[secdir] Secdir last call review of draft-ietf-tls-tls13-24

Rich Salz <rsalz@akamai.com> Fri, 16 February 2018 13:56 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C83412D887; Fri, 16 Feb 2018 05:56:12 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rich Salz <rsalz@akamai.com>
To: <secdir@ietf.org>
Cc: ietf@ietf.org, draft-ietf-tls-tls13.all@ietf.org, tls@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.72.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151878937218.4977.11435268279455285944@ietfa.amsl.com>
Date: Fri, 16 Feb 2018 05:56:12 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/e5lcf-Xtrg2ZL82F3b4bQP-b0oU>
Subject: [secdir] Secdir last call review of draft-ietf-tls-tls13-24
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Feb 2018 13:56:12 -0000

Reviewer: Rich Salz
Review result: Ready

I have discovered an elegant little proof that shows TLS 1.3 is not secure,
unfortunately I do not have the room to fit it in this textbox.  I will send
email tomorrow...

No, seriously, this protocol has been designed with the help of world-class
cryptographers and academics. It has been analyzed with verification tools.  It
has been tweaked as necessary to get around middlebox ossification. It is
available in two highly popular browsers and at least one widely-used open
source toolkit.

This document is READY.