[saag] TLS IETF 105 report
"Christopher Wood" <caw@heapingbits.net> Thu, 25 July 2019 16:59 UTC
Return-Path: <caw@heapingbits.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B9E1120121; Thu, 25 Jul 2019 09:59:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=EbEnv5jN; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=MVARMt9Y
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VWfifOFPLLe2; Thu, 25 Jul 2019 09:59:55 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79A771200DB; Thu, 25 Jul 2019 09:59:55 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id ADDA52227B; Thu, 25 Jul 2019 12:59:54 -0400 (EDT)
Received: from imap4 ([10.202.2.54]) by compute6.internal (MEProxy); Thu, 25 Jul 2019 12:59:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:date:from:to:cc:subject:content-type; s=fm1; bh=5MhNRbD3VXHgGi7nHQPh67lfKUCXXMuNErEAwDCMk+M=; b=EbEnv 5jNuQ5azDsn3CGy6adV7dGxRbdf2+2XW/LMnwuwMejloNiWY0O4i61IHtOdgMDnR mPf/RULAyqqOE5L6KV5Bgarf7XBTJsH2eoMNBFEzmzp88LGJtAbgwYwWnowqKSGY DsThy0vP9WUZoSJt9DDwu5LrGDwvP038D5TlBPDc31G3VXGP9ZjjLYdZ22MULOmb gdmr4fCmpnGgSuBNVqqyFLf2XRw3e8EmKG9TPPxvHef8yQYUCWuX8cicxA8h3bfx 3JJWgC5jQErd3jHCp9ImKFyTz5iPUqiekuQts0/rH7ETceH+Kp+k3dM3u3WMnCQP ziDkYxAOdytC43XjQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=5MhNRbD3VXHgGi7nHQPh67lfKUCXX MuNErEAwDCMk+M=; b=MVARMt9YsteSmU9PVwJ0n2TybNhLYRVRdToxZ/pzBpxSl 7dnJUf0h2jVD0pcro0Q4573jFrNtZpANkhFABdNm3XeNB5s23iQlpMyoCnyRC0NP dEs1a7BMU2IkVqYmtOJYgiw7RvtiR0xczHKYOV/OzAK8mAv57BB1EDMrTL3OepTv 2jqZIELcO1lydRlKGsQK2U7IVWPYxivArb0Ed/RM1j2DG8R2Chj8859jMnAedY2w J82bZ4EL+k90jqpqVfHk6sdHXx8SY5m3XB5QtO7S9nZqDc6+yvnOmKkRJnXcYPM2 Yz5G0K3NlYBc53vyJOOL2FT2Zer9HJgfYvHw6/jAw==
X-ME-Sender: <xms:CuA5XR8ZC-svEotL-Lh5m-PDJ-9aHZLc7bX7odlDjKoFc7o8l1u7iQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduvddrkedvgddutdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkfffhvffutgesthdtredtreertdenucfhrhhomhepfdevhhhrihhs thhophhhvghrucghohhougdfuceotggrfieshhgvrghpihhnghgsihhtshdrnhgvtheqne curfgrrhgrmhepmhgrihhlfhhrohhmpegtrgifsehhvggrphhinhhgsghithhsrdhnvght necuvehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:CuA5XXhaq5jDx0yMfuu2a75TVsuG0hoBSdYlh0wyXpjqhWkMXOnzWg> <xmx:CuA5XeJy4oFhxGKsW0tICRIayCTgYVTdqfKzZKi7IXZNEizF8frU2g> <xmx:CuA5XYx_03hPFQnOH5zx9ZwMf9c0WIdsNUfRVCgfLwT6Y-2w2THk-Q> <xmx:CuA5XWscq3g49HcMa-Ee_4PEJ1KAuqPfuFC5kMDmOxzdOxYcH5wAwA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 3C3BF3C00A1; Thu, 25 Jul 2019 12:59:54 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.6-736-gdfb8e44-fmstable-20190718v2
Mime-Version: 1.0
Message-Id: <db18236a-437f-4750-b799-a0597fc6ba71@www.fastmail.com>
Date: Thu, 25 Jul 2019 12:59:54 -0400
From: Christopher Wood <caw@heapingbits.net>
To: saag@ietf.org
Cc: TLS Chairs <tls-chairs@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/6T5dhm2Ua2a0Y8p8C1fG-1Qa14U>
Subject: [saag] TLS IETF 105 report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2019 16:59:58 -0000
The TLS WG session met on Tuesday and Thursday. There are a few issues remaining for the delegated credentials draft. An update will be issued by September, which includes renaming to Delegated Authentication Keys, at which point we will start WGLC. Formal analysis will proceed in parallel, and the draft will not advance to IESG until analysis is complete. The WG signalled interest in adopting draft-lvelvindron-tls-md5-sha1-deprecate and draft-nir-tls-flags. Both will be confirmed on the list. The followup draft-thomson-tls-sic draft needs more discussion, development, and experimentation before being considered for WG adoption. The chairs decided that draft-camwinget-tls-use-cases was not appropriate for the WG, and advised the authors to seek AD sponsorship or an alternative publication stream. During the second meeting, the DTLS 1.3 was updated based on review from WG participants. There are three interoperable implementations. The draft will go through WGLC and move forward to IESG publication. Open issues in the Encrypted SNI draft were discussed. A small design team will be formed to focus on changes needed to resolve open issues and conduct formal analysis. The Connection ID presentation led to a plan to update the DTLS 1.3 and DTLS 1.2 connection ID documents. Document authors will work to update these drafts so both can move forward. The WG will consider draft-tschofenig-tls-dtls-rrc afterwards. cTLS was presented for informational purposes. Discussion, interaction, and collaboration with the parallel LAKE effort will continue. Hybrid key exchange was presented and will continue discussion on the list. TLS Metadata for Load Balancers was presented. It is unclear if the document should be worked on in TLS or elsewhere as a generic application protocol. Related work was discussed in the past in the HTTP workshop. The IESG and IAB will need to discuss where the work should take place. The HTTPSVC record was presented and received good feedback and support of a generic mechanism. Best, Chris
- [saag] TLS IETF 105 report Christopher Wood