Re: [TLS] Use-case for non-AEAD ciphers in network monitoring

Darin Pettis <> Mon, 17 May 2021 21:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5E0A53A44EE for <>; Mon, 17 May 2021 14:04:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id biqGDp_8emaB for <>; Mon, 17 May 2021 14:04:39 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::532]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C55523A44E7 for <>; Mon, 17 May 2021 14:04:38 -0700 (PDT)
Received: by with SMTP id w12so807528edx.1 for <>; Mon, 17 May 2021 14:04:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vxKV0thx1lTFDUeOCM/fQzc0pReecyFMcWacFoFbGbY=; b=uPKMuCPDOctOOR3joXtpp0eVmkpYQLTfryd193FnsMW4XxCHBGdkP38IDQ4xPRx8X/ WVbIwNyHr533xksClCv/qzrh5ZkOTNJ+rF7IEMx+LE6ARShK0mQMMX8Yy+S6zhCmulEG oLwYkRZKtrgOZqHojJdXrFYnGZusSAHGfHBpitC9YyKO+5NHBPWXEok6pNXW8rjuSKT/ zj+oUmPFYrO+Xid0r3tjVppCfGwrUQlkFO9wer0F2CT5005kLtkKWk8qkMSs5RrNlqwn NlJixNmxA89isNs1wdd/Ira8Re1t6x/3loAD9290GYcpiTpTxHKTrjnq3Ao/Yezp9lFz g4pQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vxKV0thx1lTFDUeOCM/fQzc0pReecyFMcWacFoFbGbY=; b=j0LU55CJYqArqcTVNgszL87/Ox8Z6pqXAT9IORn12d4R3R8bxExKkkw6J/cKyJJg7j tKiI9/hejr6PFevAI3H9semtjXtJPwN0rlBlnNGzZClh+UBeHAMIimvNoTWr5prrBoM0 dBtHw3/baxO8UjqJl8w+knU4/W7MP2ua7qsMufRV4Lc6QHAIaWpcGy7iHdHg/ggbI74N MPY0K+42hyt5KMGmsE4eh6yuzk9whSnDZ3FJtcPD4nHCt/oxDJe+Nu9OZ4hQi3trBmFG 9//qCHDV6nIO/ZIUXdAPnmAGsP+RpzZA067AnhOtTmdL6KkiIJO8kDCMbS1NsRcXgG/t ckHA==
X-Gm-Message-State: AOAM533U3sMec00TvUi8xZb+4NxW3iFRlIMI/0X6cvW/xftdVeTHPY8A 0BS+KLChhdvhN7DecoH5X4P7BjElixMj/vxw5UI=
X-Google-Smtp-Source: ABdhPJy2yxIgWAma+mtbB1G0vPW2GXcLWYcsCa12K7wWrLnrLgkdKkavhrJxQ8PFxzVgxRBNEnUuTRLhjgFI4RuAQXE=
X-Received: by 2002:a50:a446:: with SMTP id v6mr2405676edb.254.1621285476654; Mon, 17 May 2021 14:04:36 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <>
In-Reply-To: <>
From: Darin Pettis <>
Date: Mon, 17 May 2021 16:04:26 -0500
Message-ID: <>
To: Stephen Farrell <>
Cc: Eric Rescorla <>,
Content-Type: multipart/alternative; boundary="000000000000ea609f05c28cf07f"
Archived-At: <>
Subject: Re: [TLS] Use-case for non-AEAD ciphers in network monitoring
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 17 May 2021 21:04:44 -0000

Hi Stephen,
Thanks for the quick reply as I know it is getting late in Ireland.

I’m sure you do remember the conversation as you spent a lot of time at the
microphone around it.  :-)

It is certainly not an easy question to answer but this group comprises the
smartest people that I know!!  Surely someone must be up for the challenge
as fully half of the people in that London hall voiced the need for it.
Furthermore, when the day comes that TLS 1.2 can’t be used anymore, for
whatever the reason, this need is going to come racing down the tracks…

So, while everyone is breathing easy right now, it would be great to
address the need proactively.


On Mon, May 17, 2021 at 3:48 PM Stephen Farrell <>

> Hiya,
> On 17/05/2021 21:33, Darin Pettis wrote:
> > TLS 1.3 did a great job regarding safety of data on the Internet. For the
> > next version, let’s focus on how to best meet this used case
> I think we had this discussion a few years ago. There is
> no sensible boundary at which TLS can apply different
> cryptographic treatment.
> There were also many many other points raised at that
> time that I don't think we'll benefit from repeating.
> Cheers,
> S.