IETF Logo Mail Archive

Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry

"Salz, Rich" <rsalz@akamai.com> Thu, 11 June 2020 16:30 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls-reg-review@ietfa.amsl.com
Delivered-To: tls-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F4593A0816 for <tls-reg-review@ietfa.amsl.com>; Thu, 11 Jun 2020 09:30:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qmvPtdTMCB23 for <tls-reg-review@ietfa.amsl.com>; Thu, 11 Jun 2020 09:30:00 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B6743A0484 for <tls-reg-review@ietf.org>; Thu, 11 Jun 2020 09:29:59 -0700 (PDT)
Received: from pps.filterd (m0122331.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05BGTiBr022781; Thu, 11 Jun 2020 17:29:58 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=jeFITy2LXnU+TU9cHM0MRCQv42xEV75YiwFlLcGQCQk=; b=X0YRsZyE2lv9nndFlti0iihTUOGOEn+zFESybYTGgniuA9jl7KVe0MbXxgawmehXbG7B LZOJm/dLTBD9nG22TELgPAGOPXYwI9JcWNIq/1V8Q/SHS1atTJawKFUWyPhUxsoFbsyu Ede/QPvfrmK8LrmxDdrcZg77Pi511JZcXQCKm2ndUjTJslCESZ10t5VqEPwHWptFftsM xmPNk/iUqHW7ipINBAly8IgYVWpASbHupwvT282CkOZccGHVcT6cZZ7XSmoKE/j/yzji Wq7FdpF8OcuqoHvusdangvBzA5dmldNqDbsh3lLwTEeGlzB84tHs66AKq9/5QwKTJw8f iw==
Received: from prod-mail-ppoint3 (a72-247-45-31.deploy.static.akamaitechnologies.com [72.247.45.31] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 31g016e4mr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 11 Jun 2020 17:29:58 +0100
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.42/8.16.0.42) with SMTP id 05BGL9Sw029408; Thu, 11 Jun 2020 12:29:57 -0400
Received: from email.msg.corp.akamai.com ([172.27.165.112]) by prod-mail-ppoint3.akamai.com with ESMTP id 31g6g0747j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 11 Jun 2020 12:29:57 -0400
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com (172.27.165.119) by ustx2ex-dag1mb5.msg.corp.akamai.com (172.27.165.123) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 11 Jun 2020 11:29:56 -0500
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com ([172.27.165.119]) by ustx2ex-dag1mb1.msg.corp.akamai.com ([172.27.165.119]) with mapi id 15.00.1497.006; Thu, 11 Jun 2020 11:29:56 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Yoav Nir <ynir.ietf@gmail.com>, "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>
Thread-Topic: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry
Thread-Index: AdY/xkFwhy+DyG4LQtWhDvQMRGmBqgAcEAcA//++1IA=
Date: Thu, 11 Jun 2020 16:29:55 +0000
Message-ID: <6500F262-7F73-4613-9F4E-526B34D4040F@akamai.com>
References: <VI1PR0402MB36165CA473E6C84EF71ECDC28E800@VI1PR0402MB3616.eurprd04.prod.outlook.com> <B3092784-D021-4FFC-90F9-7CFC469AF0B4@gmail.com>
In-Reply-To: <B3092784-D021-4FFC-90F9-7CFC469AF0B4@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.38.20060802
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.33.90]
Content-Type: multipart/alternative; boundary="_000_6500F2627F7346139F4E526B34D4040Fakamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-11_16:2020-06-11, 2020-06-11 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 suspectscore=0 bulkscore=0 spamscore=0 mlxlogscore=999 phishscore=0 malwarescore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006110122
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-11_16:2020-06-11, 2020-06-11 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 malwarescore=0 cotscore=-2147483648 bulkscore=0 spamscore=0 phishscore=0 adultscore=0 suspectscore=0 priorityscore=1501 mlxscore=0 lowpriorityscore=0 impostorscore=0 clxscore=1011 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006110130
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls-reg-review/NaKrQSqtYGbAVpAaNAAfMRJ3cug>
Subject: Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry
X-BeenThere: tls-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TLS REVIEW <tls-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls-reg-review/>
List-Post: <mailto:tls-reg-review@ietf.org>
List-Help: <mailto:tls-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls-reg-review>, <mailto:tls-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2020 16:30:03 -0000

Yes, this is where interceptible TLS went after we discarded it.

I don’t think we get a moral vote, tho.

From: Yoav Nir <ynir.ietf@gmail.com>
Date: Thursday, June 11, 2020 at 12:23 PM
To: "tls-reg-review@ietf.org" <tls-reg-review@ietf.org>
Subject: Re: [Tls-reg-review] Request to register 3 values in TLS ExtensionType Values registry

So a protocol for the endpoints to talk to the middle-box and allow it read, read+delete, or read+delete+write access to the data stream?

I think we’ve yelled at people who brought this kind of thing to the IETF in the past.

Does this count as “mostly harmless” because they just want an extension number, not an RFC number?




On 11 Jun 2020, at 10:59, Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org<mailto:MiguelAngel.ReinaOrtega@etsi.org>> wrote:

Dear TLS ExtensionType Values Registry Experts,

ETSI TC CYBER has developed a Technical Specification TS 103 523-2 "Transport Layer Middlebox Security Protocol (TLMSP)" specifying a protocol to enable secure transparent communication sessions between network endpoints with one or more middleboxes between these endpoints, using data encryption and integrity protection, as well as authentication of the identity of the endpoints and the identity of any middlebox present. The Middlebox Security Protocol builds on TLS 1.2.

ETSI TC CYBER is about to approve the final draft TS 103 523-2 for publication and then requests the registration of 3 TLS ExtensionType Values as defined in the final draft TS 103 523-2 available athttps://docbox.etsi.org/CYBER/CYBER/Open/Latest_Drafts/CYBER-0027-2v020-TLMSP-Transport-Layer-Middlebox-Security-Protocol.pdf<https://urldefense.proofpoint.com/v2/url?u=https-3A__docbox.etsi.org_CYBER_CYBER_Open_Latest-5FDrafts_CYBER-2D0027-2D2v020-2DTLMSP-2DTransport-2DLayer-2DMiddlebox-2DSecurity-2DProtocol.pdf&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=GjSQtH4oNcSoW9gjQc3NeYlpnrqE2zr8mclZf37nr1A&s=qCl0DYOmf9Uc-Y3Rj5hJpWz3Xq4-ge_D1GFn2zOREWY&e=>.
The 3 extensions are defined in the following clauses:
     * clause 4.3.5 extension named TLSMP
     * clause C.2.3 extensions named TLMSP_proxying and TLMSP_delegate
     * IANA considerations in annex I

Please, note that we will be able to provide the final URL of the published TS only after its publication.

Best regards.

-----------------------------------------------------------------------------------------------------------------
Miguel Angel Reina Ortega – Testing Expert
Centre for Testing and Interoperability (CTI)
ETSI ● www.etsi.org<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.etsi.org_&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=GjSQtH4oNcSoW9gjQc3NeYlpnrqE2zr8mclZf37nr1A&s=GhLs_FLSmA-osQ0cKbcT5kqmBsljznhTtIDuG7xtD1k&e=> ● miguelangel.reinaortega@etsi.org<mailto:miguelangel.reinaortega@etsi.org>
Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99

This email may contain confidential information and is intended for
the use of the addressee only. Any unauthorized use may be unlawful.
If you receive this email by mistake, please advise the sender
immediately by using the reply facility in your email software.
Thank you for your co-operation.

_______________________________________________
tls-reg-review mailing list
tls-reg-review@ietf.org<mailto:tls-reg-review@ietf.org>
https://www.ietf.org/mailman/listinfo/tls-reg-review<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_tls-2Dreg-2Dreview&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=GjSQtH4oNcSoW9gjQc3NeYlpnrqE2zr8mclZf37nr1A&s=LnFG7aJJ4aJxaWIHASh9HIFTPgnsq62YSGZwB9dNIzY&e=>

v2.23.0 | Report a Bug | By Email