Re: [secdir] [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
Andrei Popov <Andrei.Popov@microsoft.com> Thu, 14 July 2022 01:20 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7F3CC14CF10; Wed, 13 Jul 2022 18:20:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.681
X-Spam-Level:
X-Spam-Status: No, score=-2.681 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4-rrtKmVOr2h; Wed, 13 Jul 2022 18:20:37 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-centralusazon11021021.outbound.protection.outlook.com [52.101.62.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6A12C14F74A; Wed, 13 Jul 2022 18:20:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PZXe9+rb3NAuzvgXA9WL7j52LQ82lFQhWiL9GH5oE4qJapBmL48HzPCnMJKFayccI7Hn/ZDJTDvQXu+F74mcPv7AtqYoK5Ru7Muor6GpiIz8QbO8pspdaHKY5kS+lhMhmRRvVYDlOqRqFnOyIdRqwmhVj/Q7ilnShMXRn4o+T79bhFrSTrW+0dLdcI2vpA4UM/24HWyrtETrjfACtesY5n+5YOA7Mo+KQc5dj3vSR8iNJh9rrTPUdSQYfcOawr+/rbWenN5dYzCf10gHeyLBD+33w9oTDI2pY5uHKJI88Bo4LrXwibuLaI2uWQwPC6RnaauUzaMfzqUBNcQyo8kFpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pfTV8ZclU26iQqeAeAkEqPLIOPw2yQao20v8B5ebklQ=; b=H9++xaLPLI3iF1jtNB8+SSg0eBJQN3s0uoyjFArPj3FaAcNjB+nJRFJUlBZiH32h51vdSXBlnnWdoGiCIHrdXu+LRLTnpm8BYw4r0ROL5ikPSv5bjo23MtPYmVjboOQ9VC+e6BmMgHZ6g0Up0wgjkAZL1qyis/WzNNcblfiZy7HAJDOLFG1tmtqJ5meHp3NLVhkKCvccX2xcJfau9du9XA5uo4kZChyhItBKOm99ryBb39pSyCBQf573XUAVEHZsxm6uHSG+NhEcjC3yz9ppx/KGodZA6+J/g3X4+J0Ja6NIRq/+uZUDVKa2El4Mj4dCOypO+JBF/f7zuOfKxRwNTA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pfTV8ZclU26iQqeAeAkEqPLIOPw2yQao20v8B5ebklQ=; b=iNFO4M84NCbvX6v/xa2LksY6xsDgwbzEKPwTPJ8gTDtNQE3cnTKr7WaoxmPL0R/x4h5UNLmWRs+enEMfUSrTT+Nm1KWTSendFMbcb3kef1CxsPiHfw3QvknustEuHxD3Phn9bV2hy53mLiM1F1KBAWhiTDUKl1uJ0hnp74OHebg=
Received: from DM6PR00MB0715.namprd00.prod.outlook.com (2603:10b6:5:21c::13) by SA1PR00MB1220.namprd00.prod.outlook.com (2603:10b6:806:193::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5474.0; Thu, 14 Jul 2022 01:19:41 +0000
Received: from DM6PR00MB0715.namprd00.prod.outlook.com ([fe80::3886:eed5:e178:ed5]) by DM6PR00MB0715.namprd00.prod.outlook.com ([fe80::3886:eed5:e178:ed5%4]) with mapi id 15.20.5480.000; Thu, 14 Jul 2022 01:19:41 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Rob Sayre <sayrer@gmail.com>, Peter Saint-Andre <stpeter@stpeter.im>
CC: Benjamin Kaduk <kaduk@mit.edu>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-uta-rfc7525bis.all@ietf.org" <draft-ietf-uta-rfc7525bis.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
Thread-Index: AQHYlvunF4U7CjHp1EKrus9GGnJC6619EP+w
Date: Thu, 14 Jul 2022 01:19:41 +0000
Message-ID: <DM6PR00MB0715F1C5CE89B4510A3D49898C889@DM6PR00MB0715.namprd00.prod.outlook.com>
References: <165766858084.5251.12485129434316295805@ietfa.amsl.com> <b24e2934-200f-4f80-5261-aa2a977da39b@stpeter.im> <CAChr6Syq+uOTJsvqWuSustq_HdTaXCtDepyCuRWx+jGoEB06Fw@mail.gmail.com> <CAChr6SzkAmbjGK4XOwPkSwssLoG4NW1yG-6b2aFdFr43yF2zwQ@mail.gmail.com> <6C6CAD83-5387-479E-A1D0-9FCCB0CD87FB@akamai.com>
In-Reply-To: <6C6CAD83-5387-479E-A1D0-9FCCB0CD87FB@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=f7dc74fe-1829-4948-9cc3-9501d3683dd9; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-07-14T01:17:27Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d2655357-7f15-4ef8-4d43-08da6536edc7
x-ms-traffictypediagnostic: SA1PR00MB1220:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6qD9VH4F9JTi5Dumn+3rRjAwjWuDbNCXmaKgB2VvaR/ZgsYHtZ9hI/qQQflQidID5YPX3E7l4gd8NjHa6n9LE1V5FXMKh7zV6HuV2zcYvDJiVjVuEegFPCSdglbhClhzkqZ2UPl6iU+Ac56Qyg1tqAbHi+0I4SOQef6kd9dza8S4YSvzyg2C+1xXd5BFBU8dJkbXSE+qGg5lwqv8Mui6sPG0Ye63p3G4ZTqPgT+2jGZETgwS7RckC/fG0NO95qqeQiVFCjENIYYhxS7+R8jJ6j5PTs/WgfxDkF6tBgD+ReY26R18dU6d/msP9W+IvbnIAuWMcJhdnIS8SIOgMg8cxmSrz0y4lib14MFNYbmNbZskVDeZlhqTEeKRgXbVLwownZdND7lcQ5++4tvGdin8vy7VeOksXYcipCAyMVxWK10GFWiRi88fEH82Kc1Amzb+LmE5iR7EjiRBBk7Wm8VCZj+nsyrbAZrKX9sHPiDZfAhPud4+hbvnCLPigyMzp9HHtpcHd5yB9GOjM8rj4iRgtedPCAfrDg6Kszn4B3fKQfPmqVEmUwuWgqyZteKSy8i3POl6dsETysfM9euW2OiMm7/36L2D+Mh2MFz4XkhvxexeWZwLebejnLVD3ZMBJvnB3xI2SMIThcrCJGi5JxVGSrHKZ6YCR0bCJphGe04RGJFoR6ug4i30qxjut9GPsM497KdYPyW9HIFGt7gbocFsWk9W//46x3d8Ktnbyq/SGxp3FvQKB8R0Rtv//ohgk6FpB7SY/k6+OamswwK1JSYdUA38B3rhjFrLcEs6x3VSzEe9GQDXjQQ0iW3SW+9JbUec6oGwOl/KJbVkde9VwLVhES9muEyMx+B7E6LyZCyqCAXIJRQjlkK4fN1xXv09/mEM
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR00MB0715.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(346002)(136003)(396003)(39860400002)(366004)(376002)(451199009)(76116006)(4326008)(86362001)(38100700002)(122000001)(38070700005)(66476007)(66446008)(64756008)(8676002)(55016003)(82960400001)(66946007)(66556008)(82950400001)(6506007)(41300700001)(7696005)(9686003)(71200400001)(316002)(10290500003)(4744005)(2906002)(52536014)(53546011)(8936002)(8990500004)(110136005)(54906003)(5660300002)(33656002)(478600001)(26005)(83380400001)(186003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: d0jOBgajEtV3Q7SgsklL/wjVjCFVx7uy63HyoLcyEGVjK39TQLvGi+ePiNzlkoDtYhdgLjopQEq3iPlPD6zcHo3Fu1luy7FeqhLRmXDRREB+rXA82Yolbqf26F3CSwcRFu68muyYDlhtzEepCmFk6UvaZzeqByyZcgQTucMxXzubObiVYyzC2wumT2BdNDde809xtgBJWkr+LWq0b5N8jLoIBjhcC/thruyq21p/5/AgzhaBF7GbPWEGwr0SJMcoFVR7SeeFJpRdhDa2WOKc4HvSQnWC8wQwvP0fnSk9PJCN0X7CJqbsxknr6gIAxjP/zMbKXaWcSWoVNwBo8T8lak1E7hbb7bstkKaPIIlly91ppIqrrE7H3HPmu5sET2peLOS2prRMJEtiq4mKd2mBGOjvT4svAeqm+1eVxZf/peuPX+TEPznXboJrnLfld2oqkIsiOIlY5wyFK9eE7XsLZl8EGJnXHjiz1aAvPJ37HL5Iylkn/euK5pAq6s4/ZjFr9ZIPVpa+98dMmXyVgeUm9TRFM69IPsZVy6OqkKfsL+clBi7kHJ9d9EMParjycpDXR3c/kWR7UUZXkMPGw5K/oYIL3sDw5U6Tbj+vbyOBF1c0MiRuCyOkYGcKtd2PcNeDESpyVadsRsgpnpBMLugS5y2he+6rt7ppaHz4gEQThhsCEBOYg4GSrh4/B0noWOW/2RLtUZJvfV7wgJfjyJ/SfeI/3e/6BENLHaPhraXjVXpeEkeQKSVGFxXBsk6xNVJeqmDHU8jDS3nVPzUAJbEoAFSz+bd0qyU2X4iWZBKvmVBduQaB9N+vqVA4ikulR6g8y8iwNZm+wfJgv9ONhmaXQB0jOmidK4AC8yIQjZa0Ur0CyV2SPOiM98HYMr3uVGJ7qF111LMVGUpGnCFXC0gJ/4OdeZ8oBX4H9IKr26pP3QGo1NlcRaqrWd/fTKrIElXfnBHBHc+YGZ2jlKsZblSuSQxRqDx1ou+JjxJ2Ngq91VsSD+1KVLwR9x59OpBaVbjg/9N6XEBER30E+lbKhHRfn0LctI3ZPrjJUOhY/MNVN7lLhltRDbmLBQocEb92XPq/KF87Mzd5bM9XWK6FBnwhJ9fsD7TXpOPWppD8Z1M3VJBGgDOIQVtCFBGXSI7UQ1a0jbJSfFxjn+ZLOT81eugZgo3lbmFsJLUHi7ZL9H2DbfLWnRFlsdgZZO4WrYOnE71J9XSVopbqiJHMiAvsN+LDwBrZmw3gwLfHWznCPpGY928hkmp12BMHOp5eBQcwH3kgTNumR2rQSioRK2P8MRXP3GCBSwdzZ7490ywa8eZMHVY+gGujRmqlmU3GPUopf4Dp+yHHtCIPM2QfRJTB8FqVbYZjXpwRu+P/4MGVIpfad2yFLorbqa2CvLdQhh8sEr8TUZpCGvr4OwSYz86id4zXQmUyrFl+2NVCtoeJq01lw9euLEsvPxlvZiBFYBQnyDI/+NzuA0wWyrDuKOzUA4lqQxTbWFjD6GDED4cL254caz89i1hBpIkknuVVwT1MIWPj9V7iqCGW8YEqYEmaSk+vASK7mj6+OrHwwb8vr5JtrBQWui/VPkA0XwXkiDa/L1ks
Content-Type: multipart/alternative; boundary="_000_DM6PR00MB0715F1C5CE89B4510A3D49898C889DM6PR00MB0715namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR00MB0715.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d2655357-7f15-4ef8-4d43-08da6536edc7
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jul 2022 01:19:41.7622 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8pvJT6XNGWUzNo7nMrD2IDJWQzF1GDROUSOu+3NeJKGpKrbC8vJ1cHis/YOn/7xJr2NcrZpRYWboUvMMJ5W5nw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR00MB1220
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/hmvnd7buQY-oaz2xsJVVf-lL4qY>
Subject: Re: [secdir] [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2022 01:20:41 -0000
For the Windows TLS stack, TLS 1.3 codebase is somewhat separate from TLS <= 1.2, but we certainly read/review/fuzz/pen-test both 1.2 and 1.3. Cheers, Andrei From: Uta <uta-bounces@ietf.org> On Behalf Of Salz, Rich Sent: Wednesday, July 13, 2022 2:00 PM To: Rob Sayre <sayrer@gmail.com>; Peter Saint-Andre <stpeter@stpeter.im> Cc: Benjamin Kaduk <kaduk@mit.edu>; secdir@ietf.org; draft-ietf-uta-rfc7525bis.all@ietf.org; last-call@ietf.org; uta@ietf.org Subject: [EXTERNAL] Re: [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09 * Every TLS implementation maintains divided codebases for 1.2 vs 1.3. No one reads the TLS 1.2 code very closely these days, in my experience Strongly disagree. OpenSSL, and its forks do not have a divided codebase. As for reading the code, I can’t argue with your experience, but in my experience this is not the case.
- [secdir] Secdir telechat review of draft-ietf-uta… Benjamin Kaduk via Datatracker
- Re: [secdir] Secdir telechat review of draft-ietf… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Salz, Rich
- Re: [secdir] [Last-Call] Secdir telechat review o… Salz, Rich
- Re: [secdir] [Last-Call] Secdir telechat review o… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Martin Thomson
- Re: [secdir] [Last-Call] Secdir telechat review o… Benjamin Kaduk
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Andrei Popov
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Peter Gutmann
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Peter Gutmann
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Benjamin Kaduk
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Last-Call] [Uta] Secdir telechat re… Martin Thomson
- Re: [secdir] [Last-Call] [Uta] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Stephen Farrell
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Thomas Fossati
- Re: [secdir] [Last-Call] Secdir telechat review o… Salz, Rich
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Paul Wouters
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Andrei Popov
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Andrei Popov
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Rob Sayre
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Peter Gutmann
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Rob Sayre
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Rob Sayre