From: Sean Turner <sean@sn3rd.com>
Message-Id: <27107E67-15B5-4B43-A62E-2BA043A92CEA@sn3rd.com>
Content-Type: multipart/signed;
	boundary="Apple-Mail=_3952424D-0B0E-40E1-B9C8-2E16F39B6F19";
	protocol="application/pgp-signature";
	micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.600.51.1.1\))
Date: Wed, 28 May 2025 10:00:06 -0400
In-Reply-To: 
 <174835599089.1711298.1085676501589117194@dt-datatracker-59b84fc74f-84jsl>
To: Deb Cooley <debcooley1@gmail.com>
References: 
 <174835599089.1711298.1085676501589117194@dt-datatracker-59b84fc74f-84jsl>
Message-ID-Hash: 52HNMMNMWZY4NBFRKYBXCE6MRLF53DWC
CC: The IESG <iesg@ietf.org>, draft-ietf-tls-rfc8447bis@ietf.org,
 TLS Chairs <tls-chairs@ietf.org>, TLS List <tls@ietf.org>
Precedence: list
Subject: =?utf-8?q?=5BTLS=5D_Re=3A_Deb_Cooley=27s_No_Objection_on_draft-ietf-tls-rfc8?=
 =?utf-8?q?447bis-12=3A_=28with_COMMENT=29?=
Archived-At: 
 <https://mailarchive.ietf.org/arch/msg/tls/325ryTBQHxLjbQT0ewfla1ShnGM>


--Apple-Mail=_3952424D-0B0E-40E1-B9C8-2E16F39B6F19
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_8B610E1F-4B39-4BDE-B84C-12B7B50C50E6"


--Apple-Mail=_8B610E1F-4B39-4BDE-B84C-12B7B50C50E6
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=utf-8



> On May 27, 2025, at 10:26, Deb Cooley via Datatracker =
<noreply@ietf.org> wrote:
>=20
> Deb Cooley has entered the following ballot position for
> draft-ietf-tls-rfc8447bis-12: No Objection
>=20
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut =
this
> introductory paragraph, however.)
>=20
>=20
> Please refer to =
https://www.ietf.org/about/groups/iesg/statements/handling-ballot-position=
s/=20
> for more information about how to handle DISCUSS and COMMENT =
positions.
>=20
>=20
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-tls-rfc8447bis/
>=20
>=20
>=20
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>=20
> Thanks to Ben Schwartz for their secdir review.
>=20
> Section 4:  Is there a note to be added to 'connection_id'?  (just =
looks a
> little weird to have notes for the other three)

So the comment was to have enough info to be able to track why it was =
(deprecated). The reference column already refers to RFC9146, which =
includes this:

Although the value 53 had been allocated by early allocation for a =
previous version of this document, it is incompatible with this =
document. Therefore, the early allocation has been deprecated in favor =
of this assignment.

So, I think it=E2=80=99s clear why it was deprecated.

> Section 9:  Why is 'none' recommended 'Y' (it seems like this should =
be D)?=20
> And what is the difference between 'none' and 'intrinsic=E2=80=99?

Not much, except that I think if you=E2=80=99re using ed25519 or ed448 =
you would use Intrinsic:

none meaning is:

The "none" value is provided for future extensibility, in case of a
signature algorithm which does not require hashing before signing.

Intrinsic meaning is:

For bits-on-the-wire compatibility with TLS 1.3, we define a new
dummy value in the "TLS HashAlgorithm" registry that we call
"Intrinsic" (value 8), meaning that hashing is intrinsic to the
signature algorithm.



--Apple-Mail=_8B610E1F-4B39-4BDE-B84C-12B7B50C50E6
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=utf-8

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; =
charset=3Dutf-8"></head><body style=3D"overflow-wrap: break-word; =
-webkit-nbsp-mode: space; line-break: after-white-space;"><br =
id=3D"lineBreakAtBeginningOfMessage"><div><br><blockquote =
type=3D"cite"><div>On May 27, 2025, at 10:26, Deb Cooley via Datatracker =
&lt;noreply@ietf.org&gt; wrote:</div><br =
class=3D"Apple-interchange-newline"><div><div>Deb Cooley has entered the =
following ballot position for<br>draft-ietf-tls-rfc8447bis-12: No =
Objection<br><br>When responding, please keep the subject line intact =
and reply to all<br>email addresses included in the To and CC lines. =
(Feel free to cut this<br>introductory paragraph, =
however.)<br><br><br>Please refer to =
https://www.ietf.org/about/groups/iesg/statements/handling-ballot-position=
s/ <br>for more information about how to handle DISCUSS and COMMENT =
positions.<br><br><br>The document, along with other ballot positions, =
can be found =
here:<br>https://datatracker.ietf.org/doc/draft-ietf-tls-rfc8447bis/<br><b=
r><br><br>----------------------------------------------------------------=
------<br>COMMENT:<br>----------------------------------------------------=
------------------<br><br>Thanks to Ben Schwartz for their secdir =
review.<br><br>Section 4: &nbsp;Is there a note to be added to =
'connection_id'? &nbsp;(just looks a<br>little weird to have notes for =
the other three)<br></div></div></blockquote><div><br></div><div>So the =
comment was to have enough info to be able to track why it was =
(deprecated). The reference column already refers to RFC9146, which =
includes this:</div><div><br></div><div><span style=3D"caret-color: =
rgb(34, 34, 34); color: rgb(34, 34, 34); background-color: rgb(255, 255, =
255);">Although the value 53 had been allocated by early allocation for =
a previous version of this document, it is incompatible with this =
document. Therefore, the early allocation has been deprecated in favor =
of this assignment.</span></div><div><br></div>So, I think it=E2=80=99s =
clear why it was deprecated.</div><div><br><blockquote =
type=3D"cite"><div><div>Section 9: &nbsp;Why is 'none' recommended 'Y' =
(it seems like this should be D)? <br>And what is the difference between =
'none' and 'intrinsic=E2=80=99?<br></div></div></blockquote><div><br></div=
>Not much, except that I think if you=E2=80=99re using ed25519 or ed448 =
you would use&nbsp;Intrinsic:</div><div><br></div><div>none meaning =
is:</div><div><br></div><div><pre class=3D"newpage" style=3D"margin-top: =
0px; margin-bottom: 0px; break-before: page;"><font face=3D"Helvetica">The=
 "none" value is provided for future extensibility, in case of a
signature algorithm which does not require hashing before =
signing.</font></pre><br></div><div>Intrinsic meaning =
is:</div><div><br></div><div><pre class=3D"newpage" style=3D"margin-top: =
0px; margin-bottom: 0px; break-before: page;"><font face=3D"Helvetica">For=
 bits-on-the-wire compatibility with TLS 1.3, we define a new
dummy value in the "TLS HashAlgorithm" registry that we call
"Intrinsic" (value 8), meaning that hashing is intrinsic to the
signature algorithm.</font></pre></div><br><div><br></div></body></html>=

--Apple-Mail=_8B610E1F-4B39-4BDE-B84C-12B7B50C50E6--

--Apple-Mail=_3952424D-0B0E-40E1-B9C8-2E16F39B6F19
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE5nRo/+BCFVtKzul3/mY1xyb/oi0FAmg3FuYACgkQ/mY1xyb/
oi3w6g/8DR8qF8VHyysRL8UIXuEFa/mbiK85eajjcZOyvIUgJ4g6+MbXObNSUcvi
WgKjHT/vCxdFn4BHA7YRv8SRPeQdlDjzICqkzwbAyTUh+Q2cDXuxpeCt9AHLkJXA
Ds1MVeo8UvQJbENmDBPu6U2Dp2LmcokY1e65szm9R8dcPLKP88UtQagu5k2gEbUU
WwigPNFxhAve+GiI9KF36Vkbeq09I0aooLml9AnMLskQGUH1bjNLG4ztj0bToHP0
X4qQfDh6wdlY+G/oLSOgxy5XXIX6QADEd2q86Bb1pj7yADCO5ukcLRB9c/pQzS6T
cwxz3xvvYVc0pdU8zOGZKc8p8TIhEyGT7c/rY13qkqy7TVcCJzjBbf0adbWQMZxD
66LC3LQentB4t31+GIZUMVHYy8Uw4HiBCFrLDE599p/Aecb2AG4vTiU5ebJrfVnz
H3c9fSglnMp+DAwsd/rgBJb8p1csWcyYCoGUNnKB7l66a1ePbPouvDBmK6tttEqm
V0SU0HWeCGbeO2x3kISOg/BRiPmhm2cuN7VPxB1YwPj4hx5iTOQtUqFVsXRlOJlo
VqhUb0V9TWCWLV5Fzjf7X9rFiem5b4emZ50ZQLpK1OI+CiFBg0LTG6GyBwl66SxY
TMgOysKChhEbLERNtOm+BXElralF1hIA04DknRClnhh+D1AYng4=
=496t
-----END PGP SIGNATURE-----

--Apple-Mail=_3952424D-0B0E-40E1-B9C8-2E16F39B6F19--