[TLS] Actions and issues from the IETF 95 TLS meeting
Joseph Salowey <joe@salowey.net> Mon, 25 April 2016 16:13 UTC
Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 020C712D52D for <tls@ietfa.amsl.com>; Mon, 25 Apr 2016 09:13:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JD88fwMpH_IE for <tls@ietfa.amsl.com>; Mon, 25 Apr 2016 09:13:27 -0700 (PDT)
Received: from mail-lf0-x22c.google.com (mail-lf0-x22c.google.com [IPv6:2a00:1450:4010:c07::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFEAF12B05C for <tls@ietf.org>; Mon, 25 Apr 2016 09:13:26 -0700 (PDT)
Received: by mail-lf0-x22c.google.com with SMTP id j11so120135659lfb.1 for <tls@ietf.org>; Mon, 25 Apr 2016 09:13:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=31A7a/HALNtLS1AMs734zfKMsBYBImc8xlROMImmK7A=; b=bPhhPBtSRUvGCv4ltnAA4ra2pkErzunsjuISA3ef351UJFqHiVJkd6M+HJ/omZ4Cmq or/o+OWNBt+WjXrpVy4STRfp01zvYT6ZWsJIpxS2sOnCavqSNFa0DK+UTA9iGPWz5uRw Q/7DJXW8tG9BK4cv9n30+90DkmdPd6Mi1fxrgjRVxNAh/tI16hw7lMF4lGIq9vLQHgYR wAoTBFxHBFIUCAuSkMmormv0k3EhUG6PSTLpExSAiV6njL0aF5yz5BrsQkUMlTK1/5ni V2Y4oTrJ9QYaqXYHpNp1KaybgBgx9tUM3VsBJws4VLL5qjP5mOZFgUKOjTLISz4SKMiX B4ug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=31A7a/HALNtLS1AMs734zfKMsBYBImc8xlROMImmK7A=; b=M0nTcbNmZ/OR7BRuIlTnoWSxxtp3qa3QS8Szag+/0FtYx0of6dzHDh8vEokEjXoFoa AO1HuiKX4TNE2JeUGZ6KIUnLc/7mlRNjHTuez3s5Fo/kJX0Fa1PiblS2m3OgccLw3oeQ f/7VV5TNYPJO+vlV6Gc6Ku7AkH9ysSbN1Jp+MyqSOdSh6/CiseJZ5GpKnX8jb59W9hG4 +jiz3zzQPPH1xY1zm82pT/jzhLGjtG49QBi5M0pAHcLkOsxckFzbQAlpnVOl2qqHwfZP y5JSA+mRuPELxBRRkvXDB13jj7+8Eup6ffu1y+65Ky2fkXvxLterko6/J+Ynv17TA/rB tCEg==
X-Gm-Message-State: AOPr4FUUnffHrSsk9gyFf6FFpKDCq/+ryf9O+jHwL1To+E05HQV52qtgNf3dFvdWwKtnRt4nOJUW6DRAbtuTXA==
X-Received: by 10.25.42.13 with SMTP id q13mr14286385lfq.2.1461600805036; Mon, 25 Apr 2016 09:13:25 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.112.189.74 with HTTP; Mon, 25 Apr 2016 09:13:05 -0700 (PDT)
From: Joseph Salowey <joe@salowey.net>
Date: Mon, 25 Apr 2016 09:13:05 -0700
Message-ID: <CAOgPGoA9zyE4NkzkJFpO-JxG7t=i+xAnfR_PJow0ymcQe=su_A@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a11410bc2c9d26d0531517454"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/0IdYlM44QSGRR3z78xoMs4IYd5E>
Subject: [TLS] Actions and issues from the IETF 95 TLS meeting
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Apr 2016 16:13:29 -0000
Below are some of the more significant issues discussed at the meeting in Buenos Aires: 1. Adopt David Benjamin's signature and hash algorithm negotiation structure that ties both together. New code points to define signature algorithm, curve and hash as a unit. - PR incorporated into draft - https://github.com/tlswg/tls13-spec/pull/404 2. Adopt Anti-Downgrade mechanism proposed by Green/Bhargavan. - PR incorporated into draft - https://github.com/tlswg/tls13-spec/pull/284 3. Adopt a simplified NewSessionTicket Format. The ticket format should indicate if the server would accept ECDHE-PSK or PSK and indicate if early data is allowed or not. The use of a bit mask was discussed in the meeting. - PR to be discussed on the list when available. 4. Adopt proposal to add back encrypted extensions for early data. Encrypted extensions provide application identification (ALPN) and elapsed timestamp. - PR to be discussed on the list when available. 5. Adopt simplified more linear key separation derivation. - PR to be discussed on the list when available. 6. Adopt proposal for demuxing handshake message from data messages. New handshake key is derived to encrypt post initial handshake messages. Proposed solution is to wrap encrypted handshake message in encrypted data message. This is pending cryptographic evaluation. - PR to be discussed on the list when available. 7. Adopt proposal to include OCSP stapling as part of certificate messages. - PR to be discussed on the list when available. 8. Adopt proposal to allow server to send known groups (Issue 415). - PR to be discussed on the list when available. 9. Park proposal to add receive generation field in the key update so client knows it is safe to release keys (PR 426) - We do not have consensus to move forward with this PR
- [TLS] Actions and issues from the IETF 95 TLS meeā¦ Joseph Salowey