[Taps] New Drafts on Transport Security Interface for TAPS
Tommy Pauly <tpauly@apple.com> Mon, 03 July 2017 15:14 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBA0E131670 for <taps@ietfa.amsl.com>; Mon, 3 Jul 2017 08:14:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8BDyoWdWzrVh for <taps@ietfa.amsl.com>; Mon, 3 Jul 2017 08:14:44 -0700 (PDT)
Received: from mail-in24.apple.com (mail-out24.apple.com [17.171.2.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2472F12EC2D for <taps@ietf.org>; Mon, 3 Jul 2017 08:14:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1499094872; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=AA0qDdx1bauhHAs+X1RylZ7GCOmApFOYd20RoE8aFeA=; b=fvefXcGUs7jW8GpNOPS6s/zNSfqzU8WW6TVAX4IrUefSS6X78YptdQjObD7e2sxS FS6tInVyQs6QyVRSx83e/Mcrk0YNeANTWG8GDpk4PqC+LBXFUsvC/LK1778RrYxx miLe9TPsF9PFYGTNaDXCwhwElK2XD1r4iJIGmAEY+mVT7zDuPoHvllt7NDKXke3u b1xz6DIPzDne961IkOi306pjQwYAaXPTxFvHqGmMU66b1aM/LAonU/CAKGdhBeQM JQ68ixoliWTESZbEvd235A8YTmW+H5OQOqF7V/62iHgNc0jWeLpVlBHK55B9VQvo tMpJOmTH+zV0r9YWv7ELEA==;
Received: from relay3.apple.com (relay3.apple.com [17.128.113.83]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail-in24.apple.com (Apple Secure Mail Relay) with SMTP id 6B.D6.06274.75F5A595; Mon, 3 Jul 2017 08:14:32 -0700 (PDT)
X-AuditID: 11ab0218-b453b9c000001882-a7-595a5f57fa94
Received: from nwk-mmpp-sz10.apple.com (nwk-mmpp-sz10.apple.com [17.128.115.122]) by relay3.apple.com (Apple SCV relay) with SMTP id B9.77.04862.55F5A595; Mon, 3 Jul 2017 08:14:30 -0700 (PDT)
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_xNkJXswIUceqHsIoZFT93Q)"
Received: from [17.234.8.56] (unknown [17.234.8.56]) by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.1.2.20170210 64bit (built Feb 10 2017)) with ESMTPSA id <0OSI006JDT01OU40@nwk-mmpp-sz10.apple.com>; Mon, 03 Jul 2017 08:14:29 -0700 (PDT)
Sender: tpauly@apple.com
From: Tommy Pauly <tpauly@apple.com>
Message-id: <31AF3404-1648-45F7-9C32-5A48F2F63AE2@apple.com>
Date: Mon, 03 Jul 2017 08:14:29 -0700
Cc: Chris Wood <cawood@apple.com>, Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>
To: taps WG <taps@ietf.org>
X-Mailer: Apple Mail (2.3439)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrGLMWRmVeSWpSXmKPExsUi2FAYrBsRHxVpcPuRoMWG1VNYLO7EODB5 LFnyk8nj2IevbAFMUVw2Kak5mWWpRfp2CVwZi+90MRe8l694t9StgfG0dBcjJ4eEgInE2q5W 1i5GLg4hgTVMErOPTWCHSbx7d4MZInGIUWJX82lmkASvgKDEj8n3WEBsZoEwicYnPSwQRd1M EjNXTQUq4uAQFpCQ2LwnEaSGTUBF4vi3DWC9wgI2EuvPf2UFKeEFsg9tdwQJswioSpyeAdHJ LJAu8bMxECQsIiAt8WbOabCwhICsxNI/ISCLJATmsEksXHySdQKjwCwkB81CctAssEnqElOm 5EKEtSWevLvACmGrSSz8vYgJWXwBI9sqRuHcxMwc3cw8IxO9xIKCnFS95PzcTYyggF7NJLGD 8ctrw0OMAhyMSjy8Gk5RkUKsiWXFlbmHGKU5WJTEeb8/CIsUEkhPLEnNTk0tSC2KLyrNSS0+ xMjEwSkFDGtdruv75vH9KKiS2f+Oh2lJsGn6N+5dv+XijabW5u4XtXz441v+3NmS86fXLjl7 mFHZRCZGf02kdLy6Q8u/jW8Fo29FJbRfjbxqekSN7fyiy365/45O7tMM7nr9udPhbPGfr9qG u5Ocu/bbe91qEa9ay1L3dPuGkqKmD+2TYx6Z2d0+fGhykhJLcUaioRZzUXEiAETiFIFJAgAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprPIsWRmVeSWpSXmKPExsUi2FBcpRsWHxVpsLSHyWLD6iksFndiHJg8 liz5yeRx7MNXtgCmKC6blNSczLLUIn27BK6MxXe6mAvey1e8W+rWwHhauouRk0NCwETi3bsb zF2MXBxCAocYJXY1n2YGSfAKCEr8mHyPBcRmFgiTaHzSwwJR1M0kMXPVVKAiDg5hAQmJzXsS QWrYBFQkjn/bANYrLGAjsf78V1aQEl4g+9B2R5Awi4CqxOkZEJ3MAukSPxsDQcIiAtISb+ac BgtLCMhKLP0TMoGRdxaSG2YhuWEWWLO6xJQpuRBhbYkn7y6wQthqEgt/L2JCFl/AyLaKUaAo NSex0lgvsaAgJ1UvOT93EyM4/AqDdzD+WWZ1iFGAg1GJh/eCfVSkEGtiWXFlLjAgOJiVRHi3 xQCFeFMSK6tSi/Lji0pzUosPMU5kBHplIrOUaHI+MDrySuINTUwMTIyNzYyNzU3MaSmsJM6b ez8iUkggPbEkNTs1tSC1COYoJg5OqQZG66Ws35I3Hf+nbtW2vk2jbElAauDOjLfWkSdT0+do fQ5r1az0zt84c/mL/X/mbJnuHTdlrcvd+FSJ6XW3/L8fc5Oumh4p2/TJVOSrqe22J3FXX043 MI56de2sDWvci5W5yw2/Zx2ez3XBeob555yXmyZoL601WvFu95/NxqVMLIsPHYkPzy3aqsRS nJFoqMVcVJwIABpHUsqyAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/FnQYrrDi7hLYfr2sU6XRvVK_G6c>
Subject: [Taps] New Drafts on Transport Security Interface for TAPS
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussions on Transport Services <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jul 2017 15:14:45 -0000
Hello, We’ve just posted two new documents that start addressing how to incorporate security protocols into the TAPS framework for use alongside transport protocols. At the meeting in Chicago, the question of how security protocols should be handled was brought up, and we suggested writing a draft to do a survey of Transport Security protocols, similar to the work done in RFC 8095 and the transport usage drafts. This document goes over several common transport security protocols and analyzes their features and interfaces, particularly with regards to how they interact with their associated transport protocols and applications. A Survey of Transport Security Protocols https://tools.ietf.org/html/draft-pauly-taps-transport-security-00 <https://tools.ietf.org/html/draft-pauly-taps-transport-security-00> The second document is an update of a draft that Mirja published earlier this year, which we would also like to bring into TAPS. This document takes a more normative approach, and suggests that transport security protocols should allow separation of the handshake and record protocols (similar to what QUIC does). This approach has an effect on the interaction between the security and transport layers, and adds some protocol-flexibility properties that complement the TAPS approach. Separating Crypto Negotiation and Communication https://tools.ietf.org/html/draft-kuehlewind-taps-crypto-sep-00 <https://tools.ietf.org/html/draft-kuehlewind-taps-crypto-sep-00> Best, Tommy