Re: [TLS] TLS@IETF101 Agenda Posted
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 13 March 2018 22:23 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5211124D68 for <tls@ietfa.amsl.com>; Tue, 13 Mar 2018 15:23:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lX1S9H7b9n4Q for <tls@ietfa.amsl.com>; Tue, 13 Mar 2018 15:23:04 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68ABF127023 for <tls@ietf.org>; Tue, 13 Mar 2018 15:23:04 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id CCB78BE47; Tue, 13 Mar 2018 22:23:02 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ESDrEHtfsSmo; Tue, 13 Mar 2018 22:23:00 +0000 (GMT)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 99836BE2F; Tue, 13 Mar 2018 22:23:00 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1520979780; bh=sSLPpLhodcqeMsb6cRM8Eg8/pr0Bg/5fYBuHs0bq3mA=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=asJvMjfRWA7u/xjmGyH1fopA8me4qTeSNbZpgL5C6XI1dhErP5DXKPoYrmrDwzfsL Lga9G3inMHe8vQaujnVkZLfoJ21mHdkqx+ZPfRMFkIkHeFjonT4yW9FW0jY0ejYzO2 PI5Cu7Kqc9a2cV2s7n5kYizRMjGWRMSBKBXj3zqo=
To: Joseph Salowey <joe@salowey.net>
Cc: "<tls@ietf.org>" <tls@ietf.org>, Eric Rescorla <ekr@rtfm.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Benjamin Kaduk <kaduk@mit.edu>
References: <6140B7A6-A1C7-44BC-9C65-9BE0D5E1B580@sn3rd.com> <986797a7-81b0-7874-5f39-afe83c86635b@cs.tcd.ie> <CAOgPGoBYc7O+qmjM-ptkRkE6mRsOYgc5O7Wu9pm3drFp3TVa6Q@mail.gmail.com> <d7dfdc1a-2c96-fd88-df1b-3167fe0f804b@cs.tcd.ie> <CAHbuEH7E8MhFcMt2GSngSrGxN=6bU6LD49foPC-mdoUZboH_0Q@mail.gmail.com> <1a024320-c674-6f75-ccc4-d27b75e3d017@nomountain.net> <2ed0gc.p5dcxd.31eoyz-qmf@mercury.scss.tcd.ie> <d7ec110f-2a0b-cf97-94a3-eeb5594d8c24@cs.tcd.ie> <CAOgPGoDpreyWcaLG_bMvEmMk1KvMQEGhXB+Ro+f1BKf3p_DxOA@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Message-ID: <4e1ab8ca-e977-7273-358b-3df3670d0ee5@cs.tcd.ie>
Date: Tue, 13 Mar 2018 22:22:59 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CAOgPGoDpreyWcaLG_bMvEmMk1KvMQEGhXB+Ro+f1BKf3p_DxOA@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="0kkhtD0RMyCKG2r7n8440M5j1ghoYF2JI"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5Lm_rPGwEwnWy2-EbYEdj-Bdf0k>
Subject: Re: [TLS] TLS@IETF101 Agenda Posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2018 22:23:08 -0000
Joe, On 13/03/18 16:09, Joseph Salowey wrote: > Hi Stephen, > > It is not accurate to say that there was consensus to stop discussion of > this topic in Prague. I did not say that. I said numerous times that there was a clear lack of consensus in Prague. Based on the question *you* asked, which was much more general than one about draft-green, that means that work in this space is not being undertaken by the WG. I hope we agree on that. > There are vocal contingents both for an against this > topic. I could quibble there too - Nalini calls her folks a consortium, and it certainly seems that there were a bunch of them in the room. AFAIK, there's no well-organised other set of folks, just a bunch of people who have significant overlapping technical concerns with proposals to break TLS. But that's an aside. > We did not have discussion of this draft in Singapore because the > authors could not make the meeting due to several issues and we did not not > think it would be appropriate to have a discussion without them present. > We are going to continue forward and have discussion on this topic in the > Monday TLS meeting in London. My problem is that we *did* have significant discussion on the list (of Russ and Ralph's -00 draft). I can see no way in which anyone could read that mega-thread and conclude that this draft is likely to garner rough consensus on the list. And since the list is the place where we do real work, and we're not in any case working on this topic as a WG (see above), allocating a presentation slot for the -01 version of Russ and Ralph's draft seems to me to be ignoring the WG participants' postings to the list, and hence violating our processes. I think you and Sean, as chairs, should have read the thread on Russ and Ralph's -00 and said whether or not you think it could achieve rough consensus. That requires no presentation from Russ. I mean, do you *really* think there's any chance of reaching rough consensus on the list for this draft? If not, then ISTM you're putting meeting attendees and list participants through a bunch of pain for no gain. Lastly, to be clear: if Nalini's consortium's next set of authors turn up with yet another attempt, then I would not ask you to immediately shut down that *list* discussion, but just as in this case, I would expect you to *not* schedule WG session time for such a proposal, if significant list discussion has demonstrated that folks' sets of opinions have not really changed. (Which is pretty likely, isn't it?) Similarly, if such a proposal hasn't had any list discussion then I also think it ought not get WG session time. ISTM, that if you (chairs) don't start to impose that kind of (normal actually) discipline on these efforts, we risk an endless round of iterations of this overall discussion. S. > > > On Tue, Mar 13, 2018 at 7:21 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> > wrote: > >> >> Hiya, >> >> Just to be clear: I'm still waiting for the chairs and/or >> AD to explain how the proposed discussion of this draft >> is consistent with IETF processes, given the results of >> the discussion in Prague (a very clear lack of consensus >> to even work on this topic), and the discussion of the >> -00 version of this late last year. IOW, I don't consider >> my objection has been answered. >> >> In case people haven't got all the mails from last year >> at the front of their minds, I went through them for you >> and have provided links and selected quotes below. Yes, >> the quotes are selected but I think do indicate that the >> opposition to these ideas is as before. And there were >> also the usual voices in support of weakening TLS in this >> manner as well - a read of the thread clearly indicates >> to me that discussion of this draft in London will, as >> before, be a divisive waste of time and energy. >> >> Chairs: Please drop the agenda item, or explain how any >> of this fits our process, because I'm just not getting >> it. >> >> Thanks, >> Stephen. >> >> >> me, "IMO the WG shouldn't touch this terrible proposal with a >> bargepole." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24493.html >> >> Randy Bush: "there are a lot of us lurkers out here a bit horrified >> watching this wg go off the rails." (Different thread, but same topic) >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24539.html >> >> Uri Blumenthal: "+1 to Stephen" >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24542.html >> >> Rich Salz: "put this on hold for a year or two after TLS 1.3 is done" >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24544.html >> >> Ion Larranaga Azcue, "I really don't feel confortable with the approach >> taken in this draft." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24562.html >> >> Hubert Kario: "to be clear: me too" (replying about hating the idea) >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24578.html >> >> Rich Salz: "I am opposed to the basic concept of injecting a third-party >> into the E2E TLS process." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24585.html >> >> Florian Weimer: "I don't understand why this complicated approach is >> needed." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24607.html >> >> Ben Kaduk: "I do not see any potential for a workable solution." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24620.html >> >> Uri Blumenthal: "why do we spend time discussing this draft?" >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24639.html >> >> Christian Huitema: "Maybe they have found ways to manage their >> applications and servers without breaking TLS..." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24643.html >> >> Ted Lemon: "I think we should stop." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24649.html >> >> Andrei Popov: "deploying a weakened configuration of TLS 1.3 (without >> PFS) would not meet the intent of those future mandates/requirements." >> (On "industry need") >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24656.html >> >> Ben Kaduk: "The time I am spending on this thread is time that I am not >> able to spend improving the TLS 1.3 document." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24660.html >> >> Dave Garrett: "Please, let's just let this mess die. " >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24667.html >> >> Uri Blumenthal "I'm against weakening the protocol, since there are >> other ways to accomplish the perlustrator's mission" >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24670.html >> Yeah, I had to look it up too:-) >> https://en.oxforddictionaries.com/definition/us/perlustrator >> >> Adam Caudill: "To be honest, I’m rather surprised that this group >> continues to spend time on this." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24712.html >> >> Tony Arcieri, "Having worked (and presently working) for more than one >> company of this nature, in the payments business no less, I would like >> to restate that it's incredibly disingenuous to cite the need for >> self-MitM capability as an "industry" concern." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24715.html >> >> Colm MacCárthaigh: "I don't have too strong an interest in this thread, >> it's not going anywhere, and I don't mind that." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24720.html >> >> Peter Saint-Andre: "+1 to Stephen's request." (for chairs to close down >> the discussion) >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24734.html >> >> Cas Cremers: " I think such a mechanism should not be part of the TLS >> 1.3 standard." >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24885.html >> >> Karthikeyan Bhargavan: "I really don’t recommend any change to the TLS >> 1.3 design to accomplish any of this" >> >> https://www.ietf.org/mail-archive/web/tls/current/msg24903.html >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> >> >
- [TLS] TLS@IETF101 Agenda Posted Sean Turner
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted Darin Pettis
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted stephen.farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- [TLS] draft-rhrd-tls-tls13-visibility at IETF101 Jim Reid
- Re: [TLS] TLS@IETF101 Agenda Posted Colm MacCárthaigh
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Richard Barnes
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted Eric Rescorla
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted George Palmer
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Sean Turner
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Kathleen Moriarty
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] TLS@IETF101 Agenda Posted Darin Pettis
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stan Kalisch
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stephen Farrell
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Hubert Kario
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Hubert Kario
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Peter Bowen
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ryan Sleevi
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ryan Sleevi
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Ralph Droms
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Ralph Droms
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell