IETF Logo Mail Archive

Re: [tcpinc] Call for adoption of draft-rescorla-tcpinc-tls-option-05

ianG <iang@iang.org> Thu, 22 October 2015 09:43 UTC

Return-Path: <iang@iang.org>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 875391B35BE for <tcpinc@ietfa.amsl.com>; Thu, 22 Oct 2015 02:43:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7zuA3TfVhXKO for <tcpinc@ietfa.amsl.com>; Thu, 22 Oct 2015 02:43:07 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20A131B359A for <tcpinc@ietf.org>; Thu, 22 Oct 2015 02:43:07 -0700 (PDT)
Received: from tormenta.local (iang.org [209.197.106.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by virulha.pair.com (Postfix) with ESMTPSA id BB16C6D776; Thu, 22 Oct 2015 05:43:05 -0400 (EDT)
To: tcpinc@ietf.org
References: <56267097.7060509@tik.ee.ethz.ch>
From: ianG <iang@iang.org>
Message-ID: <5628AFA8.4020405@iang.org>
Date: Thu, 22 Oct 2015 10:43:04 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <56267097.7060509@tik.ee.ethz.ch>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/mB6CCc6mN4bZUwHxGJbswhGXw14>
Subject: Re: [tcpinc] Call for adoption of draft-rescorla-tcpinc-tls-option-05
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Oct 2015 09:43:08 -0000

I do not support putting TLS into TCP.

It is a heavyweight, one size fits all, baggage laden protocol.  Putting 
something complicated and baggage-laden into TCP is going to harm the 
overall goal of TCPINC - get some lightweight opportunistic encryption 
out there where we can, because the alternate is no security.

 From an engineering perspective, putting TLS into TCP increases the 
chances of no security, IMHO.

iang



On 20/10/2015 17:49 pm, Mirja Kühlewind wrote:
> Hi all,
>
> please indicate if you support adoption of
> draft-rescorla-tcpinc-tls-option-05 as a tcpinc working group item, or
> not, by
>
>      Monday, Nov 2, 2015.
>
> draft-rescorla-tcpinc-tls-option is one candidate for tcpinc where the
> first version of this draft was proposed more than a year ago. Verison
> -04 was release about three weeks ago and specifies the TLS 1.3 profile
> as well as the use of draft-rescorla-tcpinc-tls-option with tcp-eno.
> Since then this draft received a lot of discussion. The lasted update
> was provided yesterday, but only changes a few minor fixes.
>
> Similar as before, if you do not support adoption of this document
> because you think it is not in scope for the wg or has fundamental
> technicals flaws and would therefore harm the goals of the wg, it would
> be great if you could given some reasoning/explanation with your response.
>
> This is solely an adoption call for draft-rescorla-tcpinc-tls-option
> independent of any other documents. If you have a personal preference
> for a different approach that should not be a reason to reject this
> adoption. Forcing the wg to make a decision has not worked previously,
> and even though both proposed approaches have evolved, I do not see any
> indication that the wg is now ready to make a decision. The goal of this
> adoption call is to figure out if there is enough interest and energy to
> further follow the approach as outlined in
> draft-rescorla-tcpinc-tls-option-05.
>
> This process may lead to the situation where the wg will adopt and work
> on two solution approaches. This does not mean that the wg will publish
> two (incompatible) approaches, as this would not fulfill our charter. If
> we end up adopting more than one approach, I currently see three way to
> proceed:
>
> 1) Both approaches (naturally) converge into one approach.
>
> 2) We work on both approaches to get them into a (similar) state where
> the wg is able to make a decision (and withdraw the other doc).
>
> 3) We publish both approaches as different 'versions' of tcpinc that can
> be negotiated in the tcp-eno handshake, where at least one of them is
> mandatory to support/implement.
>
> Thanks!
> Mirja
>
> _______________________________________________
> Tcpinc mailing list
> Tcpinc@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpinc
>

v2.23.0 | Report a Bug | By Email