[TLS] Re: Concerns about the current draft.
Martin Thomson <mt@lowentropy.net> Wed, 03 September 2025 01:08 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 1D3835C65AA8 for <tls@mail2.ietf.org>; Tue, 2 Sep 2025 18:08:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b="dJiE31bW"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="Yv2ZrIEj"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8dMD5uXBDF6w for <tls@mail2.ietf.org>; Tue, 2 Sep 2025 18:08:40 -0700 (PDT)
Received: from fhigh-a7-smtp.messagingengine.com (fhigh-a7-smtp.messagingengine.com [103.168.172.158]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 9D2AA5C65AA2 for <tls@ietf.org>; Tue, 2 Sep 2025 18:08:40 -0700 (PDT)
Received: from phl-compute-06.internal (phl-compute-06.internal [10.202.2.46]) by mailfhigh.phl.internal (Postfix) with ESMTP id 7CF291400189; Tue, 2 Sep 2025 21:08:40 -0400 (EDT)
Received: from phl-imap-15 ([10.202.2.104]) by phl-compute-06.internal (MEProxy); Tue, 02 Sep 2025 21:08:40 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:subject:subject:to:to; s=fm2; t=1756861720; x=1756948120; bh=SZ+ZL/P3701ZDyxnMo+v1sIIAR0oKdr2 bm0sXmrYUWI=; b=dJiE31bWeJrgsNGFezzMngXlVlBvolG1ws+PvEgft0KCqvQ+ JfS64bduCk1Z/oK7uxoCEVq8k/xsERyla1lKGWNv6lWCPYU6Ly9rPO7g404ardja EhJiU9HHQxmBMxfR7MH8hRkbDx35bjv3PeYxhOpjNp41/RpbRykh1UiZIKO52I9+ 0ht82wdbqqWJFiYWRifuTxniLyIlGW8V8CGbf7e7aOVjcB8PxVHFKUA1Rr0TWuky wkZYYhgyM8QSc6qL02Pf07l46dPdjCrUeGCbkyBp00LB8pg58NSvshlulT+rB1mM 8qSY4KKlIgi6pr3N3iZTLIAAYvkjQjy8yRUWUg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1756861720; x= 1756948120; bh=SZ+ZL/P3701ZDyxnMo+v1sIIAR0oKdr2bm0sXmrYUWI=; b=Y v2ZrIEj22AJWS3DV3vUq0exQ0ZAKZKonHdnS0pflol+WkHguNSHk/uqAz1cPrW/U Frz/zTDgHNtq/RF9GSb90sjgSDMTV6VJHYeeZI1GCib5YIaZ7gO7mU2rQSKITTYz MDz7S0ehV2ijkBCi5A7V0qZyPjTDEJQzsViSPInU3AS7e/H483J6MVNPYHKFDIQo 0iG6HvqDJ4Q2mb6PFM+Uzl4+DMKF7vjXyyr/HwZZdJbG5bFWshlcteaBBqvNc3Zx kkbMGoK3/ww4OWNpQ/cbkuZYyszq9FYTw2qVFKMrm8N5AiMa8IFlOY/YJRfi6VB4 O9fXNG4GBIKySSAy6qjOA==
X-ME-Sender: <xms:GJW3aMhERGuaKcUsKhuy-02redfAIyz5YfAvwQPrjUf_31S9omvopw> <xme:GJW3aFAVMyLBy0d9E1t0WynTentouJKQVLus58XySuGAffQI6w8grUQLMTv62JM_a Z2VgKsid59CfPeb-wc>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggddujeekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceurghi lhhouhhtmecufedttdenucenucfjughrpefoggffhffvvefkjghfufgtgfesthejredtre dttdenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghn thhrohhphidrnhgvtheqnecuggftrfgrthhtvghrnheptddvteejkeegleelleetkeejhf etiedvkefgueejvdevudffhedvfedtveegffdtnecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgvthdpnh gspghrtghpthhtohepgedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepjhhohhhn rdhmrghtthhsshhonhepgedtvghrihgtshhsohhnrdgtohhmsegumhgrrhgtrdhivghtfh drohhrghdprhgtphhtthhopehsshgthhhmihgvghepgedtghhoohhglhgvrdgtohhmsegu mhgrrhgtrdhivghtfhdrohhrghdprhgtphhtthhopehtihhmrdhhohhllhgvsggvvghkpe egtdguihhgihgtvghrthdrtghomhesughmrghrtgdrihgvthhfrdhorhhgpdhrtghpthht ohepthhlshesihgvthhfrdhorhhg
X-ME-Proxy: <xmx:GJW3aAhj42v4byg7g0XllLm_adwNYnHmCNHrrHINbJjF0EUcSTn0DQ> <xmx:GJW3aEjtPBnv5TiWpMMFAXzONOsWWyYO6-NFzWJtVQrqNCUX_p6d4Q> <xmx:GJW3aOjhIDD9vrZx_Zf9yinAqJtY9H7KqGBGKEwb8B3kzAcS98Lsyw> <xmx:GJW3aMJc7K9FCIyH3aIFaYDNp9o7OwtIdIcUdEfeLOd4r6ojrDv_5Q> <xmx:GJW3aNiRT8OEvdw7EyJdZWeq3r3o8h2p4jIP4YNTVmnVRlsikmqB0phz>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501) id 4590A780070; Tue, 2 Sep 2025 21:08:40 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
X-ThreadId: A7RYZpuZ5kPw
Date: Wed, 03 Sep 2025 11:08:20 +1000
From: Martin Thomson <mt@lowentropy.net>
To: Tim Hollebeek <tim.hollebeek=40digicert.com@dmarc.ietf.org>, Sophie Schmieg <sschmieg=40google.com@dmarc.ietf.org>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
Message-Id: <cae69874-d886-4906-bfd2-2bc267dedfd3@betaapp.fastmail.com>
In-Reply-To: <SN7PR14MB64926B236A62E8F565D862128306A@SN7PR14MB6492.namprd14.prod.outlook.com>
References: <CAEEbLAaJ6-hFTJQHMQ1qwWVWEFWp9hTXjZwQR4SDmRFFHbW=EA@mail.gmail.com> <20250829174621.213770.qmail@cr.yp.to> <GVXPR07MB9678CF53A08828BFB66A4600893AA@GVXPR07MB9678.eurprd07.prod.outlook.com> <CAEEbLAYm39hg6VA4Upbr6147syTdLzKiBFcKFRL8HqtCPsAT_w@mail.gmail.com> <SN7PR14MB64926B236A62E8F565D862128306A@SN7PR14MB6492.namprd14.prod.outlook.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-ID-Hash: 6RGBSQKBAJDATEVRIC6KJBI6W55BIJEX
X-Message-ID-Hash: 6RGBSQKBAJDATEVRIC6KJBI6W55BIJEX
X-MailFrom: mt@lowentropy.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Concerns about the current draft.
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2CAIvntCmmiQ7yJIgzsr4xzP7N8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
On Wed, Sep 3, 2025, at 03:12, Tim Hollebeek wrote: > In particular, X-ECB is horribly broken and these days probably should > not be used by anyone, ever. That advice is already a decade old or > more, at this point. Total distraction, but RFC 9001 uses ECB. Defensibly so, I believe. Though perhaps you might consider the use as part of a more advanced mode, HN-1. Now for the tongue-in-cheek version: Absolute statements are always wrong.
- [TLS] Re: [EXT] Re: Concerns about the current dr… D. J. Bernstein
- [TLS] Concerns about the current draft. ma bing
- [TLS] Re: Concerns about the current draft. Eric Rescorla
- [TLS] Re: Concerns about the current draft. Bas Westerbaan
- [TLS] Re: Concerns about the current draft. D. J. Bernstein
- [TLS] Re: [EXT] Re: Concerns about the current dr… D. J. Bernstein
- [TLS] Re: [EXT] Re: Concerns about the current dr… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: Concerns about the current draft. Robert Relyea
- [TLS] Re: Concerns about the current draft. Sophie Schmieg
- [TLS] Re: Concerns about the current draft. tirumal reddy
- [TLS] Re: [EXT] Re: Concerns about the current dr… John Mattsson
- [TLS] Re: [EXT] Re: Concerns about the current dr… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: Concerns about the current draft. John Mattsson
- [TLS] Re: Concerns about the current draft. Sophie Schmieg
- [TLS] Re: Concerns about the current draft. Tim Hollebeek
- [TLS] Re: Concerns about the current draft. Martin Thomson
- [TLS] Re: Concerns about the current draft. David Benjamin
- [TLS] Re: Concerns about the current draft. John Mattsson