Re: [Tcpcrypt] New version of the charter text
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 27 April 2014 21:29 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tcpcrypt@ietfa.amsl.com
Delivered-To: tcpcrypt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 645221A06B7 for <tcpcrypt@ietfa.amsl.com>; Sun, 27 Apr 2014 14:29:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S7w2CIS2o4Qj for <tcpcrypt@ietfa.amsl.com>; Sun, 27 Apr 2014 14:29:36 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 2CFFE1A03C9 for <tcpcrypt@ietf.org>; Sun, 27 Apr 2014 14:29:35 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 435F9BE5C; Sun, 27 Apr 2014 22:29:34 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xeJcN6USId1A; Sun, 27 Apr 2014 22:29:33 +0100 (IST)
Received: from [10.87.48.3] (unknown [86.46.23.102]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 2177FBE58; Sun, 27 Apr 2014 22:29:33 +0100 (IST)
Message-ID: <535D76BC.4060007@cs.tcd.ie>
Date: Sun, 27 Apr 2014 22:29:32 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: marcelo bagnulo braun <marcelo@it.uc3m.es>, tcpcrypt@ietf.org
References: <53576572.5030805@it.uc3m.es> <535D636D.8050108@iang.org> <535D6BF2.6040304@it.uc3m.es>
In-Reply-To: <535D6BF2.6040304@it.uc3m.es>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpcrypt/SPnJul28PWtNIjmxnGmIsOtSGN4
Subject: Re: [Tcpcrypt] New version of the charter text
X-BeenThere: tcpcrypt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpcrypt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpcrypt/>
List-Post: <mailto:tcpcrypt@ietf.org>
List-Help: <mailto:tcpcrypt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Apr 2014 21:29:38 -0000
Hi Marcelo, On 27/04/14 21:43, marcelo bagnulo braun wrote: > > - Hooks for allowing upper layers to disable encryption must be made > available. > The protocol may try to avoid redundant encryption when it is possible > e.g. > by detecting encryption performed by upper layers (notably, when TLS > is used). Based on all the discussion on this so far, I'd also suggest deleting this bit. I agree with Ian that the reasons for including this stated so far are arm-wavy. And "detecting" that higher layers are encrypting vs. compressing seems unlikely in the general case too. If something is using TLS then the TLS code (which normally calls the socket API I think) can presumably determine if TCP Inc. would be on by default and do the right thing so there's no need for TCP Inc. to do anything for that case even if someone concludes that double wrapping isn't what they want. So count me as another -1 on inclusion of the above. That said, I think that the argument for null ciphers could still be made later (which might be one way to deal with the wish expressed above), and I'm sure someone will inevitably make the argument for that for debugging purposes so since we know it'll happen we don't really need to argue about whether that's ok or not now:-) As I've also said before, I'd need to be convinced that those are worthwhile myself so as of now I'd say not defining 'em is the right thing. S.
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text Scharf, Michael (Michael)
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text John-Mark Gurney
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text Tero Kivinen
- Re: [Tcpcrypt] New version of the charter text Wesley Eddy
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text Wesley Eddy
- Re: [Tcpcrypt] New version of the charter text John-Mark Gurney
- Re: [Tcpcrypt] New version of the charter text Wesley Eddy
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text ianG
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text ianG
- Re: [Tcpcrypt] New version of the charter text Tony Arcieri
- Re: [Tcpcrypt] New version of the charter text Stephen Farrell
- Re: [Tcpcrypt] New version of the charter text ianG
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text ianG
- Re: [Tcpcrypt] New version of the charter text marcelo bagnulo braun
- Re: [Tcpcrypt] New version of the charter text Tero Kivinen
- Re: [Tcpcrypt] New version of the charter text Joe Touch
- Re: [Tcpcrypt] New version of the charter text Tero Kivinen