Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry

"Salz, Rich" <rsalz@akamai.com> Sat, 13 June 2020 13:12 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72F063A08BD for <tls-reg-review@ietfa.amsl.com>; Sat, 13 Jun 2020 06:12:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wtud4ZJFxsu4 for <tls-reg-review@ietfa.amsl.com>; Sat, 13 Jun 2020 06:12:00 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D87E03A081D for <tls-reg-review@ietf.org>; Sat, 13 Jun 2020 06:11:57 -0700 (PDT)
Received: from pps.filterd (m0050102.ppops.net [127.0.0.1]) by m0050102.ppops.net-00190b01. (8.16.0.42/8.16.0.42) with SMTP id 05DDBFp8007588; Sat, 13 Jun 2020 14:11:56 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=m6/x0LxiAfWwvmrq9qHuJmIQA9ARTEKHyl5JLB4s4cU=; b=fSrW7ZuRSSFOSR30RCv7hnoklQv3yULHJD9UH2S8VOJUfGL9N8nhMYlwk1ySSL9aZtpf jhx7ELCpmm0SrsFueKKctFD1H+vYtvTDTByOdFdS5WcJd2af1JgYTLE3tNklZfw2pKYe cuQjAkGN4oDMeiD+y2hv0sYvSWswykSMhfXNw/ZLY9x6tT7+QZBT7+TZheSRoMKgTXK7 s3nXnJbhCOYGkbJlZ8SOcE9MuoGDFDZcAOPKIzgKLKZZx2qOFYDsjfiqVFusQI0PFZ8A E+dndjugpQHvdg6HKeJyYZpdaMuQusLGRApneEGtKdCsWFCWVq1+zW8qnJFdxtFS7b2W Tw==
Received: from prod-mail-ppoint3 (a72-247-45-31.deploy.static.akamaitechnologies.com [72.247.45.31] (may be forged)) by m0050102.ppops.net-00190b01. with ESMTP id 31mkvggbpq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 13 Jun 2020 14:11:56 +0100
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.42/8.16.0.42) with SMTP id 05DCpF6d006130; Sat, 13 Jun 2020 09:11:55 -0400
Received: from email.msg.corp.akamai.com ([172.27.165.113]) by prod-mail-ppoint3.akamai.com with ESMTP id 31mt4yh948-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sat, 13 Jun 2020 09:11:55 -0400
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com (172.27.165.119) by ustx2ex-dag1mb3.msg.corp.akamai.com (172.27.165.121) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sat, 13 Jun 2020 08:11:54 -0500
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com ([172.27.165.119]) by ustx2ex-dag1mb1.msg.corp.akamai.com ([172.27.165.119]) with mapi id 15.00.1497.006; Sat, 13 Jun 2020 08:11:54 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Yoav Nir <ynir.ietf@gmail.com>
CC: "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>
Thread-Topic: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry
Thread-Index: AdY/xkFwhy+DyG4LQtWhDvQMRGmBqgAcEAcA//++1ICAAgufAIAA4baA
Date: Sat, 13 Jun 2020 13:11:53 +0000
Message-ID: <A1B1187C-DE33-4C40-A03C-44A2EC85953D@akamai.com>
References: <VI1PR0402MB36165CA473E6C84EF71ECDC28E800@VI1PR0402MB3616.eurprd04.prod.outlook.com> <B3092784-D021-4FFC-90F9-7CFC469AF0B4@gmail.com> <6500F262-7F73-4613-9F4E-526B34D4040F@akamai.com> <779E7455-6CA8-4EC8-8F59-95EA196DFEE3@gmail.com>
In-Reply-To: <779E7455-6CA8-4EC8-8F59-95EA196DFEE3@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.38.20060802
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.37.63]
Content-Type: multipart/alternative; boundary="_000_A1B1187CDE334C40A03C44A2EC85953Dakamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-13_05:2020-06-12, 2020-06-13 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 spamscore=0 mlxlogscore=999 adultscore=0 bulkscore=0 mlxscore=0 phishscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006130106
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-13_06:2020-06-12, 2020-06-13 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 bulkscore=0 mlxlogscore=999 adultscore=0 mlxscore=0 spamscore=0 malwarescore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 cotscore=-2147483648 suspectscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006130118
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/KCtHSZjrMITnoEp4fJCN0FFiWiY>
Subject: Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jun 2020 13:12:03 -0000

Go for it.

From: Yoav Nir <ynir.ietf@gmail.com>
Date: Friday, June 12, 2020 at 3:44 PM
To: Rich Salz <rsalz@akamai.com>
Cc: "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>
Subject: Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry

I tend to agree, although that leads me to question the value of what we’re doing here.

Anyway, I think this is going to lead to yelling, so we might as well get in front of it. I’d like to post a message to the TLS mailing list before we instruct IANA to assign values.

Objections?

Yoav



On 11 Jun 2020, at 19:29, Salz, Rich <rsalz@akamai.com<mailto:rsalz@akamai.com>> wrote:

Yes, this is where interceptible TLS went after we discarded it.

I don’t think we get a moral vote, tho.

From: Yoav Nir <ynir.ietf@gmail.com<mailto:ynir.ietf@gmail.com>>
Date: Thursday, June 11, 2020 at 12:23 PM
To: "tls-reg-review@ietf.org<mailto:tls-reg-review@ietf.org>" <tls-reg-review@ietf.org<mailto:tls-reg-review@ietf.org>>
Subject: Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry

So a protocol for the endpoints to talk to the middle-box and allow it read, read+delete, or read+delete+write access to the data stream?

I think we’ve yelled at people who brought this kind of thing to the IETF in the past.

Does this count as “mostly harmless” because they just want an extension number, not an RFC number?





On 11 Jun 2020, at 10:59, Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org<mailto:MiguelAngel.ReinaOrtega@etsi.org>> wrote:

Dear TLS ExtensionType Values Registry Experts,

ETSI TC CYBER has developed a Technical Specification TS 103 523-2 "Transport Layer Middlebox Security Protocol (TLMSP)" specifying a protocol to enable secure transparent communication sessions between network endpoints with one or more middleboxes between these endpoints, using data encryption and integrity protection, as well as authentication of the identity of the endpoints and the identity of any middlebox present. The Middlebox Security Protocol builds on TLS 1.2.

ETSI TC CYBER is about to approve the final draft TS 103 523-2 for publication and then requests the registration of 3 TLS ExtensionType Values as defined in the final draft TS 103 523-2 available athttps://docbox.etsi.org/CYBER/CYBER/Open/Latest_Drafts/CYBER-0027-2v020-TLMSP-Transport-Layer-Middlebox-Security-Protocol.pdf<https://urldefense.proofpoint.com/v2/url?u=https-3A__docbox.etsi.org_CYBER_CYBER_Open_Latest-5FDrafts_CYBER-2D0027-2D2v020-2DTLMSP-2DTransport-2DLayer-2DMiddlebox-2DSecurity-2DProtocol.pdf&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=GjSQtH4oNcSoW9gjQc3NeYlpnrqE2zr8mclZf37nr1A&s=qCl0DYOmf9Uc-Y3Rj5hJpWz3Xq4-ge_D1GFn2zOREWY&e=>.
The 3 extensions are defined in the following clauses:
     * clause 4.3.5 extension named TLSMP
     * clause C.2.3 extensions named TLMSP_proxying and TLMSP_delegate
     * IANA considerations in annex I

Please, note that we will be able to provide the final URL of the published TS only after its publication.

Best regards.

-----------------------------------------------------------------------------------------------------------------
Miguel Angel Reina Ortega – Testing Expert
Centre for Testing and Interoperability (CTI)
ETSI ● www.etsi.org<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.etsi.org_&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=GjSQtH4oNcSoW9gjQc3NeYlpnrqE2zr8mclZf37nr1A&s=GhLs_FLSmA-osQ0cKbcT5kqmBsljznhTtIDuG7xtD1k&e=> ● miguelangel.reinaortega@etsi.org<mailto:miguelangel.reinaortega@etsi.org>
Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99

This email may contain confidential information and is intended for
the use of the addressee only. Any unauthorized use may be unlawful.
If you receive this email by mistake, please advise the sender
immediately by using the reply facility in your email software.
Thank you for your co-operation.

_______________________________________________
tls-reg-review mailing list
tls-reg-review@ietf.org<mailto:tls-reg-review@ietf.org>
https://www.ietf.org/mailman/listinfo/tls-reg-review<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_tls-2Dreg-2Dreview&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=GjSQtH4oNcSoW9gjQc3NeYlpnrqE2zr8mclZf37nr1A&s=LnFG7aJJ4aJxaWIHASh9HIFTPgnsq62YSGZwB9dNIzY&e=>