IETF Logo Mail Archive

Re: [secdir] [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09

Andrei Popov <Andrei.Popov@microsoft.com> Thu, 14 July 2022 01:20 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7F3CC14CF10; Wed, 13 Jul 2022 18:20:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.681
X-Spam-Level:
X-Spam-Status: No, score=-2.681 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4-rrtKmVOr2h; Wed, 13 Jul 2022 18:20:37 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-centralusazon11021021.outbound.protection.outlook.com [52.101.62.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6A12C14F74A; Wed, 13 Jul 2022 18:20:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PZXe9+rb3NAuzvgXA9WL7j52LQ82lFQhWiL9GH5oE4qJapBmL48HzPCnMJKFayccI7Hn/ZDJTDvQXu+F74mcPv7AtqYoK5Ru7Muor6GpiIz8QbO8pspdaHKY5kS+lhMhmRRvVYDlOqRqFnOyIdRqwmhVj/Q7ilnShMXRn4o+T79bhFrSTrW+0dLdcI2vpA4UM/24HWyrtETrjfACtesY5n+5YOA7Mo+KQc5dj3vSR8iNJh9rrTPUdSQYfcOawr+/rbWenN5dYzCf10gHeyLBD+33w9oTDI2pY5uHKJI88Bo4LrXwibuLaI2uWQwPC6RnaauUzaMfzqUBNcQyo8kFpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pfTV8ZclU26iQqeAeAkEqPLIOPw2yQao20v8B5ebklQ=; b=H9++xaLPLI3iF1jtNB8+SSg0eBJQN3s0uoyjFArPj3FaAcNjB+nJRFJUlBZiH32h51vdSXBlnnWdoGiCIHrdXu+LRLTnpm8BYw4r0ROL5ikPSv5bjo23MtPYmVjboOQ9VC+e6BmMgHZ6g0Up0wgjkAZL1qyis/WzNNcblfiZy7HAJDOLFG1tmtqJ5meHp3NLVhkKCvccX2xcJfau9du9XA5uo4kZChyhItBKOm99ryBb39pSyCBQf573XUAVEHZsxm6uHSG+NhEcjC3yz9ppx/KGodZA6+J/g3X4+J0Ja6NIRq/+uZUDVKa2El4Mj4dCOypO+JBF/f7zuOfKxRwNTA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pfTV8ZclU26iQqeAeAkEqPLIOPw2yQao20v8B5ebklQ=; b=iNFO4M84NCbvX6v/xa2LksY6xsDgwbzEKPwTPJ8gTDtNQE3cnTKr7WaoxmPL0R/x4h5UNLmWRs+enEMfUSrTT+Nm1KWTSendFMbcb3kef1CxsPiHfw3QvknustEuHxD3Phn9bV2hy53mLiM1F1KBAWhiTDUKl1uJ0hnp74OHebg=
Received: from DM6PR00MB0715.namprd00.prod.outlook.com (2603:10b6:5:21c::13) by SA1PR00MB1220.namprd00.prod.outlook.com (2603:10b6:806:193::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5474.0; Thu, 14 Jul 2022 01:19:41 +0000
Received: from DM6PR00MB0715.namprd00.prod.outlook.com ([fe80::3886:eed5:e178:ed5]) by DM6PR00MB0715.namprd00.prod.outlook.com ([fe80::3886:eed5:e178:ed5%4]) with mapi id 15.20.5480.000; Thu, 14 Jul 2022 01:19:41 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Rob Sayre <sayrer@gmail.com>, Peter Saint-Andre <stpeter@stpeter.im>
CC: Benjamin Kaduk <kaduk@mit.edu>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-uta-rfc7525bis.all@ietf.org" <draft-ietf-uta-rfc7525bis.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
Thread-Index: AQHYlvunF4U7CjHp1EKrus9GGnJC6619EP+w
Date: Thu, 14 Jul 2022 01:19:41 +0000
Message-ID: <DM6PR00MB0715F1C5CE89B4510A3D49898C889@DM6PR00MB0715.namprd00.prod.outlook.com>
References: <165766858084.5251.12485129434316295805@ietfa.amsl.com> <b24e2934-200f-4f80-5261-aa2a977da39b@stpeter.im> <CAChr6Syq+uOTJsvqWuSustq_HdTaXCtDepyCuRWx+jGoEB06Fw@mail.gmail.com> <CAChr6SzkAmbjGK4XOwPkSwssLoG4NW1yG-6b2aFdFr43yF2zwQ@mail.gmail.com> <6C6CAD83-5387-479E-A1D0-9FCCB0CD87FB@akamai.com>
In-Reply-To: <6C6CAD83-5387-479E-A1D0-9FCCB0CD87FB@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=f7dc74fe-1829-4948-9cc3-9501d3683dd9; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-07-14T01:17:27Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d2655357-7f15-4ef8-4d43-08da6536edc7
x-ms-traffictypediagnostic: SA1PR00MB1220:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6qD9VH4F9JTi5Dumn+3rRjAwjWuDbNCXmaKgB2VvaR/ZgsYHtZ9hI/qQQflQidID5YPX3E7l4gd8NjHa6n9LE1V5FXMKh7zV6HuV2zcYvDJiVjVuEegFPCSdglbhClhzkqZ2UPl6iU+Ac56Qyg1tqAbHi+0I4SOQef6kd9dza8S4YSvzyg2C+1xXd5BFBU8dJkbXSE+qGg5lwqv8Mui6sPG0Ye63p3G4ZTqPgT+2jGZETgwS7RckC/fG0NO95qqeQiVFCjENIYYhxS7+R8jJ6j5PTs/WgfxDkF6tBgD+ReY26R18dU6d/msP9W+IvbnIAuWMcJhdnIS8SIOgMg8cxmSrz0y4lib14MFNYbmNbZskVDeZlhqTEeKRgXbVLwownZdND7lcQ5++4tvGdin8vy7VeOksXYcipCAyMVxWK10GFWiRi88fEH82Kc1Amzb+LmE5iR7EjiRBBk7Wm8VCZj+nsyrbAZrKX9sHPiDZfAhPud4+hbvnCLPigyMzp9HHtpcHd5yB9GOjM8rj4iRgtedPCAfrDg6Kszn4B3fKQfPmqVEmUwuWgqyZteKSy8i3POl6dsETysfM9euW2OiMm7/36L2D+Mh2MFz4XkhvxexeWZwLebejnLVD3ZMBJvnB3xI2SMIThcrCJGi5JxVGSrHKZ6YCR0bCJphGe04RGJFoR6ug4i30qxjut9GPsM497KdYPyW9HIFGt7gbocFsWk9W//46x3d8Ktnbyq/SGxp3FvQKB8R0Rtv//ohgk6FpB7SY/k6+OamswwK1JSYdUA38B3rhjFrLcEs6x3VSzEe9GQDXjQQ0iW3SW+9JbUec6oGwOl/KJbVkde9VwLVhES9muEyMx+B7E6LyZCyqCAXIJRQjlkK4fN1xXv09/mEM
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR00MB0715.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(346002)(136003)(396003)(39860400002)(366004)(376002)(451199009)(76116006)(4326008)(86362001)(38100700002)(122000001)(38070700005)(66476007)(66446008)(64756008)(8676002)(55016003)(82960400001)(66946007)(66556008)(82950400001)(6506007)(41300700001)(7696005)(9686003)(71200400001)(316002)(10290500003)(4744005)(2906002)(52536014)(53546011)(8936002)(8990500004)(110136005)(54906003)(5660300002)(33656002)(478600001)(26005)(83380400001)(186003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: d0jOBgajEtV3Q7SgsklL/wjVjCFVx7uy63HyoLcyEGVjK39TQLvGi+ePiNzlkoDtYhdgLjopQEq3iPlPD6zcHo3Fu1luy7FeqhLRmXDRREB+rXA82Yolbqf26F3CSwcRFu68muyYDlhtzEepCmFk6UvaZzeqByyZcgQTucMxXzubObiVYyzC2wumT2BdNDde809xtgBJWkr+LWq0b5N8jLoIBjhcC/thruyq21p/5/AgzhaBF7GbPWEGwr0SJMcoFVR7SeeFJpRdhDa2WOKc4HvSQnWC8wQwvP0fnSk9PJCN0X7CJqbsxknr6gIAxjP/zMbKXaWcSWoVNwBo8T8lak1E7hbb7bstkKaPIIlly91ppIqrrE7H3HPmu5sET2peLOS2prRMJEtiq4mKd2mBGOjvT4svAeqm+1eVxZf/peuPX+TEPznXboJrnLfld2oqkIsiOIlY5wyFK9eE7XsLZl8EGJnXHjiz1aAvPJ37HL5Iylkn/euK5pAq6s4/ZjFr9ZIPVpa+98dMmXyVgeUm9TRFM69IPsZVy6OqkKfsL+clBi7kHJ9d9EMParjycpDXR3c/kWR7UUZXkMPGw5K/oYIL3sDw5U6Tbj+vbyOBF1c0MiRuCyOkYGcKtd2PcNeDESpyVadsRsgpnpBMLugS5y2he+6rt7ppaHz4gEQThhsCEBOYg4GSrh4/B0noWOW/2RLtUZJvfV7wgJfjyJ/SfeI/3e/6BENLHaPhraXjVXpeEkeQKSVGFxXBsk6xNVJeqmDHU8jDS3nVPzUAJbEoAFSz+bd0qyU2X4iWZBKvmVBduQaB9N+vqVA4ikulR6g8y8iwNZm+wfJgv9ONhmaXQB0jOmidK4AC8yIQjZa0Ur0CyV2SPOiM98HYMr3uVGJ7qF111LMVGUpGnCFXC0gJ/4OdeZ8oBX4H9IKr26pP3QGo1NlcRaqrWd/fTKrIElXfnBHBHc+YGZ2jlKsZblSuSQxRqDx1ou+JjxJ2Ngq91VsSD+1KVLwR9x59OpBaVbjg/9N6XEBER30E+lbKhHRfn0LctI3ZPrjJUOhY/MNVN7lLhltRDbmLBQocEb92XPq/KF87Mzd5bM9XWK6FBnwhJ9fsD7TXpOPWppD8Z1M3VJBGgDOIQVtCFBGXSI7UQ1a0jbJSfFxjn+ZLOT81eugZgo3lbmFsJLUHi7ZL9H2DbfLWnRFlsdgZZO4WrYOnE71J9XSVopbqiJHMiAvsN+LDwBrZmw3gwLfHWznCPpGY928hkmp12BMHOp5eBQcwH3kgTNumR2rQSioRK2P8MRXP3GCBSwdzZ7490ywa8eZMHVY+gGujRmqlmU3GPUopf4Dp+yHHtCIPM2QfRJTB8FqVbYZjXpwRu+P/4MGVIpfad2yFLorbqa2CvLdQhh8sEr8TUZpCGvr4OwSYz86id4zXQmUyrFl+2NVCtoeJq01lw9euLEsvPxlvZiBFYBQnyDI/+NzuA0wWyrDuKOzUA4lqQxTbWFjD6GDED4cL254caz89i1hBpIkknuVVwT1MIWPj9V7iqCGW8YEqYEmaSk+vASK7mj6+OrHwwb8vr5JtrBQWui/VPkA0XwXkiDa/L1ks
Content-Type: multipart/alternative; boundary="_000_DM6PR00MB0715F1C5CE89B4510A3D49898C889DM6PR00MB0715namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR00MB0715.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d2655357-7f15-4ef8-4d43-08da6536edc7
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jul 2022 01:19:41.7622 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8pvJT6XNGWUzNo7nMrD2IDJWQzF1GDROUSOu+3NeJKGpKrbC8vJ1cHis/YOn/7xJr2NcrZpRYWboUvMMJ5W5nw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR00MB1220
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/hmvnd7buQY-oaz2xsJVVf-lL4qY>
Subject: Re: [secdir] [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2022 01:20:41 -0000

For the Windows TLS stack, TLS 1.3 codebase is somewhat separate from TLS <= 1.2, but we certainly read/review/fuzz/pen-test both 1.2 and 1.3.

Cheers,

Andrei

From: Uta <uta-bounces@ietf.org> On Behalf Of Salz, Rich
Sent: Wednesday, July 13, 2022 2:00 PM
To: Rob Sayre <sayrer@gmail.com>; Peter Saint-Andre <stpeter@stpeter.im>
Cc: Benjamin Kaduk <kaduk@mit.edu>; secdir@ietf.org; draft-ietf-uta-rfc7525bis.all@ietf.org; last-call@ietf.org; uta@ietf.org
Subject: [EXTERNAL] Re: [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09


  *   Every TLS implementation maintains divided codebases for 1.2 vs 1.3. No one reads the TLS 1.2 code very closely these days, in my experience

Strongly disagree.  OpenSSL, and its forks do not have a divided codebase.

As for reading the code, I can’t argue with your experience, but in my experience this is not the case.

v2.23.0 | Report a Bug | By Email