IETF Logo Mail Archive

[TLS] Re: 2nd Working Group Last Call for The SSLKEYLOGFILE Format for TLS

David Benjamin <davidben@chromium.org> Fri, 07 February 2025 18:20 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AD51C151985 for <tls@ietfa.amsl.com>; Fri, 7 Feb 2025 10:20:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.403
X-Spam-Level:
X-Spam-Status: No, score=-9.403 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zAGywDEAvWYc for <tls@ietfa.amsl.com>; Fri, 7 Feb 2025 10:20:47 -0800 (PST)
Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70457C151539 for <tls@ietf.org>; Fri, 7 Feb 2025 10:20:47 -0800 (PST)
Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-ab795ebaa02so69940366b.1 for <tls@ietf.org>; Fri, 07 Feb 2025 10:20:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1738952446; x=1739557246; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Ym9jOT/QnHPz2Bx0fmYBvT/CdHK1AeQDiSz3qBZ1g/g=; b=VW3poPrRcelm11WRVbVwpRRLCgB2G+7UQb9HapAWUHs1PAtsy3d1QUxivBSLfpGVEv IXox6EoBn4ldkkgSy1z0Bj8AnhIhs4RudNKMhc3yrrbpI75zKBuHs7rwgaEdH0I2gnbZ 8IENWtLWLVtOtY2QecgqrcQxhTGuX4+AiOSfA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738952446; x=1739557246; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Ym9jOT/QnHPz2Bx0fmYBvT/CdHK1AeQDiSz3qBZ1g/g=; b=n30oCQhapKkcs1hZEGX7IRKESnti6077vITC1X25SQ2nlpDzcedZbmECExyCevOF/u Ufwt3VHUGl9/a0ZkUESn7s5PZICdtOzLd/JqkJqePh7CdOuzHVRI+mSTwqF7qa8t4Dwh RvjxqFmwRwrJgiFdssrMSHN359LNTHu5hnpX/nr+JDTcIvjG1LUbLNQq+di1T0dTNTcu aSFtEhOiu9NuRUfHxyM3DA6H16v1sHaNje87SZK+Cm0OJ4jXDKK06fgzV83dP3kCdAze 4HBShP+Tk2+UV++9XvgLq+Ae5wBU8isLkusab/uPUdOTuT8OaDNHmAAaKF/MIOUTSK3E x5tQ==
X-Forwarded-Encrypted: i=1; AJvYcCVtwimpE6oDXLAXf/9I6RKqBaxTyfyQb9s2TPtQ8z3mWTcumD2GwkSMSSgFUCCJYgQSSns=@ietf.org
X-Gm-Message-State: AOJu0Yww7cv10YOXlTiRk8LpnRSS2pwNS6Ru0yvBD3FRBXHFFXn65bjV NcQPvBSSk5mPInIYOomza30FtW9jBvCpbirRTe4zSRqZgUN2VtJ0cM0wA56eDpZda01lQuUfA58 0b8tuRVYNA454hLXq0Na0YxYcQOVD+V846f8=
X-Gm-Gg: ASbGnctb+a3WBPNfG6Ia+j1MNzBYEkV0ocVX4D73VL8rrVK6zfB4eD53RBOS/fgW+Ug fD/EVAibIHQ+nLLfDDCiDIqtc8OWwX9rCJQqMFBL0dKPoLxTXDmTrJkdzNSV37YMCvMZB2p0=
X-Google-Smtp-Source: AGHT+IHwBL5vPmj/HoWLInBnzDcVRBDovwZw6ig6R8nRYbJYSqr3rOkNArWou13YZPq9kUuFOwTuHgjhR6n17RpJisQ=
X-Received: by 2002:a17:907:c12:b0:ab6:ed9e:9739 with SMTP id a640c23a62f3a-ab789c4864emr455926366b.42.1738952444242; Fri, 07 Feb 2025 10:20:44 -0800 (PST)
MIME-Version: 1.0
References: <834F10E3-187A-46BA-992F-3FB9C9658965@sn3rd.com> <A923C84D-C19C-42F9-8A01-975A891C47F5@akamai.com>
In-Reply-To: <A923C84D-C19C-42F9-8A01-975A891C47F5@akamai.com>
From: David Benjamin <davidben@chromium.org>
Date: Fri, 07 Feb 2025 13:20:32 -0500
X-Gm-Features: AWEUYZlzfusVwPGlMmMoNg1d808e5R1FxRmd1vy_SQu4NbwmhuS0ABhpO84HyRA
Message-ID: <CAF8qwaDz1GitWFfxdf2QyaWejgx45crHqAdMiTn6Knj9t4CmDw@mail.gmail.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b91c92062d916af9"
Message-ID-Hash: ABOSKB2GK44BW2JABBW67EBAVG7JRAX2
X-Message-ID-Hash: ABOSKB2GK44BW2JABBW67EBAVG7JRAX2
X-MailFrom: davidben@google.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: 2nd Working Group Last Call for The SSLKEYLOGFILE Format for TLS
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4c59e3T-rwpuPparWoegQKujYEI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Changing it would be incompatible, but at a glance it looks like
EARLY_EXPORTER_MASTER_SECRET is the only label that would be impacted? We
definitely should not rename that to ...MAIN... because that's not the new
name. It's simply EARLY_EXPORTER_SECRET.

As for the right name, maybe we can still rename it? Does anyone even use
early exporters at all? I vaguely remember it being added for some QUIC or
tokbind thing that ultimately never actually materialized. BoringSSL
doesn't currently implement early exporters, so renaming it would not have
compatibility implications on our end.

(Actually it's kind of odd that one uses the old terminology but
EXPORTER_SECRET uses the new one. How'd we end up there?)


On Fri, Feb 7, 2025, 11:23 Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org>
wrote:

> I read the draft.  Looks good.  Nice to see the word "octothorpe" instead
> of pound sign, even if the document left of the last letter "e"
>
> More seriously, should the draft allow the "new" terminology proposed in
> 8446bis (e.g., MAIN instead of MASTER etc)?
>
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>

v2.29.0 | Report a Bug | By Email | System Status