[TLS] Re: Deb Cooley's No Objection on draft-ietf-tls-rfc8447bis-12: (with COMMENT)
Sean Turner <sean@sn3rd.com> Wed, 28 May 2025 14:00 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E52C92DD65E3 for <tls@mail2.ietf.org>; Wed, 28 May 2025 07:00:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n1YOGVc6JvaL for <tls@mail2.ietf.org>; Wed, 28 May 2025 07:00:49 -0700 (PDT)
Received: from mail-qk1-x729.google.com (mail-qk1-x729.google.com [IPv6:2607:f8b0:4864:20::729]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 7B40E2DD65D9 for <tls@ietf.org>; Wed, 28 May 2025 07:00:49 -0700 (PDT)
Received: by mail-qk1-x729.google.com with SMTP id af79cd13be357-7c56a3def84so414070285a.0 for <tls@ietf.org>; Wed, 28 May 2025 07:00:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1748440849; x=1749045649; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=5+EIQPjiyQ8Kv+H6x8Ut/KF+WgzJESJePu/gNYePD9A=; b=GxLCuCUXiFVog9YB6Xyy4JK2oZq0dIPnkrhGzMTJVluH3I0WisOqYzbM7H52HEQh5J PBX8/82xkvo5+PLBC9jYQ54+a/q0ouMMag6WXVdNsNCpdGwAoKLGbqdZG0a6LvfjewGv +zSVAf+wa313w/PtLjNeOlawGl9P7y6brg63E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748440849; x=1749045649; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=5+EIQPjiyQ8Kv+H6x8Ut/KF+WgzJESJePu/gNYePD9A=; b=VAOEEEYOPbMpzMVcaC2hVIYa6ECtGUzm+c+LpV3DWbfAR6zo9NCFNwPvEN3U3izxvn 1/BTn009njP5NVYOt9kahkROhun62qHthz9sq15dOuA937rhnaTsfr8W7dFYRAdf/hmn c39Mzk1t6nomybrUZr8+EJaPdq+y0C7WoAFTlhwiqlVjrZhTMp+jurfxuyqjZJeqd0fZ gxKZCXbyUIGXaFUADrms+8/z4d4d3/t5RtTsL2dO7iAVlodcTmrHSm93JdcGJntVUChh ME74zwDpJEeKPa9l+s03P8wprLyBX5vJmFappYkgDMB5e1YELuxyP+UZaSKX6G+mvnZj giZA==
X-Forwarded-Encrypted: i=1; AJvYcCWJkj9aSnWFrr1atTF/Mi5Fr2CxfIKoow5paPpLVE+wwkkmA+DV8LGHzGamdzmBYTSxHMo=@ietf.org
X-Gm-Message-State: AOJu0YwOJ5vlfHDwvsq5nvydqx0B3bSiwaYHuUDkZMK5oCQI+JFgbjch J9P105uk2O/i5X8AnwmufY8hR3ejqXCqqbqzKIen3qNqaGk50xM/EUclQWeOSR2mQ5yThv5UuVC yq7Tb
X-Gm-Gg: ASbGnct0Y6gYB5ynvqz/D+klSjVRLIuxixmVsHlZD38Awhwq2Mi+mynqI6yr0it/FTF T0/Hrg/R9cD70ISyeEQrq024UU/UUg2mXe3v8mRyioN9kea24XGpBji1fJK45k2OrgHGGSHQaiE iZGzBstSOHWqHF1VxhqVZ+6CuUmZNwqVFSnWcEhno+w16+P531nfhlQAIf1vkmmQ0C6w+2IuVQZ iutUFQYxCY8z0z7JN6KVjxT15vOrp3lvxd7eIKDRLJMZprLwFDdOEVoBmCkkZlkKe5rjrDqtcfe 0fHzb8s8aKEQSgvzyk9DFRjeighJUMTkDUxrOh7wYDP44/pQm0XJL18wCbbcS2ZLpcQ2bvJetgi RFQ==
X-Google-Smtp-Source: AGHT+IFKgiEGwPigNT2LoZpc+arZu+/BjqIhBIY3HERgbro6MkdTdwZpXuhdYropf3QJ4bxWBji+EQ==
X-Received: by 2002:a05:622a:514b:b0:476:9847:7c73 with SMTP id d75a77b69052e-49f4703a2b8mr273478561cf.26.1748440828248; Wed, 28 May 2025 07:00:28 -0700 (PDT)
Received: from smtpclient.apple ([2600:4040:252a:8d00:f152:982f:2d39:df74]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-4a3c80f3097sm6208001cf.78.2025.05.28.07.00.26 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 28 May 2025 07:00:27 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Message-Id: <27107E67-15B5-4B43-A62E-2BA043A92CEA@sn3rd.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_3952424D-0B0E-40E1-B9C8-2E16F39B6F19"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.600.51.1.1\))
Date: Wed, 28 May 2025 10:00:06 -0400
In-Reply-To: <174835599089.1711298.1085676501589117194@dt-datatracker-59b84fc74f-84jsl>
To: Deb Cooley <debcooley1@gmail.com>
References: <174835599089.1711298.1085676501589117194@dt-datatracker-59b84fc74f-84jsl>
X-Mailer: Apple Mail (2.3826.600.51.1.1)
Message-ID-Hash: 52HNMMNMWZY4NBFRKYBXCE6MRLF53DWC
X-Message-ID-Hash: 52HNMMNMWZY4NBFRKYBXCE6MRLF53DWC
X-MailFrom: sean@sn3rd.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-tls-rfc8447bis@ietf.org, TLS Chairs <tls-chairs@ietf.org>, TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Deb Cooley's No Objection on draft-ietf-tls-rfc8447bis-12: (with COMMENT)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/325ryTBQHxLjbQT0ewfla1ShnGM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
> On May 27, 2025, at 10:26, Deb Cooley via Datatracker <noreply@ietf.org> wrote: > > Deb Cooley has entered the following ballot position for > draft-ietf-tls-rfc8447bis-12: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-tls-rfc8447bis/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks to Ben Schwartz for their secdir review. > > Section 4: Is there a note to be added to 'connection_id'? (just looks a > little weird to have notes for the other three) So the comment was to have enough info to be able to track why it was (deprecated). The reference column already refers to RFC9146, which includes this: Although the value 53 had been allocated by early allocation for a previous version of this document, it is incompatible with this document. Therefore, the early allocation has been deprecated in favor of this assignment. So, I think it’s clear why it was deprecated. > Section 9: Why is 'none' recommended 'Y' (it seems like this should be D)? > And what is the difference between 'none' and 'intrinsic’? Not much, except that I think if you’re using ed25519 or ed448 you would use Intrinsic: none meaning is: The "none" value is provided for future extensibility, in case of a signature algorithm which does not require hashing before signing. Intrinsic meaning is: For bits-on-the-wire compatibility with TLS 1.3, we define a new dummy value in the "TLS HashAlgorithm" registry that we call "Intrinsic" (value 8), meaning that hashing is intrinsic to the signature algorithm.
- [TLS] Deb Cooley's No Objection on draft-ietf-tls… Deb Cooley via Datatracker
- [TLS] Re: Deb Cooley's No Objection on draft-ietf… Sean Turner
- [TLS] Re: Deb Cooley's No Objection on draft-ietf… Deb Cooley
- [TLS] Re: Deb Cooley's No Objection on draft-ietf… Sean Turner