IETF Logo Mail Archive

Re: [Tls-reg-review] [IANA #1283623] Re: TLS Certificate Key Selection (CKS) Extension Using X.509 Hybrid Certificates (draft-stapleton-hybrid-x509-cks-tls)

"Salz, Rich" <rsalz@akamai.com> Thu, 09 November 2023 21:31 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42529C18FCB0 for <tls-reg-review@ietfa.amsl.com>; Thu, 9 Nov 2023 13:31:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e0MC6aBwlLEV for <tls-reg-review@ietfa.amsl.com>; Thu, 9 Nov 2023 13:31:23 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5364EC17061B for <tls-reg-review@ietf.org>; Thu, 9 Nov 2023 13:31:23 -0800 (PST)
Received: from pps.filterd (m0050096.ppops.net [127.0.0.1]) by m0050096.ppops.net-00190b01. (8.17.1.22/8.17.1.22) with ESMTP id 3A9Khd6S023588; Thu, 9 Nov 2023 21:30:58 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:content-id:content-transfer-encoding:mime-version; s=jan2016.eng; bh=PHjop+pz8ZjUnmycER0swIir9PYtFadSfMW3IGk+eKY=; b= M5CK+YuzCz+OYt5B+mrRX+PkZ7P9ae/HX+ejskFlDRv+en2lJr/nMopHaB0zmeUW iliZYJ2xqyKzwSVcKSZzdkTU37S5ggm44llOXgtshkgrIPHgA6mgPeQlAQK6h6wy L4yPEQMTxaqFHkMNPp2PsALCDjyMlFjuIQ/+gBDfKU2H9+9lHjZMDiny0f/VJO4A EO0mW7MpXTnSw2khzb/YK5nOTf8wck3rUod7oUOKEAnEx6x8jWWBghL0WTiC7SOt 4e8Sz5raB1+pGpYurF+a9w9Z1UWmw6OMi15wHr4CxlAesiaW4vzeogjoaKt7V2HB 4lNVzSbeNbQyU22xZy/Q9Q==
Received: from prod-mail-ppoint4 (a72-247-45-32.deploy.static.akamaitechnologies.com [72.247.45.32] (may be forged)) by m0050096.ppops.net-00190b01. (PPS) with ESMTPS id 3u92m9rps5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Nov 2023 21:30:58 +0000 (GMT)
Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 3A9LHTDB026438; Thu, 9 Nov 2023 16:30:57 -0500
Received: from email.msg.corp.akamai.com ([172.27.50.202]) by prod-mail-ppoint4.akamai.com (PPS) with ESMTPS id 3u84dfcwf6-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Nov 2023 16:30:57 -0500
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag4mb3.msg.corp.akamai.com (172.27.50.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Thu, 9 Nov 2023 13:30:56 -0800
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) by ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) with mapi id 15.02.1258.025; Thu, 9 Nov 2023 13:30:56 -0800
From: "Salz, Rich" <rsalz@akamai.com>
To: "iana-prot-param-comment@iana.org" <iana-prot-param-comment@iana.org>, "anthony@wolfssl.com" <anthony@wolfssl.com>, "Stapleton, Jeff" <Jeff.Stapleton@wellsfargo.com>, Tim Hollebeek <tim.hollebeek@digicert.com>
CC: "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>
Thread-Topic: [Tls-reg-review] [IANA #1283623] Re: TLS Certificate Key Selection (CKS) Extension Using X.509 Hybrid Certificates (draft-stapleton-hybrid-x509-cks-tls)
Thread-Index: AQHZ/TQ8+0zxT7/Oc0ukaNkzr2FMk7BG7qiAgAD6y4+AAXT3AIApgYKA
Date: Thu, 09 Nov 2023 21:30:56 +0000
Message-ID: <F18D8049-E630-4AC1-8293-F3D0042E4DEE@akamai.com>
References: <RT-Ticket-1283623@icann.org> <C92208EF-A6F2-4D42-A9AD-B796BB1519C8@akamai.com> <IA0PR11MB7955BAAECD9E2B36399B3AE9E2CDA@IA0PR11MB7955.namprd11.prod.outlook.com> <IA0PR11MB7955A800D01289510C16FAC5E2CDA@IA0PR11MB7955.namprd11.prod.outlook.com> <14ACDE31-8198-4D0D-8C6D-5567E2BAFE4E@akamai.com> <rt-5.0.3-1467554-1697132807-1341.1283623-9-0@icann.org> <4F68A6F0-BCC8-4490-A2BE-FCC90F85FF0E@gmail.com> <rt-5.0.3-1471150-1697135331-366.1283623-9-0@icann.org> <rt-5.0.3-83595-1697214336-194.1283623-9-0@icann.org> <670877B2-8BA5-4CC1-965A-14A2D0D7DF4B@akamai.com>
In-Reply-To: <670877B2-8BA5-4CC1-965A-14A2D0D7DF4B@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.78.23102801
x-originating-ip: [172.27.164.43]
Content-Type: text/plain; charset="utf-8"
Content-ID: <BD4F34E8124E8C44AE9E6694CB34CB12@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-09_14,2023-11-09_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 malwarescore=0 mlxlogscore=999 adultscore=0 suspectscore=0 phishscore=0 mlxscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311090153
X-Proofpoint-ORIG-GUID: fppEBIxqQSl7xrUiAY-hO8Z2q-F-rFgJ
X-Proofpoint-GUID: fppEBIxqQSl7xrUiAY-hO8Z2q-F-rFgJ
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-09_14,2023-11-09_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 clxscore=1011 adultscore=0 priorityscore=1501 impostorscore=0 bulkscore=0 mlxlogscore=999 spamscore=0 lowpriorityscore=0 mlxscore=0 suspectscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2311060001 definitions=main-2311090155
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/6vRyRZalN8hLjcs5XmVcAVGhjuA>
Subject: Re: [Tls-reg-review] [IANA #1283623] Re: TLS Certificate Key Selection (CKS) Extension Using X.509 Hybrid Certificates (draft-stapleton-hybrid-x509-cks-tls)
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Nov 2023 21:31:27 -0000

I have an email from the Chair of the ASC committee, copied below.

Please close this request for now. Jeff and Anthony, if you need a codepoint for interop testing, you can use one of the values reserved for private use.  See the last entry in the table at [1] and RFC 8446 for more details. You should also contact Tim, as he knows people who will help work on the draft and registration, presumably once the work group gets further along.

[1] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

Thank you.

	-Rich

Here is the relevant part of Tim's note to me.

--------------------------------
This is work related to the draft standard X9.146 which is being done under the F5 group at ASC X9.  In my opinion, the X9.146 draft is not mature enough for code point allocation yet, for many of the reasons Mike mentioned.
 
I would suggest we put the request on pause until F5 has a chance to discuss whether this is the correct path forward, and whether a TLS code point allocation is appropriate at this time.
 
The answer may be yes, but I would like that to be decided by consensus in the working group ...
 
-Tim, Chair, ASC X9F5.

v2.23.0 | Report a Bug | By Email