[saag] tls@ietf110: saag report
Sean Turner <sean@sn3rd.com> Thu, 11 March 2021 12:14 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA6F33A1A9D for <saag@ietfa.amsl.com>; Thu, 11 Mar 2021 04:14:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l98B8hY95VGB for <saag@ietfa.amsl.com>; Thu, 11 Mar 2021 04:14:55 -0800 (PST)
Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DFAE3A1A9F for <saag@ietf.org>; Thu, 11 Mar 2021 04:14:55 -0800 (PST)
Received: by mail-qt1-x830.google.com with SMTP id r14so919964qtt.7 for <saag@ietf.org>; Thu, 11 Mar 2021 04:14:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :cc:to; bh=tU+tyEAIMLx08Wqiv9sY3Da7sDn9ECu42bjTzakz4S8=; b=dOvg5BdFnOylQM4SIL/YE/fWhdKOvbg1HZhSOoivfRFc1claVF0vOyj1APBjnw49Um 34+FatTnJzShwN3rvB/hlrMwTprwEegCl/fnvWuYpz2XpMQYvo05sA5EQ3d2ZoZnJYwc MaZ7+282KPpLX/QYfjY0CAsPb0vTIUuTkSLgM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:cc:to; bh=tU+tyEAIMLx08Wqiv9sY3Da7sDn9ECu42bjTzakz4S8=; b=n5hTcm0q7/aCiupK21njVcl5whOLlYDfMdlIle4xW/ZmQ16MVAz8nGz8BEA7Ax8AO6 PAxVdAy1oKAsDilS5Z06kbMi/UbRotHCKL1zJag1TCgnXLGfTkfH3BKHD3IjLq73aqaF Kc6J2639HwCZZE0yJ+xGy3CXOOzmETYjFDWPXQEVO/YxtzPq/b3z/CC2yL4A+VSqh2eT qww+m7qOre8m+GBalLBHc1cCsj+eFGV0qy9dKa/q2JnlyT5q2vS2gfcms0HayzZiEqTN 4/drtbu4bt8CvQdKkusPbQDWcDfM25fvcT/0J0jssn4d0CzmdExjWCwTAJ9RnTm746oM j1cg==
X-Gm-Message-State: AOAM533n1TXExggGl0/b8uDPrOJ9hqkW5npKtF1H8hUd0b9FgeWQlfNs Dz/dMi9QJ0zuD7VaL/I+TPuGlLGnQ3DxsQ==
X-Google-Smtp-Source: ABdhPJyXSkQffgufY2ZjF44+Dc42BDM9E7Hm5GKQN/iecYq8av3OzxzOBN4BzmqV7ACssqJcYbd6Hw==
X-Received: by 2002:ac8:7611:: with SMTP id t17mr6697976qtq.361.1615464892900; Thu, 11 Mar 2021 04:14:52 -0800 (PST)
Received: from [192.168.1.152] (pool-108-31-39-252.washdc.fios.verizon.net. [108.31.39.252]) by smtp.gmail.com with ESMTPSA id y1sm1721846qkf.55.2021.03.11.04.14.52 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 11 Mar 2021 04:14:52 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
Message-Id: <D7C71D3A-E5BA-4A8C-AF66-A26BC1EA7FC4@sn3rd.com>
Date: Thu, 11 Mar 2021 07:14:51 -0500
Cc: TLS List <tls@ietf.org>
To: saag@ietf.org
X-Mailer: Apple Mail (2.3654.60.0.2.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/cQNVyra3WAqHbSMsmOUpvv-mqgs>
Subject: [saag] tls@ietf110: saag report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Mar 2021 12:14:57 -0000
There is now an automated TLS interoperability site, heavily influenced by the QUIC interoperability site. It us up and running. Get your implementations in now! [1]. ECH is still a thing, getting implementation experience [2]. Will schedule a meeting in the coming weeks to continue discussions. 8446bis is moving along [3]. There are few open issues open to resolve that will result in another revision. Once issue that will be moved to an 8447bis is the idea of adding more nuance to the definition of the “recommended” column. TLS Proof of Knowledge needs some work [4]. Deprecating FFDHE cipher suite is under considerations [5]. The subtleties will be discussed on the list. Opaque with TLS, which based on a CFRG I-D, was also discussed. The intent is to combine password-based authentication with traditional PKI-based authentication. [1] https://datatracker.ietf.org/meeting/110/materials/slides-110-tls-tls-interop-runner-00 [2] https://datatracker.ietf.org/meeting/110/materials/slides-110-tls-encrypted-client-hello-00 [3] https://datatracker.ietf.org/meeting/110/materials/slides-110-tls-rfc-8446bis-00 [4] https://datatracker.ietf.org/meeting/110/materials/slides-110-tls-tls-proof-of-knowledge-01 [5] https://datatracker.ietf.org/meeting/110/materials/slides-110-tls-deprecating-ffdh-revised-00
- [saag] tls@ietf110: saag report Sean Turner