[secdir] secdir review of draft-ietf-tls-grease
Carl Wallace <carl@redhoundsoftware.com> Tue, 13 August 2019 14:37 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE7D2120889 for <secdir@ietfa.amsl.com>; Tue, 13 Aug 2019 07:37:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqeCWezYTJKu for <secdir@ietfa.amsl.com>; Tue, 13 Aug 2019 07:37:44 -0700 (PDT)
Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F299D12088F for <secdir@ietf.org>; Tue, 13 Aug 2019 07:37:43 -0700 (PDT)
Received: by mail-qk1-x732.google.com with SMTP id m2so15527582qkd.10 for <secdir@ietf.org>; Tue, 13 Aug 2019 07:37:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version:content-transfer-encoding; bh=X8OM5H+1v1W7uzx0us5gamjGJ3utDvZJZ3scolJYXQY=; b=g7zXRDYSiy8sJvyqmCxeLuPMIRtM50gbG3MlIPwbRlIK+U3ZjgTAfRYrJY5i7+Nrk7 TjwhLgJaX6aA9oraBzVMnn71xRRVq4PuVJ+yd2do90R6/rg2cwhs6B31jrZhx777JB1M 46w5AH3GAu3n9RF3/MzBAO0q9IZRae4HhDhFw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version:content-transfer-encoding; bh=X8OM5H+1v1W7uzx0us5gamjGJ3utDvZJZ3scolJYXQY=; b=NiejxjT1k7VRpd3WpJ8ty12eC1ezAO2NQZDmZNljiQEpF7Ncc4kr8vDQqipwC7mg7X Rv2bnHESOhmW6rQJfotVyRfuE3stjw9YlJ0eaAgqORHEV4310x0Kp2PpFn7DvFGKwdWn Rd8krj1SLLZSXPZr3mIi8EtKojJ0OT6uPuhW0W2lyZjFDejy+mNrbJrCdDmsamoUv6XS cTezSU77ACgjnzd4Av/2X3N2/UNyhwqmQe2zZqbEU2AWPKnt0XlbASI7y5i0swlbXNoF ufGX0+EFVhssUS3nlY9tnzZIm/fVh3WzoPgyU13db7Mp6PIM9NI27MQVPY8MYocqBsjj F1Xw==
X-Gm-Message-State: APjAAAW40q0ewnBLgKbaAgLNBVz7Y3CuZOM9m2FGqdCFI9t/6ufsMZ0D RrV/Y+rZnEM5t1jsLZaKfytaoQ==
X-Google-Smtp-Source: APXvYqzaiawExX46RKT6jqlVcEhaw5oJQZTAL8RicjpVLwbV/t0vrqOTGFfPyywwJZCnUXEyXKF5KA==
X-Received: by 2002:ae9:c303:: with SMTP id n3mr33672776qkg.372.1565707062997; Tue, 13 Aug 2019 07:37:42 -0700 (PDT)
Received: from [192.168.1.5] (110.sub-174-242-87.myvzw.com. [174.242.87.110]) by smtp.googlemail.com with ESMTPSA id o18sm5310684qtt.4.2019.08.13.07.37.32 (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 13 Aug 2019 07:37:42 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/14.7.6.170621
Date: Tue, 13 Aug 2019 10:37:34 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-tls-grease.all@ietf.org
Message-ID: <D978436E.E80A3%carl@redhoundsoftware.com>
Thread-Topic: secdir review of draft-ietf-tls-grease
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/oHShmWZ43cGRIGnmbrnz1BoDlxI>
Subject: [secdir] secdir review of draft-ietf-tls-grease
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Aug 2019 14:37:52 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes a mechanism to prevent extensibility failures in the TLS ecosystem. It reserves a set of TLS protocol values that may be advertised to ensure peers correctly handle unknown values. Aside from a nit/question, the document is ready. The question relates to language in section 2. which states: "The values allocated above are thus no longer available for use as TLS or DTLS [RFC6347] version numbers." Should this draft be marked as updating 6347 and 8446 as a result? At present it is Informational and does not update any other specifications.
- [secdir] secdir review of draft-ietf-tls-grease Carl Wallace
- Re: [secdir] secdir review of draft-ietf-tls-grea… Sean Turner
- Re: [secdir] secdir review of draft-ietf-tls-grea… Carl Wallace
- Re: [secdir] secdir review of draft-ietf-tls-grea… Benjamin Kaduk