Re: [TLS] Consensus Call on MTI Algorithms

Nico Williams <> Thu, 02 April 2015 21:43 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 8227C1A6FFB for <>; Thu, 2 Apr 2015 14:43:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.666
X-Spam-Status: No, score=-1.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id SWmcxjo8GGH3 for <>; Thu, 2 Apr 2015 14:43:44 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 09B621A700F for <>; Thu, 2 Apr 2015 14:43:44 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id A7019508072; Thu, 2 Apr 2015 14:43:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s=; bh=tILfJT0oNsUm6dcYXljPIZIz11E=; b=kpTnyAY+VnA MiQidjNAP4PutajRrH8rfUjhWyB1ldnfKXKqMPgGNxga2OqlB5DfACSMFZBfImru WAa191CvHT0sQsPt1zT3i3IrlTf114kAwVyRoybFYy+xb2ZWkTeX56486MFSazKm 84HJuT0XZEZGiQDdF9SwRMPp22YomIPQ=
Received: from localhost ( []) (Authenticated sender: by (Postfix) with ESMTPA id 4F118508064; Thu, 2 Apr 2015 14:43:43 -0700 (PDT)
Date: Thu, 02 Apr 2015 16:43:42 -0500
From: Nico Williams <>
To: Yoav Nir <>
Message-ID: <20150402214341.GM10960@localhost>
References: <> <> <20150402194417.GJ10960@localhost> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.21 (2010-09-15)
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Cc: " (" <>
Subject: Re: [TLS] Consensus Call on MTI Algorithms
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 02 Apr 2015 21:43:45 -0000

On Fri, Apr 03, 2015 at 12:28:09AM +0300, Yoav Nir wrote:
> I thought the whole point of IoT (as opposed to proprietary protocols)
> was that it *did* interact with the Internet. But that aside, “the
> web” as represented by the HTTP/2 document made its own profile. For
> applications other than “the web”, UTA made their BCP document. For
> the IoT DICE made their profile. 

I'm not entirely sure that I want my things interacting with the web.  I
may want to interact with my things across the Internet.

IoT needs something of a definition, yeah?

> So everyone has their own MTI algorithms, some of them contradictory
> to what we are proposing to recommend. So who takes their MUSTs and
> SHOULDs from TLS as opposed to their own niche document?

IoT seems rather special.  Ignoring IoT, how many profiles of TLS do you
think we'd need for the protocols and non-IoT devices we have now?

IoT's definition, scope, requirements, ... -- we're going to need to
pin these down.  As for *this* thread, I think we should factor IoT out.