[TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG Extension file for ECH
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 03 August 2024 21:32 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AF88C14F5F4 for <tls@ietfa.amsl.com>; Sat, 3 Aug 2024 14:32:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.008
X-Spam-Level:
X-Spam-Status: No, score=-2.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oTQRBo0j4Cme for <tls@ietfa.amsl.com>; Sat, 3 Aug 2024 14:32:20 -0700 (PDT)
Received: from DUZPR83CU001.outbound.protection.outlook.com (mail-northeuropeazon11023101.outbound.protection.outlook.com [52.101.67.101]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C22D2C14F5F5 for <tls@ietf.org>; Sat, 3 Aug 2024 14:32:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=atAKyKKlfhdwwxBbj5PEg6hu/zfQ/ERZicY6eUdu2ft46Tt8fRNlEoZi4hN4zynVCKMn/V9YJYT+OkyEOt5gqmy1bos2MVgWszE2n9JtWNFc2yGiD9gTzxz8alcZP2Xl/ydXhDi7nafREkh9cxyXq6bh8oo/QIGd55T93ZASqbLEyyOM2wjTz3Hx5axxG3Dz7NpY4v5qAXCvmHSqvFnL+t0WlnmTBYI9VoB4KfJ7LC9+ky2ffCYUQeIHoN43k8UCHbEB3JCnD5u4h21gIxsroyBY/Hl2KKq8WDTS0bATo/TbOEx89JIvjtYrUix58UGS5myldtaaZK4wXtnQevfTYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eme3KyOZlTTmK1gayWOPuZlEp3yzmp6GT75ZdXA4KpA=; b=l8lrva+driGUIZsP+r+71whFMnFY8QFVAlJ6pbTDA51XiKx7gP4sRCKOznm83mE06+DZxJk3BsoZhJJRnau7UNH6QbOQAEj4IKu/CLOgUE/AIIefI657uews0XCJodXuJzONCRxA/AKmAF5SuFPhRlqs8bZfBlmGeCVWmPQHbpUP1snrwyv5TwjSvT+krKmkUM/eQEfmynpVSTUt3BGH9C86LqOQU3rsOdT5PsUHUb6ATXoDNaG9cM6vkybUA1sy0Z2n06P401Gk015enkZqnxZPISxH9X51nnkFFNxSgdpCsMsO6WihYl1XRP9M+UwScTri4SIxlCEHy5o7DKAZuQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eme3KyOZlTTmK1gayWOPuZlEp3yzmp6GT75ZdXA4KpA=; b=UGserbs2axIPThZmiTTR1UEBSM0iF4HEQafbDYSQXcmNdMXeXUHWGrjLyOouW6oEacyRVN1OQzzNlLI9ZAt5S3x9szMjJ9XtnMK4XWrSyc3oEUK166Rslf3tgIroMvVI11FT4TNGlTZBRBYIbpvBbBB5JkXQnN1HDbP29o/Yu6/giOnoQY9U0ONHmE09Hz4YqTr24NVGPox5xoi5yx7lkfwMJ8MBXyu3IcY6yGwy3A/Dbfxyyj9YlEwGiBDfMxgUezrVzBCx1ny8pJjhK80PHyTIRBOqhwKrKVUEZO39ZsJRsTpDn3PdxGw6LpeNZ2RiL6VWdNbp8yYvuNp1Or/EaA==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by AS4PR02MB8261.eurprd02.prod.outlook.com (2603:10a6:20b:504::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7828.24; Sat, 3 Aug 2024 21:32:15 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%6]) with mapi id 15.20.7828.023; Sat, 3 Aug 2024 21:32:15 +0000
Message-ID: <01da7309-45c4-4457-8ac4-b46f829db881@cs.tcd.ie>
Date: Sat, 03 Aug 2024 22:32:13 +0100
User-Agent: Mozilla Thunderbird
To: Eric Rescorla <ekr@rtfm.com>, Tim Bray <tbray@textuality.com>
References: <7CC88431-A71A-455B-A7A7-BA4AD3C8502C@sn3rd.com> <MN0PR21MB3147C2C3EE7B9115F339ADDE8CAB2@MN0PR21MB3147.namprd21.prod.outlook.com> <029901dae5c3$437addc0$ca709940$@gmx.net> <CAHBU6isbShx6XJLtUC1U+kPwABBTmGEueG2JhaEtVCgG7OdCbg@mail.gmail.com> <CABcZeBPUG0N0rZZ1ZCs2jzXxMiEP37R+reFQQj3PJkBwXSRSyQ@mail.gmail.com>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <CABcZeBPUG0N0rZZ1ZCs2jzXxMiEP37R+reFQQj3PJkBwXSRSyQ@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------fBAFsss3so2A3UC4l3dPaiXm"
X-ClientProxiedBy: LO4P123CA0281.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:195::16) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|AS4PR02MB8261:EE_
X-MS-Office365-Filtering-Correlation-Id: 59825c34-59a3-4800-7f5a-08dcb403be48
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014;
X-Microsoft-Antispam-Message-Info: VAiLffToyZsdfb4ZqfL4CnKGQVC0Vgif67WkBVwxM+JztN+1YyKFijvYratIl0JctEiJZ69a6+nzNTWFkY0AGYXhFvAcy1vGI4P7sbr1lpSMf9L1R8LjqQoFDS4O7pf3jelhU1xG0+awSYVjdxAId5/rHGsLdONThzJONNMuHICAF5hP6PigApoCqdMph6kcwi9/d2diiVHpgV3bbEK49CrhWnQgSqJxILDaA5hLMxeBphVJjOEhTvWrSUMBYqKt2/l/i4iy+Hy6licrPLCYYkP4d5i3kdwcnPImjIzX2Jf27sY7vACk26e5ZtYJblH5uqSxoXZprXcVuaq7P80hc7kZLxDsczUyyAEPwL8tTGnIF+TyZURu4oo079sa9WTTHIOJwckmP7j3YPbjNlU64lLRAmYZFwAon9VCvdX0VzDJwMzcZElNR0Xm32T7CZzPZ06ucfyYYSfHVgoDOlakOip7u8s8wlHkllHl0QhmHpFkb4QU5NIe9yzOjg48KwgTtK3h1DpHbfH9uhzBV2byzNMw2bN/XxjPQcf2G1eDcS4dGbhmQ9SozLl9cv2tp45yKnaS0fIh9j/XikxNDGp4HEdFOXCKlKJjCW/zMUT6Of+x9b8AtD1/hgUOcDxP9RQn3ciwcM6LQFEVTDclCaIGnaxapeIUn6qlVrQ+GMV30CQ9dGAdxHjT0nyIhydwPJE8IuIh3PjXIvc9Zwc3aZa2rvc49k5JkEUH5ScymiMZiJJMdb7l4WH1BHU8PM3BeEB/JpwOoT5R+10p/x+sLrflpKt3crgBXzne/TuUgnM0xWPTCZovGnqMNU7xwi1mmNyeOyBNq5fR86yaEQ/SnHtCnYniLlCDR6xYJn7IrmJyMzuBC7qVm9DMMSFU+ZCFBKcD0D8RhUyCI0cHUkgD9xD/rBwgSgEt9pQrU+K81hJIIndUZSoqm3Cd8iErTA7CdN51yiqH6GNnnhn9+hrNrlrfS79Qg5KOecZDQfqMjzrc6soSPzJZ0IVEf6PetTFEQQ5FHLuR5zaPKjFJhcSO6GhkGiaqjiyJvOdihVsu16dFh0pHHMt+5dEWUSD+Va2ECistAmI5TspVbyAQef8dXnzz/oThlum6eRGT1QPjm/aIlvyr4BI0TXZkcybccU/vP6Vp94WVv+LzSP2xJhdgYnAy/Ni8a5Z7n4JAzPiKBY3KVoqRHiRj8uFTzkeyhunbpbSt7o+TbwO3kERu54rRSrFNcJ4Va+K5THoXUeZwlBjD25wiO9eqUUgrbzzNREeAiCmY6GGh7ZfMxOOjLfbPnMEgsKnipm0IUh5dExHM7uidSOf/9z+C6lfgrmTuXNoSYeQ3z/TVHlBqTuo2fPICEgJMoA==
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: zDg/6ix+hjNO6Y/x52/XWT9dL7blz5XwyVwMHJWwzARiE9yhxGXyx6yP1erbsjqFupZPlpy2m/lz+TRffrxCJcc70MoU9y0I+aVDaTpjeJR5WfY3KpVaNi6VL/S82AB8z2MO+WeiPjc9axcP7M0JE/bwkRg5uWTMvK3tETCcRrawp4Jg02/RH8Pk0pFMSeLolU90xWrZJeGNEkFdIDekx9B8QlM9/gVjoG4dA2nXW3xc274dVjOaMKAHIbpX6uD8BHjgjoCnJnG35PboJNN7t6SEI8PpuDl7fRPtelzPUKBJDuJgA4+O/Kf4YNI0bDh8cOAlHdeRD6Hljy+IZuKXIxZDi8c3alJCDUtIi4N/mUNVEOlD2ey7VdMZZcscMi+uDL0Gji+Rdyj4wvyhhzqbOG3RSyQRF2Xa9XoMX4bYUltRbPZ56+a7RIcEd9tWBIriiSjQhVUNf9pKIuvbJdjrTrHBGVgfwY2kYp5g8YEvN2teNy8watuBpHwGvLSviDLcR6FNh3ZjY1CQmVfn7bFM7ShwgBGHiyvpJ4kCEo2eBXW0L9MPlkBy+z1M9UAshKh1QS5vsOIZ+vIBIsZOczoVBa75KeM44dKJFfRvOeMud7dbCsiyXkHE8g56gAx3nQm3ie0z7X4w6Jcb/V13If3hsS+WBBrCnvPj7owd1Z6aDU0WIIYPgqZIN8HQjgLzJAeyYctJKr2VxeWeH8CsxisSQvfsTZReh91ZLFZ0k3EN1OPdaIgIIkU1DIihHvwszKAWoaK80UI+tG+Y33W3uoAiOiLDN1bKNYv0GT03SQ3nBEkYPPJEy62OvdKjNF65UDtFhylN57gQ7lf9O1lrOHl+B+gt2v3p2tSyTSN4j8Id5v4y99vswf21Y39csXmBjjsob3e59C+uVO2sp0QoG/5GoorvQUNh9FR/FJUDXtRlcqfgO/G0PQwBGCvYcauPc48FtNVBwHatNFF3DO+KcRtmVosn5Hyv4LunmdAs6pLoaobl+hmVsbt4cpDYhpFsVjuWopIKZqDs5LgMD1uXBYy/C2mHyiRWLkImNOGWMFRQcrW8So9i8o1hBxKbDv9rTwvWxIPH4W2mz0Hme3A3RDgtRmHMHbpoLjVpcR7dpT4FnEycU+6yuMMLbJnNBPQjNwZcuhQYeSsdgjsoJX6dFUEsO3kkc5Il3QsWF1sD23nTWPYPvn0vlCkkPGa0meWJDMAiKaHeLuiAvG8oA/Pl+1mJT/av41jWfB4hw0q30BvcCpRH/k2xuanKkaC3DXQ6E+fzUbLYvfZs+aLcg9VA0Ray4xbfGcDhpeon2OO8DHB+rkBmUxBaOQUAxbUS1OUUtr/lDrK6UgmZ2skVwgxJqXQmHdUbeXBVYZ8fVs7nyMop79DUA3EicKltIYQ6tFQss121JkDfuc6+23GjMq/PK+ADyUG7l9W0cmTSsjapgLKyFK1nqO0O8p0aQB08lakHqW9CTu9R5lRmG5Yrrv0YPtpXuOwTv3Hg5C6OnEDgQK2yqN80Rr6WF/2CrnN7xM7oJd2JFgxyd0FlONPwf306mTmK7q7EwWQZu+IXRnNl2sx48AGCXF7yQYpkGZUfllFl0KlkniJF+cL3G+ReZbB1C63YUXIeU6rZFLMcyd2cmcm7ZbwtaudWzHTTHd9iwmLROVkC
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 59825c34-59a3-4800-7f5a-08dcb403be48
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Aug 2024 21:32:15.5461 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: upB22yomGuQvv4ogzgThIt5EcSTCwUxHUPODASG675I5+raIVoajHAUhnXxOe1IH
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR02MB8261
Message-ID-Hash: UBRE3TPFUILW6DBQBC7UUKER7EQWNCOK
X-Message-ID-Hash: UBRE3TPFUILW6DBQBC7UUKER7EQWNCOK
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: hannes.tschofenig=40gmx.net@dmarc.ietf.org, Andrei Popov <Andrei.Popov=40microsoft.com@dmarc.ietf.org>, TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG Extension file for ECH
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4ndbczCwn2PEWXMQeprucmof0Ow>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Hiya, On 03/08/2024 19:03, Eric Rescorla wrote: > I'd like to make sure we're all on the same page about this draft. > The IESG has already approved the original TLS document on > SSLKEYLOGFILE [0], which contains the keying material necessary to > decrypt the connection. It's currently in the RFC Editor Queue. Like Andrei, I opposed adopting that work, but was willing to hold my nose as it was something already deployed for a number of years, etc.. So I was in the rough. The proposition to the WG when the SSLKEYLOG work was adopted was *not* that we'd be doing the same for every new feature of TLS. It was that we should take this over due to SSLKEYLOG being documented in a haphazard manner. I think we're now seeing the downside of adopting SSLKEYLOG. I'd be happy should we revisit that and ask that the current SSLKEYLOG not be published as an RFC after all. (THat is: I'd be happy, but quite surprised;-) But I re-iterate my opposition to adopting this extension of that bad plan, both because I don't think it's needed (I also did not need this when implementing ECH) and because it'd be further embedding a really bad precedent for the WG. Cheers, S.
- [TLS]Adoption call for SSLKEYLOG Extension file f… Sean Turner
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Andrei Popov
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Yaroslav Rosomakho
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Bob Beck
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Salz, Rich
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Steven Valdez
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Stephen Farrell
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Andrei Popov
- [TLS]Re: Adoption call for SSLKEYLOG Extension fi… Christopher Patton
- [TLS]Re: [⚠] Re: [EXTERNAL] Adoption call for SSL… Christian Huitema
- [TLS]Re: [⚠] Re: [EXTERNAL] Adoption call for SSL… Amir Omidi
- [TLS]Re: [⚠] Re: [EXTERNAL] Adoption call for SSL… Salz, Rich
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… hannes.tschofenig
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Tim Bray
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Eric Rescorla
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Stephen Farrell
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Christian Huitema
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Ilari Liusvaara
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Amir Omidi
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Andrei Popov
- [TLS]Re: Adoption call for SSLKEYLOG Extension fi… Kyle Nekritz
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Mike Shaver