, Eggert, Lars <lars@netapp.com> wrote: > No more chasing TLS draft versions. > One of the TSV ADs is happier than the SEC ADs about that ... Spencer > > Lars > > Begin forwarded message: > > *From: *The IESG <iesg-secretary@ietf.org> > *Subject: **Protocol Action: 'The Transport Layer Security (TLS) Protocol > Version 1.3' to Proposed Standard (draft-ietf-tls-tls13-28.txt)* > *Date: *March 21, 2018 at 10:02:02 GMT > *To: *"IETF-Announce" <ietf-announce@ietf.org> > *Cc: *tls@ietf.org, draft-ietf-tls-tls13@ietf.org, tls-chairs@ietf.org, > Kathleen.Moriarty.ietf@gmail.com, The IESG <iesg@ietf.org>, > rfc-editor@rfc-editor.org > *Reply-To: *ietf@ietf.org > > The IESG has approved the following document: > - 'The Transport Layer Security (TLS) Protocol Version 1.3' > (draft-ietf-tls-tls13-28.txt) as Proposed Standard > > This document is the product of the Transport Layer Security Working Group. > > The IESG contact persons are Kathleen Moriarty and Eric Rescorla. > > A URL of this Internet Draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/ > > > > > Technical Summary > > This document specifies version 1.3 of the Transport Layer Security > (TLS) protocol. TLS allows client/server applications to communicate > over the Internet in a way that is designed to prevent eavesdropping, > tampering, and message forgery. > > Working Group Summary > > The document is the work product of the members of the TLS > WG. There is strong consensus in the working group for this > document. The area that was most controversial was around > the inclusion of a 0-RTT mode that has different security > properties than the rest of TLS. s1.3 lists the major differences > from TLS1.2, as agreed by the contributors; we do not think > that the RFC needs to list the changes that occurred between > each draft. > > The draft has had 3 WGLCs to address various issues and the > chairs assessment was fair in each of these discussions. At this > point there are no known outstanding issue. > > While I personally do not agree with inclusion of 0-RTT because > there are bound to be successful attacks against the mitigations > in the future, I do agree with the chair's assessment of the WG > consensus and am pleased with the additional text on mitigating > the associated risks with 0-RTT. > > Document Quality > > There are over 10 interoperable implementations of the > protocol from different sources written in different > languages. The major web browser vendors and TLS > libraries vendors have draft implementations or have > indicated they will support the protocol in the future. In > addition to having extensive review in the TLS working > group, the protocol has received unprecedented security > review by the academic community. Several TRON (TLS > Ready or Not) conferences were held with academic > community to give them a chance to present their > findings for TLS. This has resulted in improvements to > the protocol. There was also much consideration and > discussion around any contentious points, resolved through > polls and working group last calls. > > Please note that ID-nits complains about the obsoleted/ > updated RFCs not being listed in the abstract. This is > intentional because the abstract is now a concise and > comprehensive overview and is free form citations, as > per RFC7322. > > Personnel > > The Document Shepherd is Sean Turner. > The responsible AD is Kathleen Moriarty. > > The IANA Expert(s) for the registries > in this document are > Yoav Nir <ynir.ietf@gmail.com>, > Rich Salz <rsalz@akamai.com>, and > Nick Sullivan <nick@cloudflare.com> . > > IANA Note > > This document requests the creation of the TLS SignatureScheme > Registry with values assigned via Specification Required [RFC8126]. > > This document requests the reference for several registries be > updated to point to this document. The registries include: > - TLS Cipher Suite Registry, updated via via Specification Required > [RFC8126] > - TLS ContentType Registry, future values allocated via Standards Action > [RFC8126] > - TLS Alert Registry, future values allocated via Standards Action > [RFC8126] > - TLS HandshakeType Registry, future values allocated via Standards > Action [RFC8126] > - TLS ExtensionType Registry, the policy is changed in > ietf-tls-iana-registry-updates and this will be reflected in version 25 of > the draft > > > RFC Editor Note > > Please ensure a reference is added prior to final publication for the > text added in section > E.6. PSK Identity Exposure > of draft-ietf-tls-tls13 > > >
- Fwd: Protocol Action: 'The Transport Layer Securiā¦ Eggert, Lars
- Re: Protocol Action: 'The Transport Layer Securitā¦ Spencer Dawkins at IETF