Re: [TLS] Recommended yes->no for max_fragment_length extension?

Sean Turner <sean@sn3rd.com> Thu, 15 February 2018 13:36 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 151AE12DA04 for <tls@ietfa.amsl.com>; Thu, 15 Feb 2018 05:36:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HOqnkOw5QQFz for <tls@ietfa.amsl.com>; Thu, 15 Feb 2018 05:36:01 -0800 (PST)
Received: from mail-qt0-x22f.google.com (mail-qt0-x22f.google.com [IPv6:2607:f8b0:400d:c0d::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25B5512420B for <tls@ietf.org>; Thu, 15 Feb 2018 05:36:01 -0800 (PST)
Received: by mail-qt0-x22f.google.com with SMTP id x27so11851473qtm.12 for <tls@ietf.org>; Thu, 15 Feb 2018 05:36:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=fci3puuE9dwNdUoKQYZ4vkQJw78XLCn4/iWzG3iLjAs=; b=aEfs7DLvU7tdUBU1zEqoyH0Bk4rUVYa9z5yyBjALlEAkpcBglAWxPr6ijpRBNeCsn0 wYQDb4KFh6vttdO6U4SilSPrL1/INek9cW9CtxHWbUW3xpunia2F22Mk00VOJZiMjure ywrnNO1SOTfCe1FPrMd9OT8z4JVRti0q2rzXc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=fci3puuE9dwNdUoKQYZ4vkQJw78XLCn4/iWzG3iLjAs=; b=VEZUOTdZuxmTsEyomraOAt4plnZFHZUdl8sDTMydtSBbvzcKtyft92xXle+83Z9aG5 +9BHpG2TqVuwrByzgMu7x68uC+x3NFyxcjA1Or+qj+mmI4vGfkKPOWtglbnoy4E1fZZv /TVV58tfCky8V4tZS25uBrnZwerkaz3UNtGFAKjFqraoDVt0N7q4oYeoCcpHnJa1U9s5 zpAw63ZQJFD/OtchLbb2EOlXAskxG2iXpNXuLVDMd4K4t7Boq/j7qBN1xeqBRQn8oMd1 BXDOfQvKDdj0hbNfLUou1Gt9DD5lD4OzcLolequ9/W2Q8IC/N7Rzir9Ju/QGQyXXDyRF xKww==
X-Gm-Message-State: APf1xPDoJblKMnz7idUMR8eaxNQXw0B7+0En6igq85GzwIFT9nOKGvuj yfyRGDQAyOZDPxqDGCKeKgx69PQNQzo=
X-Google-Smtp-Source: AH8x226CTycCYMEXtk3pBysokuOWeaWOvsyTRuDOd02t2dlr7T2RwPHnbi7xousSOHvEQcuSXl0udA==
X-Received: by 10.200.36.37 with SMTP id c34mr4256802qtc.38.1518701759983; Thu, 15 Feb 2018 05:35:59 -0800 (PST)
Received: from [172.16.0.18] ([96.231.218.194]) by smtp.gmail.com with ESMTPSA id d127sm4056090qkg.11.2018.02.15.05.35.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Feb 2018 05:35:59 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Thu, 15 Feb 2018 08:35:58 -0500
References: <0BD40460-F194-4A2B-8E7C-4FD2D084111B@sn3rd.com>
To: "<tls@ietf.org>" <tls@ietf.org>, Martin Thomson <martin.thomson@gmail.com>
In-Reply-To: <0BD40460-F194-4A2B-8E7C-4FD2D084111B@sn3rd.com>
Message-Id: <BAC531D6-7747-47D0-AEBE-A6565C5A83A2@sn3rd.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3UWIy1niwXfim7nKjSmB3E7bS-Y>
Subject: Re: [TLS] Recommended yes->no for max_fragment_length extension?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Feb 2018 13:36:03 -0000

There were a few yeses and no nos.  I”m going to go ahead and declare this rough consensus, with the thought that if there are those who object there is still time during the IETF LC.

Martin - please spin a new version incorporating PR#14 to address this issue.

Once I see a new version I’ll push it towards Kathleen.

spt

> On Feb 7, 2018, at 15:33, Sean Turner <sean@sn3rd.com> wrote:
> 
> All,
> 
> Prior to pushing draft-ietf-tls-record-limit [0] to the IESG, the WG needs to confirm that draft-ietf-tls-record-limit should change max_fragment_length [1] from “Yes” in our soon to be created Recommended column (see [2]) to a “No”.  Please indicate by 2359 UTC on 14 Feb whether you are for or against this change; and if you are against please indicate why.
> 
> spt
> 
> [0] https://datatracker.ietf.org/doc/draft-ietf-tls-record-limit/
> [1] https://datatracker.ietf.org/doc/rfc6066/
> [2] https://datatracker.ietf.org/doc/draft-ietf-tls-iana-registry-updates/