IETF Logo Mail Archive

[TLS] PR #624: Remove Supplemental Auth from TLS 1.3

Eric Rescorla <ekr@rtfm.com> Sat, 03 September 2016 19:54 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4833C12B006 for <tls@ietfa.amsl.com>; Sat, 3 Sep 2016 12:54:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.699
X-Spam-Level:
X-Spam-Status: No, score=-0.699 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TMjskz--E558 for <tls@ietfa.amsl.com>; Sat, 3 Sep 2016 12:54:41 -0700 (PDT)
Received: from mail-yw0-x236.google.com (mail-yw0-x236.google.com [IPv6:2607:f8b0:4002:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB8DA128E18 for <tls@ietf.org>; Sat, 3 Sep 2016 12:54:41 -0700 (PDT)
Received: by mail-yw0-x236.google.com with SMTP id g192so29972281ywh.1 for <tls@ietf.org>; Sat, 03 Sep 2016 12:54:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=L2V9HF8fPUDhglFCpgLKHhLpPQ3l/wySQwwKV1Ocatw=; b=ub8x5HgWiyiS24IGh3fitfBPk+TLX5qwJQjcleKFsM/oOPSlGtn+NIR41fcW+8FcZC UD25A/kTnr6Le6P7pWuY3ORElUnhYjIVOrdxQ0CnJQif2dZy08Xsf/r4m+opxHZ8F7hj Nh3823zRcdOb6+W12XobSHyOUnjizoyPGnt42iI1wcDcivriuqU0jRKd0lPDbl7tKWY9 +WL0CGU09PyVz8ILaRRT5WJFcFsK4xgOhThrUXKo3asFHUxmFUxnVubnbJMtKUUa3gN8 /eKQg2Fc6F2fhAMFtlbUkyJoQftGZ+aMnYIC+HazOj3kTaHpOMiT64/65uIZDkocpOho GS8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=L2V9HF8fPUDhglFCpgLKHhLpPQ3l/wySQwwKV1Ocatw=; b=N2tnSvcu+tUMySWjopgjSmQ5Zh0YiXdrqxeTCkATxW1cZ3nvQDG+EeYBbZnEZgj8iY /6nmXYHEwseMLaa6tB81Nj3VOwp8v0EQVNY+DEJNSvCXJ30/LGQ8A8MqfFzcjfz43+eE aRh0y6OCffyfZTXQHcsKKWy3OLRZyiuX3sPyjieHDcl9jeFSrDlbJK0HrBZMyecvIxsh 4/8QZMlaDTbnrBFhNIWXKd3t0ysK3sAYmEugWpL4i7KwJQAl0bRbQ3ki7yk1p/mLTv5b ipMaYzVDgfqQPygh2ye3bFC6psgI3z/NdqK91gPm+eHeXvoJqHjZgspwOLysHcNgIfLw ODGQ==
X-Gm-Message-State: AE9vXwOFGOKAO/mbgcDL751/if8BpQFKhBS50UK4aXY7hU+sgcDkLjGLtz5SZmqwMSSUs6TAMnPoeTdw0Gn6yw==
X-Received: by 10.129.92.215 with SMTP id q206mr24025760ywb.8.1472932480732; Sat, 03 Sep 2016 12:54:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.48.193 with HTTP; Sat, 3 Sep 2016 12:54:00 -0700 (PDT)
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 03 Sep 2016 12:54:00 -0700
Message-ID: <CABcZeBOfbb+p-BvqRhDJgVQLj_nSk-_Wud6sUnfWgA-QLYMhGg@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a114d85ce4b0335053b9fd1fe"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3Ytv0luq8ow_6t9EC79Ks6-mzts>
Subject: [TLS] PR #624: Remove Supplemental Auth from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Sep 2016 19:54:43 -0000

https://github.com/tlswg/tls13-spec/pull/624

We currently have code points assigned for

 user_mapping [RFC4681]
 client_authz [RFC5878]
 server_authz [RFC5878]

These aren't well-specified for use in TLS 1.3 and my sense is that they
are barely used. Any objections to just banning them? If not, I'll merge
this
PR end of next week.

-Ekr

v2.23.0 | Report a Bug | By Email