Re: [TLS] draft-green-tls-static-dh-in-tls13-01

"Roland Dobbins" <rdobbins@arbor.net> Mon, 17 July 2017 15:35 UTC

Return-Path: <rdobbins@arbor.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD0BF131535 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 08:35:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Level:
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thescout.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5iVl1FW48BGc for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 08:35:16 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0129.outbound.protection.outlook.com [104.47.34.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FA3F131C7D for <tls@ietf.org>; Mon, 17 Jul 2017 08:35:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thescout.onmicrosoft.com; s=selector1-arbor-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=BgTYi27HMfD+CFvc2f3c+MP9uJKmJJjyYFEMiw5RXTs=; b=QwhjbGbwJvIcqOw+XcMk40QBZtfX57hpFyjiDUwzyEWdI7OHBVv2yG+9mWdGf5ObCesvlQ6wp+Utlki9OICIO8WvIq6gY+fqaQRk0wqUw8Y9mffZ9PlgjmA98m+fbT+9MM0dt7g50Hazf7l7ox2bU7P6fYvI4J5weElg5UYvy1M=
Authentication-Results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=arbor.net;
Received: from [172.16.1.3] (88.208.89.131) by BY1PR0101MB1032.prod.exchangelabs.com (10.160.199.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.13; Mon, 17 Jul 2017 15:35:13 +0000
From: Roland Dobbins <rdobbins@arbor.net>
To: Yoav Nir <ynir.ietf@gmail.com>
Cc: Rich Salz <rsalz@akamai.com>, "tls@ietf.org" <tls@ietf.org>
Date: Mon, 17 Jul 2017 17:35:02 +0200
Message-ID: <1B8100FA-98E9-4776-A8F2-5C9F642A152E@arbor.net>
In-Reply-To: <9D562446-7125-42EC-893F-CC6530818B9F@gmail.com>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <72BACCE6-CCB9-4DE9-84E6-0F942E8C7093@gmail.com> <a0a7b2ed-8017-9a54-fec0-6156c31bbbfa@nomountain.net> <6AF150DF-D3C8-4A4A-9D56-617C56539A6E@arbor.net> <CAN2QdAGRTLyucM1-JPmDU17kQgAv0bPZNASh54v=XoCW+qj48A@mail.gmail.com> <CACsn0cnc0X5++cOvTNsboda8J42qg3VDquZ4Va-X-YDcggnbvA@mail.gmail.com> <7423703D-5277-4F78-A2ED-1B7E152E7B08@arbor.net> <3847dfbfb9f5497a8aababb665e18ea8@usma1ex-dag1mb1.msg.corp.akamai.com> <79DD9197-1ACF-4133-86CF-C2E121F6B2C2@gmail.com> <FFF24E8E-CFFF-40B1-873E-AF4DE91D5FE0@arbor.net> <9D562446-7125-42EC-893F-CC6530818B9F@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5347)
X-Originating-IP: [88.208.89.131]
X-ClientProxiedBy: VI1P195CA0008.EURP195.PROD.OUTLOOK.COM (10.175.187.18) To BY1PR0101MB1032.prod.exchangelabs.com (10.160.199.16)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c0943661-b3b9-4ac6-8926-08d4cd296b89
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(300000503095)(300135400095)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:BY1PR0101MB1032;
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 3:01cWYS1hxrwr0WuLpLOFvpLyqfVenbZaU573NRHX0OxDzTbxI4cV1hHMn5YKE/lJT3GDzlkxiNfQ2nFKPVx+qqcOTcAF6rO95jj3ELCEHbmfObm7z+afsLZFdjqC5PSVU2awKNDWt/qg73RSYsB6+Jd1i6t6RSJVvKs7IuoEWy/cLBCeAM0xn8zxB05k84+lOxvzZOJXDP0lAp9hy+JIerOWLtP9FuTFdpo0AiAqNvr3Y+diUdOq4VKMAnXvnECcp91op7OUGzTLJTSPHwMULy3uSPAgMB4k5Q48dz8/DR7Yug51T/0iSJWDbOf1XnJUd/im3Kvs7s8Ld3mzGo5Vl92+Q04Nh+OJ64HIUN5gAwKG7yZnH58bBxrFMOabfJZmm/ulKObLMGBT8KvuTUhPdOdEdKw2+qqMl0fpmG4OauAr1cxCU+MXu9zg8VtI2wv88uDw+x06LuBSbOmA66oPKqq+k4IE6sztozshM3NkPy08bXTV24rNtt67aZ6mmDlpvonIdoNslEvMQYsKe/hjERKqNooXp+LLThYeW5JQGd7vfllOPTbhmiHviQoCfuFfFYfX+uRs3TOmhPariQ7/i4RTwAx/SRRqUqFYNQGrElp0pJIHA2a9V+IqX8jXM6Mebo/wH/1T7y/ddGFuuEAAJJ7YE3jYc2HcOp4nFgUnK+Pf4P5/W+17YETH3KHu2M7ZpRtwjAlnUv+r3KQb+G6ey+es1NnGFosWUQfWKKHTVXk=
X-MS-TrafficTypeDiagnostic: BY1PR0101MB1032:
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 25:7ujEmmrY6jwPJMtosv7KrrbohIhwYr2sklHTb1ooymYCZT+E5tQcbWVw8JK/CFnOe5esoyM38BUWQqTCyHyoNAZMgPqO7UNkLbHTouWfr1a5747zGt7+g4zGjdAwnaK/ndY59aUoIeGmAd33+UIbh1pt7n7fE2vEGqDRxSxj+I9RFiSn7OyYWJ+adxqnZeJbutwx5IU5JRc428ch/2dnMOorQ3zeWfHCsLiKuPeDUN0yd7/yTMu/FSQQPEv78TnFw23h4RN+TNlR5iC02bqqgo5l2Vc6lsvrg4UAcO6oGNzLap8b47LeJYiholSme6H9KAxCnADNMYlv7xXy8yivCfgxmhhAwmaJ16Tf509U0XKet8AxEErxmiT2JHkGBX4c7AQPUJHgJiRg3aekONdqN3ax3MT/xHcKOGwweIoVWHFoq+qrQ5h6/maNlBJZU0qf/V6aFMaB5rDlrqJKmgxJOud7toH4wixYLsV5IvFvYLj9KC6mPywCCGteS7LLUzrMrXy7c0M9hA0MXlVco9ynNkGa1mAeXWeVjvS36ojsv40YD3y6vgh5VJT8BOzW3HeIJT3JdjO9RuZjZei+gbTzflq++tZzaDp5ZsZr/Muj3sF4VAw8hX5OM4qn45uAXH8OJ2uVy2j3irGZhrDBAR5AzlSpRyFShSxXOEJa1S+q807kLcNV6H6eppcT0Ad7MHrtfTmk3hCGpiAlPg+jAs/aE5Mf/UYTWTnGtVAulZSTdtFApNo6s/vt6oBN+5kzcqlXFBJDjRIvr+0T6RI5P55T26+J9Du0UNlU5gv96+zExeyLsgY+tyxvoTG9F8vimF38pdD8Fz20ua1VaKGlZY30AS2g2QpzscNz8vzaWtfP5D2lu1QnT6bwRRNh/6WEyAz0S1wvTls+xX2dQPjF5MmbRH73qA5ciG6ntGmkc6SUmyA=
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 31:Iy6zMxqLQr+QwVpBywEFEmuJNTWeFPR+98X0sDAeSgdUhTtCnwZ86L5CaLmZs+OFdHsq4yxoGWP2cfYy2+VXCzW6QTKwIUskFp1Ei1D1seFShTgriGYS5OUm5ZY8B6IaYoLTG7Ck0MCmqV+cb3cBTz3S+PxA3ATdsFN570JGIb3xlZB+34z9Obh+GE8C4RRJ+qw4dlr3uGIjKQfs/eILjork0hUGUOEm/EN0PDEFLxzX8SNALRQrg3UMofDthON9HPPw/mxGPYW5PGA0rxRoia3Tq+BfMlr3bsrmMuV4/4B/UqmXH+x0dW+yyaa5Gw8QOu6xou91wfPh4sDcRxZMNqJPqSipZO6Bf/BmA5qcp3Z1Ipk2TrdJB3Q6QbT5Ttaust7FEVSm7OMD6jh9MvjS7q2QExAoUnsJT6rWqxF68FNNvsL/hUfPnjjhT2NnkQuMYtG/a3xJ5ZIdoAsw4jD2UPS5pH8oeOWpvynaEwSZlWrK0nDt87a47HlTnzxgOxG3CJjPOnxqqNFwA/qDH12hHlqXyn58yxbCY/pTTMjzA+9MD4sI6rCkoX/DZOY1xCVef6+/TGgMNKCHoJ/Fr0na3+bbOyKIy+cKJnSg3gCocP0b/W8rvvc/jqhJBTN2R4frSShhc/04pk6jUMnTEQ7B4JZPkz3kgqhwJIRjX3Ew6EehGzPH5JXsanqv5aePNfRksg9gJ+eaB7kLk+ENNT+FuQ==
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 20:LhH7+aHKyMFDhp+5ANLNOfyO9rQG8vqTNDSOwuPCSm0L4YDAXVYXN21Z2lLtpcBNrK1pzIKZOOLpLdnzYmSWYigGpfXaDSxOgz1/Vm4glr5IWTBmMa2QZx3nouckYIGH3LDgxERPDm43yYlpER5pB6E+LhGjBjYv3e3bQUlCQQusb9fw3JX2GMxbcGosvg09py4IlVUO97E9gsQxVLWLSZHvXUJ5ESNPb7qk/hbRN/pTwKY35e7HoM0ZXmzorYmnf+8VnxO2BNv3eg7KrJUfv136MT1DjLnR5on9sLph7eQd2RyPofiiTaCgDOnVl27LUiJawLfQrELWJ0y7D2H9aLRHcfl/qFtZCl3Yo8AAfpJAJfxNn1b5tSRnw7JEkobQbQ3d6K6B/Z/LT8LQXYAMEnBfOZ2oInWjhDHiAOXaizyoOBGIFMSlt7tikuRWtjT3RqdmI1mCN+gE7O3R5V1WFm32f4CdPVZn93Ht0rcnuqzwg5HHaOyHVN7vhBGZGnxy
X-Exchange-Antispam-Report-Test: UriScan:(125551606395959)(246478575198768)(236129657087228);
X-Microsoft-Antispam-PRVS: <BY1PR0101MB1032D22BA511EF09521B7F4FCAA00@BY1PR0101MB1032.prod.exchangelabs.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(2017060910075)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6041248)(20161123562025)(20161123560025)(20161123558100)(20161123564025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BY1PR0101MB1032; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BY1PR0101MB1032;
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 4:4Vau5d8ztdUrnB7uznnP1WBakU7WYoNRLoI91i6IK/N8xOYxNb7eB2Oqii4BcEKqGGiiqJ97Uu0xhnKre6kFKcCeFNUfTV9m7PiAtuIM2rjL/zyqtvz2XW487loDT4O8DaA2PWTc2x3UUCGOixx0zJX5hZS6w0F9KBwReUDIE40ANa8Y9VSFVcZXnFOxzisHPLbDdkgEkjXWzIU/alWYJuvT7g0048IVUHBxw1fxtb8pCEsVxBm2chh3JqoEkbzIY6O6PJZarOyL57i8Jr/rbWrbwDE8BabDjfkK8YckugSLctLc0VicFOaSTo8+iv/3fIjJxfSl2C7vcamKgngoVWxS58dxbG5aoXZImG30o0Nhbw8KIw3SFjTZURpIR/u89tV6iWwEjPJBBxgwoPHbWK8a7cEVV8/CcJuF96KMwyg6ubW/Q3Kr6ZRBMIPoGpdM23iykBWr+4xbT9VDlRfokU9k3o0F9uCVM2THJUcR7DWhOp3CvDrHLZWw92/sxdif6wP9JkGjFL5NNdHqS4A6JtL2IJu6dNPj7dekta2otwIMw83xlwxz0cHivCgnoQnLlmqRp2Zkis15tZmL7vqSBj81GGCs+AzRAUswoYSTMFhUzbWigEX+k0fcodQohOkrgckGgaYwSh8MrT0dzoSHxeUtQozMGvFHEKsBbO48wX4hUwl0xtEl4CZ+UcJjPtdmxIXi/GzWg+jML2G0FEZb575nJknWFp9Hbi4SrWri2ZxK3nD3HyR2/Tvs37T1Nmml757T2YrjTmvDpa8DrwO+wamhoOC9eiu8AvPENQ5FUn8OBkpGiDh2TRWJ/d2PmJq0GYb7wwgAq51YjrxQt+I0nFqWd1qsqPD8thyLXExnb+hJUO3zXajSV7F+yWkwRxk32oMydupeSKqAdU1CS6AydOfr9iXCP9+d+g2MMhfr9woRzBl8Q4oVIYBtemg8mflLWT67cSur++4n49qEpYEQRjFguBdCTSXSyRszDEVvYJRZBJ9gTdR2FSbsAJumm/tL9vg1rbzlbYbBaEAFzNmOknMs2X/Qo4cP6pfS29ib2RB2ReezdIcmO9+BY74SDpDhGpk2w9xtVBueKoCad5DcLp7JXFtB5npAL0KdIvyKkvGzCn/eyYt038S8cvj7jo+PWfWqfNWDiH0ktgAsyGmbaFFguJgSxwqXRm7ppkmHN90hktJOS+4K8UkGPCTyKBAV6S2JZS3oeH0tYG30No1XDW9ejiNZ5977et0dclTS9cOMx9sCON4a2bL0gcdDkQSC
X-Forefront-PRVS: 0371762FE7
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(7370300001)(6049001)(6009001)(39400400002)(39850400002)(39410400002)(39840400002)(39450400003)(24454002)(6916009)(189998001)(50986999)(2950100002)(7350300001)(83716003)(93886004)(81166006)(33656002)(230783001)(50226002)(36756003)(229853002)(76176999)(4326008)(6666003)(50466002)(42186005)(6486002)(3846002)(53936002)(25786009)(305945005)(77096006)(90366009)(5660300001)(5003940100001)(7736002)(53546010)(47776003)(6246003)(66066001)(478600001)(2906002)(8676002)(86362001)(54906002)(6116002)(38730400002)(110136004)(82746002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0101MB1032; H:[172.16.1.3]; FPR:; SPF:None; MLV:sfv; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 23:syJO9HVM4AtkWse4I+Ybt93ydqrRgJo64RkdrBSX/N6qcB505WV1LIDiJ9aejqKy6J1oTS8yb8rHZGkiQ7cZyLncSVe6LjrmVlxTxBzUQFSAPrtytoAc2wXsJfUFWu4yBf3iB1jPZJiJjyouvpEgMQVGO/7hVYiftAXkoYtoHbflCjHaPWrVLX2qMW4h0zpvSlP74bmH/8lk6E9opVlE3tLkK1+WtcFw487jjMNlGE52KmF4aRoESpYOazdBc6Me574SU7cx+SpXLTWO6Fds/NdZ2+7u8NU2DHcuGKh2rYLezT/ayFXtR6M0bnhEaRAL3vHMJOtnasBIAWYqWZgPfILr6CFXiysVWxg60jZNapvWHUIkK1Zoj+Enn56iFJ9ylFFY2mYRvssCrvWozbRevUcYk5TBTt8cL/KG+oOdUkNBGE3v7fYjN4qZ4O0R0y4XjkX6bTKdqoCAqjk0hrBTJZIU0drcpY7khSNn8SXZ6havOByyoWOQ3FPnWL4j7gO+ZxOnKi4X4r9Tj+0i0+Fi/0AI20aLeU2V0FhQxfdWgMeDk+F4oMEEiurMx7Zoa/pRVFZ5EXO6VpQoalOaztDsdMPgbSjDxgX8reen1eQwIl2Q2DXoQiap1wf0ZFnlv8Rr8/k4d18Piev2TubEzZKwi6f2+8Nhe0Pma+EVlnzIPYxfNGfSFwByhDr/Z0rOFxOwMUc2M+nZbNK+w25shNFAUbyHVTJ0NCPEj+whDPEIeCmHh4fHk3Y0CCCDd1jN5tDROIYTAh9fWv8fmWaIhRRqYTL2BWsd71N2s44+HfnYrQ+o1DolqukdM38WdrER6FNJTvdYxS88s1hXFZAA9B09AtzFMHEYyc3TwDky+EkiQ2S9edoGhnBmXp8M9o7jUVNGJ8zPlJNZauj4kbmk6kqku6NKvW1f9x+SFTrCkwAQLUG8gOSKiPyMnw11iHxi5YXLRnvwouz/pf/zHunv/PsWv6w2JSKezbpIW1ARcZOgSwp4PLSvxu7H/uEisrVnsqL++NTJFxENRkRAkK98yot6c5SanOcvIpOB1RkMRcvEfvMDyhc+LgabKFX+Spz02/FJAD6/JQIl4qycq7EqFdDG/UqafdmI8Yb8eMh7rpkoHrqdjetIpRGLLxLXMDSoi730K6Aa36fStvltMlVSNYiFpOuTpGttwdgJeD0REwyEkxqb7YEWnfqxq4SSlkCzCsG6+JgkbuF/adIv8YNbRhQJSYBkgbmzF/eDAn1wQb3KtDTOWHwgoIkbHHEEUn4FLnQ2
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 6:KZ5Oufjn1/WLQ/OeD7z6xrFJyZIUXAWxTnWB1lG8CXD0MlWIfGj5wjBhvg/m3iu0w1+CFqIaQXq5dxQko4Qu//GCzkjf+HztQGoZW4Qf2mB9pTwbJ4S7rnke0u/I5ssmg3j/mi5z6PsEIub6Pn1bHDSjQXcC50QQiv+Cnyc/Fqx7iblOEu3XIj98SCf662SzeTax94qx5q9WThyqK5levU7+Z4thEaQDTzb/69OWc0ZyDiIDSEw2WSWiSyGuamPxVymYJiSONgMnNwL/wC9vGc1ZBYoGg6So4pbvY2B2xgGlcjZZns3mGIhFriN9V18mgWhmhJSYJdg7YT4j2zKPTGwB7/ZjJJFHvBKhnSLDkxq/6tXhj1JPCtNN7wRptUEGwzmIhNCLKm7L3CmU6MXiPl32d2gWMyxemlZxhOgOkHLBqPo3OvQ5UvFk+ppylbsfMM5ZekFxLexqmxiMpPJvMM5D05HqORjvJOQq1ofCq+ACKRwwNUOd5kj41qg32GJXxAR9JcTh+tjSu6xXOBn+AYtrgbi5VA1EKNZ5Opmdpcj6KaIKKXu1RwZdDaRt2eUUUldY0BVFWBjnmmfFn/zUvn+n0YIGIEk50tjbUrITJNPDe8YDrrqoafBB2ge2sWrL2/NdGsmY3M1mdCII07SfOIBFwuERI6lBmzQNYb2ONjXQ5fXQQqme1gQaMCIrtmrbFjYsoh1QOBDtZLYBPuSIwHADEcEJoOXSIM+smuuFZVozvkvXTS1NWvCYcesuFrdQ33ljq2Nt1x8OFDR/dzsUt4ZA/mrEmVRNNVZ8Z466BOVwyUqpM910ktxCaw7LPB4H9GHvvsHegFmomf0b3lJSIp1QDG+MlOk7ZP6CsbfXQd7sGmYbHxD3eeZak20Dg8tcXbpN6WVZoEh6uhj4uMH82LbZlDQ1fblysQbQ4iiHKrdJUB0zURHaGExJyNsFKtizmv3MKzjf75UpAp2WxEXfQYyBuSN1OWC0OYBoIgWC9AQ=
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 5:MO0SOSO2Df8XYXoF4whmGpnq4CI2uNTVkRzy64LttSjgrEybmZC/pk7xZZ3U7Q0n17YHScfT/J5S04aIBn55pDlNC6XI1o2/pswzNdX8PRM9GW9Lil9xmq2ecP9d0kYiqowGbow0IlK2f9grie58PM4Zn9Fqbvkk+UfOUjwh/BQDASeajyNTZ0+5Jo5SLolid2iUsoENuztsfR+bTwygu0tZ4yIxOlYD7uhU8R2pg8FTWJgVU8f8LlY1vugEFf2Xb75iju+dXfXV20lyfPO+sw6nF7kOjz6jX26ExHdIY+K59a4l7wz9YE+CEr+schW8HJfYUg6yx6XSXCq0QhIraVbeu3lIykXpkxslMbVvnG4iQFRD5TWyCKKmaCNp+Mv+fRvuflAVtWINcfyV820y6uXpGrN1DfbW0GQ/gTHN5xUhmRFnfOuQDo7eUs+QqQ3epfINAiBxWinuZ9WPsZeSlnShntVzbWLvxY7/uUMS9H1jmcgQ0qnHXZVUprBBY1Z4; 24:WA8+g8JOmqBALYafq44ZIoi6rc45WacQocuOJ/atoaq/rYKhveuH7+MIKETkWgA0RCgKkVGnZtsciUGlBdcJ3+l4oMqDkpC6ubCyF83oPLs=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; BY1PR0101MB1032; 7:CMaBnXSlT0H+QGdC5pM4qTF2JBAVSnWwD0ue2Pkye4dELg4FlSyjQJfgESB4MG3XUOPqLyVWISHH7MAf5hWX/OoaX1FCyXK3i4jxz+7xZlFMisFy4owG+XqwsSo6wZP7dNNhAo841idD1dm9JTwwzwvVrzs4XfA+rLkBf2dIJ/C1BLAeha1ml8JwbIPe9wImGhZCMa2YJRWqj/dKnJpYxh+UmBfdka1REcDMdr9sKID/psgphG0+Ocd/vH67O/I66rVrbr7Wks4IEfItLREuwxXkl8gCFtiIe1NsWhh+xKGG3qte25UhlRNujkBue3hMsM6niV3P+0LXF6Cu9YjwgmTT01KXr2aNPDeFaFhD48k6191qRkAkYRKP9THZFLSntxj6FjinA7SpoL405mBvCNI1Ql0aDXPlGr6fGX3WYM+LEqz7MenUMvXZBYuHeUje0eTEROlsvsyCGCyZMOvJxBM7uSJTokpQAjwLf3B8cyrddZu1z4evIehET5uZ3IVfnxsT5GhPXqr8Ila4qMCIOU3ByqsUGekmrDcbsXdg1N748TrkaNj9jFMri2/Gr8yBQZQmhBK6Zu4DPLf917eXyPltxmKdbWxfrJcnuaQjeJJS6h9th089gXHjVAKfONmpBtmd1UUoqGV7CCYtekzg0wMrHLfCa2D8/Obs5qH3Nec3YnS2aPRvo00ZXEO6zvJNBiNQlBZbhoTCTk3OGeLX0SDQyIJTD6A3iKjZf17lkh26sbeLyn3DS/HbxGndDk6RaxjGf738rdzbi3318mJJMgCAfkogyxdmGAKu2NNZvwM=
X-OriginatorOrg: arbor.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jul 2017 15:35:13.9017 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR0101MB1032
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/1pbNKyuz3f4THxiwMs-cF6v0Q6M>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 15:35:18 -0000

On 17 Jul 2017, at 16:25, Yoav Nir wrote:

> ISTM that this is a great argument *against* allowing the 
> administrators in the data center to be able to access the plaintext.

The joke is that obviating crypto by going around is something bad guys 
can and will do, sorry for being unclear!

Intranet administrators must have visibility into the traffic traversing 
their intranets in order to be able to maintain, troubleshoot, and 
secure those intranets.  This often includes TLS-encrypted traffic, too.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>