IETF Logo Mail Archive

Re: [tcpinc] Call for adoption of draft-rescorla-tcpinc-tls-option-05

Eric Rescorla <ekr@rtfm.com> Thu, 22 October 2015 13:13 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9508A1A6F67 for <tcpinc@ietfa.amsl.com>; Thu, 22 Oct 2015 06:13:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3zZHpq8sL-M7 for <tcpinc@ietfa.amsl.com>; Thu, 22 Oct 2015 06:13:24 -0700 (PDT)
Received: from mail-yk0-x22a.google.com (mail-yk0-x22a.google.com [IPv6:2607:f8b0:4002:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8AE51A6EEC for <tcpinc@ietf.org>; Thu, 22 Oct 2015 06:13:24 -0700 (PDT)
Received: by ykaz22 with SMTP id z22so81939997yka.2 for <tcpinc@ietf.org>; Thu, 22 Oct 2015 06:13:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm_com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=75T4aJIlnT2/AImW3fJQ90FAu/DkYBcx+or/r4qv2aM=; b=ZsfUurL2gTkzF4PQTikag84K2aMGTjZU0EurMhbn0J5cGFci9R0LBgqXZb1pUGnQ8W I2oIIhsMweRFKpWjFONxwzHZo1xhAREbGrifzLRhe12HpkDq3QWYxkZg8CuY4yqQgVc1 5LlWZ/ewLPZHP/GWOZXX+qa+Z3X/YFO/+rXvssQPqHRvfz7hQvBRL7DyU38Qiom21Fvm UV8q1Y6Jld1PoSbb0Cr/31678QDavH4zJikoBcm5LLp531Z1aZVrUQai4+KNvMdjHeOL g1lG//KZH3SLj7WKLmr/DttT7Io6yJ98aRdMtKseviZj1okrRorjaMRdrjAWujzRo9fm RgQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=75T4aJIlnT2/AImW3fJQ90FAu/DkYBcx+or/r4qv2aM=; b=FmlbOpNtK5nidzcknrjhh4lWESn2hBzHeAdPfcrZxaUWwJ32Z/6bMfs+j1fmOKt4o3 7ZP0MAuJdGIXHR2dNfgVBqmt4KtmRcg3SMNnYpWORU2sl2qD8nIq9TbU9TmHh+SzyVAQ 30vfkuHjErWxgqrydmvwmOBWM+wApn1G8PVdZj8f3K0yf6HpcIDPxy2ZfeDV2h8QoW5x zgWWwMro0ggVi8kh5wiadmZMdazK9u/KgeKOnJpIBLVh4EldlGZf57D8sT7nGVCY+A7S Rbh1oFHiUIuZZlkZ1l5Ohn/GNZvo3JRPmO4RNC8Bg1ZWHBOEIWUrRAfTTqMWJCqrENlS z8UA==
X-Gm-Message-State: ALoCoQnxLJaRCECaBgAf5DZJr8Gk550LSBk5qwbZoWVOzd0SBQkyPrD+SVHZFmVjIUdNgXTfyTMs
X-Received: by 10.13.223.132 with SMTP id i126mr10693248ywe.129.1445519603867; Thu, 22 Oct 2015 06:13:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.221.85 with HTTP; Thu, 22 Oct 2015 06:12:44 -0700 (PDT)
In-Reply-To: <5628AFA8.4020405@iang.org>
References: <56267097.7060509@tik.ee.ethz.ch> <5628AFA8.4020405@iang.org>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 22 Oct 2015 06:12:44 -0700
Message-ID: <CABcZeBPkToPLX0Jmq6NA_ZiiuFEy705oRg0-hzwf4cnUB-5aCQ@mail.gmail.com>
To: ianG <iang@iang.org>
Content-Type: multipart/alternative; boundary="001a114e46c08156c50522b14222"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/_msCWJJhgVhUqgPPqfwsqYcbRnk>
Cc: tcpinc <tcpinc@ietf.org>
Subject: Re: [tcpinc] Call for adoption of draft-rescorla-tcpinc-tls-option-05
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Oct 2015 13:13:26 -0000

Have you actually read the TLS 1.3 profile in my draft?

-Ekr


On Thu, Oct 22, 2015 at 2:43 AM, ianG <iang@iang.org> wrote:

> I do not support putting TLS into TCP.
>
> It is a heavyweight, one size fits all, baggage laden protocol.  Putting
> something complicated and baggage-laden into TCP is going to harm the
> overall goal of TCPINC - get some lightweight opportunistic encryption out
> there where we can, because the alternate is no security.
>
> From an engineering perspective, putting TLS into TCP increases the
> chances of no security, IMHO.
>
> iang
>
>
>
>
> On 20/10/2015 17:49 pm, Mirja Kühlewind wrote:
>
>> Hi all,
>>
>> please indicate if you support adoption of
>> draft-rescorla-tcpinc-tls-option-05 as a tcpinc working group item, or
>> not, by
>>
>>      Monday, Nov 2, 2015.
>>
>> draft-rescorla-tcpinc-tls-option is one candidate for tcpinc where the
>> first version of this draft was proposed more than a year ago. Verison
>> -04 was release about three weeks ago and specifies the TLS 1.3 profile
>> as well as the use of draft-rescorla-tcpinc-tls-option with tcp-eno.
>> Since then this draft received a lot of discussion. The lasted update
>> was provided yesterday, but only changes a few minor fixes.
>>
>> Similar as before, if you do not support adoption of this document
>> because you think it is not in scope for the wg or has fundamental
>> technicals flaws and would therefore harm the goals of the wg, it would
>> be great if you could given some reasoning/explanation with your response.
>>
>> This is solely an adoption call for draft-rescorla-tcpinc-tls-option
>> independent of any other documents. If you have a personal preference
>> for a different approach that should not be a reason to reject this
>> adoption. Forcing the wg to make a decision has not worked previously,
>> and even though both proposed approaches have evolved, I do not see any
>> indication that the wg is now ready to make a decision. The goal of this
>> adoption call is to figure out if there is enough interest and energy to
>> further follow the approach as outlined in
>> draft-rescorla-tcpinc-tls-option-05.
>>
>> This process may lead to the situation where the wg will adopt and work
>> on two solution approaches. This does not mean that the wg will publish
>> two (incompatible) approaches, as this would not fulfill our charter. If
>> we end up adopting more than one approach, I currently see three way to
>> proceed:
>>
>> 1) Both approaches (naturally) converge into one approach.
>>
>> 2) We work on both approaches to get them into a (similar) state where
>> the wg is able to make a decision (and withdraw the other doc).
>>
>> 3) We publish both approaches as different 'versions' of tcpinc that can
>> be negotiated in the tcp-eno handshake, where at least one of them is
>> mandatory to support/implement.
>>
>> Thanks!
>> Mirja
>>
>> _______________________________________________
>> Tcpinc mailing list
>> Tcpinc@ietf.org
>> https://www.ietf.org/mailman/listinfo/tcpinc
>>
>>
> _______________________________________________
> Tcpinc mailing list
> Tcpinc@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpinc
>

v2.23.0 | Report a Bug | By Email