IETF Logo Mail Archive

[TLS] Re: Opsdir telechat review of draft-ietf-tls-tls12-frozen-06

"Salz, Rich" <rsalz@akamai.com> Sun, 16 March 2025 12:34 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id DF1C8C2A13D; Sun, 16 Mar 2025 05:34:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com header.b="S8/TqfIC"; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=akamai365.onmicrosoft.com header.b="ZJOyX9UK"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P0PgbRgseJHS; Sun, 16 Mar 2025 05:34:50 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) by mail2.ietf.org (Postfix) with ESMTP id 460AFC2A135; Sun, 16 Mar 2025 05:34:46 -0700 (PDT)
Received: from pps.filterd (m0050095.ppops.net [127.0.0.1]) by m0050095.ppops.net-00190b01. (8.18.1.2/8.18.1.2) with ESMTP id 52GBvSbJ028561; Sun, 16 Mar 2025 12:34:45 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=jan2016.eng; bh=EDFbZFevMKibb24sBQrJ33 ntsllJkFDjaukwTrNdusc=; b=S8/TqfICuQrsgIisbOeHP22h4u9SIbJLmNE0ru VfI3am4vYazYTrWFkYJw8UQBqh8MvGs8sh6zyOehH0cvL4irh3htotOnOuKPGGR9 +oztbCXsMSh/3GtDCKgnMdMImN4mkRKEc5Q4pf3tnsmY7FQV3vGPzTU4rINXeTPw K9Lq/foew6SWGGohmw71l7P4Q2tog80Yyk8UPt+6HzcOMT3LsrNXkfUOille4CQn kn1MsSigZupnTwUOF6S2ZrwIGFUAcSKRkk28+rwz92AkibJ9owPAUD/afHZrYNbe lF1XjeZBFOke8Ad6DXJl589DvkepxpA6F2ItW5z+8kNIdcLw==
Received: from prod-mail-ppoint8 (a72-247-45-34.deploy.static.akamaitechnologies.com [72.247.45.34] (may be forged)) by m0050095.ppops.net-00190b01. (PPS) with ESMTPS id 45d1yedyvp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 16 Mar 2025 12:34:44 +0000 (GMT)
Received: from pps.filterd (prod-mail-ppoint8.akamai.com [127.0.0.1]) by prod-mail-ppoint8.akamai.com (8.18.1.2/8.18.1.2) with ESMTP id 52G72IRb013694; Sun, 16 Mar 2025 08:34:43 -0400
Received: from email.msg.corp.akamai.com ([172.27.50.201]) by prod-mail-ppoint8.akamai.com (PPS) with ESMTPS id 45d4vwg1we-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 16 Mar 2025 08:34:43 -0400
Received: from ustx2ex-exedge4.msg.corp.akamai.com (172.27.50.215) by ustx2ex-dag4mb2.msg.corp.akamai.com (172.27.50.201) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sun, 16 Mar 2025 05:34:43 -0700
Received: from ustx2ex-exedge3.msg.corp.akamai.com (172.27.50.214) by ustx2ex-exedge4.msg.corp.akamai.com (172.27.50.215) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sun, 16 Mar 2025 05:34:43 -0700
Received: from NAM04-MW2-obe.outbound.protection.outlook.com (72.247.45.132) by ustx2ex-exedge3.msg.corp.akamai.com (172.27.50.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sun, 16 Mar 2025 07:34:40 -0500
Received: from MN2PR17MB3901.namprd17.prod.outlook.com (2603:10b6:208:1f6::24) by SA6PR17MB7340.namprd17.prod.outlook.com (2603:10b6:806:416::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.33; Sun, 16 Mar 2025 12:34:38 +0000
Received: from MN2PR17MB3901.namprd17.prod.outlook.com ([fe80::7515:e7d8:ada3:1849]) by MN2PR17MB3901.namprd17.prod.outlook.com ([fe80::7515:e7d8:ada3:1849%5]) with mapi id 15.20.8534.031; Sun, 16 Mar 2025 12:34:38 +0000
From: "Salz, Rich" <rsalz@akamai.com>
To: Jen Linkova <furry13@gmail.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
Thread-Topic: Opsdir telechat review of draft-ietf-tls-tls12-frozen-06
Thread-Index: AQHblj3eIo40vcmzlEa+Jh+t+amfGrN1suy0
Date: Sun, 16 Mar 2025 12:34:38 +0000
Message-ID: <MN2PR17MB390161ED980D5EBB9B9D5037CDDC2@MN2PR17MB3901.namprd17.prod.outlook.com>
References: <174210703164.124993.17661986887788893733@dt-datatracker-5b9b68c5b6-zxk6z>
In-Reply-To: <174210703164.124993.17661986887788893733@dt-datatracker-5b9b68c5b6-zxk6z>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam-message-info: CyTgjrHQ5rVnj4sbAHbAwfLRa+RkPBUlvli4/5sOYlwk7Di3KVteR6frdykLeEPOBOVm/jwirqGc8l246NalLFLSwRHlmlMVfRLS1B/8J9bYjXMTzDLlrW73gjTsD4g7OetCmTEfeI9kPpHVje4xTTPAOpe+e6Tnxq6WnsbMO13gtU9GooEGIHY4Dl0ib2Y6LaX0sSVjggo9riYWXCYTpYW8/R2LU9jcSUi2c0HDtylDgqI7ME62eG2SViNuldPQaKzvYZdkvUVRvemnjraTNltOU7fRM6mCUuB9YJOMX3AqVezCoA94mDKWxAIKOzCXEu5KMNmIpPUsWf5L0lVSttUKiYsLiK7BSAMxQ9Ju0TIomAXpERCmTzplTNr9lPdEWD808EMLRLE7qGpufIemfNOql+MCs26K/jB8HpRFqaOsvCGxFkPcx6gT2Wr/uyXXLguq11oAw+lxsE0cGiwumadv+GLOleVVO/WPZ5XrqoBrFAK+9YiqeKPzNca/jTHK1L8I+M5TNJi0HgzOtqp53MUNu1ciF65f2YUPyCZ90qUz9bxCdaViSPMwWperTUnfZVoIPtwzwd/Jh2EH03FikpnIGXpJ/ogT70E8ZyBKIna1H+7hcrooctbkhqlgXTcBSPeWsM7LbUM3yrsFACbHSl3AcavFp8YwySNNJYLlQ68rPSMtJ5jc9ydqgXZQP/LmgRUrY6vk14dM+PCBOz2oeYzX7D6nIraLz705v89MZSmrXGa/N7w4X3k8LdneD+QRY7WIvQa8VOe4mjkIB9SfP6tFzfxDmFrCQpzeAFM6JQz3NOWUR65tXk4eg0ugr3z/uLNrxcNdsK7coorNYcJc9aXHzmK8eSsoghiAxZ0LC5Rn7FjuiSH0+U+aTGdrwvs+UR712OeaD93oePU5MHj+NWQ4eikH6zAxOCP4Fr3uPOpU89Blb6UU3Lx8R4SeqTDpU9OhzNtJy5LRY/yr89MTVJ26N6T1Iobfr8SGED1lQFssZCtOoKymfV2nR7QyuJ6LVxy6gSAoDr4aeoQg03P4N3t+l7cBTMubzGPdhjhHYJQJh99cmVPa444sNVcrZjTQZPjRGl1uPeu3wNM6WslAH63GwXZMJpTpYjs1hQqYqGqQX1MefL8FdPSCgLaeGNzwVgVfiF3UfqirjPc/K4TErr0EvVbTSJ+l/Juwt6/M9Ll8OBawhSYmMMXW2rcCc68NZq1uH8G59kMeCgjNZusxws6LDBaUTYUiFMEEw3S+H+kG+GvXBLXK4FYmWLm4pVc3uN1rtRWIGHr2GOaDBKJrfd0d4abrL6ApiBawDd4HucJlGl3K4K94pRpqDNuTe7aL/DuhhVOc7IOwXP/2HkGKNIxGLELM1QwGHRRR9o6lGtqGEcV9CyldLZR70t0uo4epNDBxoQ7UgJ5lL3y+v0tIojqGYu+ImBNRM2ZzLJ1omtDt3mFlArxmJyKGixLIQNVf
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Ufy/m+cUIa8OVDQQnU8Z50n3VMGnH7qXJd+cq5Q2i44QW5XTXV+n6rC84hO2VR6B4e0zqwvsp+nqf3es2XfiWVz9yE6B2G19IGf/yVTMMMgcwbk0DdDj/KFEZkyE7ZcNSl+fELHf/1a5iYYreTJI/uzB4W1H7DCPJZu+7Z1GQtZN/uN26CaNxLzBpAQkjfCDUrD1qa3svjll48lMcYhKmW8JSHNDeK8Nm3DSI4yzzFRny10ufRKmp3elDKVnbiQPAIFwJVqmQuaTwMpjaYC1L2e685eGpBt2z+9qEaOyO5P5rE63FPICccdpuF3d93hCR9hQ8a9kRG7Rf+0AGXRKwv5gAOUURNxXEji2ZlK0jCJTiReyGvJefgu3IdGivOTlrvL0JhslNQm4oyVD2hf0JRG0rA2T+H8eLVYnb13lTIIPh1jP4qtKv37dw/08cFa/H+xKwWvZU6L0W6Ua6G8Y5qlAGgQ8uRRg+QRtXvZVqelg/vE5zN9FP/PGi2DI3vwsOI0uGrrwWQ3gGqw1GTI3i2W//F/US0VUUi4GrmxuSvoDd53smKjKm/CTsa7Hizj9p7Z98QTRr6c+lLYxWUpOZNk2c7zDQdecG1IHxGMjt9M/c82zzl8fNoZdl0nnJw+0BZLtgXyipWYlUUWEwZWGxIop9El9q9x6NX3LmWKlPT5QeIUNiAO8B3ihjqTAyAKStuzwSfDyrqPNlNna6Byn8eJC6FC1yzoL6klA1ScJN64ldxZ/xvPp8ia8cOgLArkWGHT0S/8LABa/r6euVVJnNoMlxi8lRFasBcrd6fauLa/EzkAm4OIwUxLuQf4rDcTZ/eAGor3QQfHAB+2x9NhqlbD6L6gzpR7llh9HdRisHUD9TDtB+AhDJEEn4B0BfWFB6XLidXYQq/YBWUkZEWOgPWkSFdxR/ZQ1bm6IsixAF/Jh+aHE5ZylbLo6FGZT+M8O5xJtWc/PxIgwACQLfCmH93Dpbu6dC3ItPbuIDXp5Q9tqH0Zyk+HNHaSy59JQD7yvq3Hs808jAo355fOfYttwxF1EXzGXMqZ03YADvFqZGV7406jOPGPMr+75njUhb3xhzHhyEaSmAnXy1Cuk05Rp7VmbRtLk7PUyQWrAUz/6+LqDJ6luswgXItiIVNvMty4xZUBXZKZ0osYckMAJOl251TSqUPuhl0Q0HJPuK465Kr5KOIvMCyL1pMGflQ3LtRswozWTwLg+KsoijxwgRwUoipbKeLS32oTXZI+7DvWmEqUvqqCCEUpPqXiEYPmetVAhqrwdHAhNbPMdp4Erwebrw1cBNHB7yQsD6YHeiUj6LhsVO1qr4qLhxtXo7PZsKUrkU3LxLErX8W4q+QVKJ10e/YjNNfit7ByNEX/2nOKrB6S6Hn4uBImaXhdrXO5XhYxqkJDQZ8PneuJAy3k4bx4GEVKLtlvhYL3y53iXgBl9n9J9L2L5rxmHMDZYdiWFBVwZj9gQjCyPar4ccpndqHYEXOqiLRowMZx73FsT/G2E5nxKucUO3cZhrCxsQpDSAF+JHhzr/OAOpyvMEN9feHAzYA02g3E3Sb0uhPjYyNhUc2ugS8qORzCWYJgUVS5UAB+P
arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=grU/WJX0xRW+QZ9cETrdLcKK1SPC51GE2ec8hqYoeqnKwM7UHtk6WX3Vlwjnfiwl/b/l3E/UzYjHx866OM6qP9ObDDLr4tNdjf5acFiyGErNBCv4RDEQ+iS0guDK9vJOGDk9SmIoM/XtEHcs98R4K45ZwMKi6XPq3L3ZMAaLR8yRJ2O4SCCgJOhK4Nm6AiOIl6xZ4dfneNC1Fz/ojciLDVbPO7+n6R8CwkMq47n4pOuCN05WMWeEMLB+apvwVqiUNrqYMxR49Pu4TywAiVfLCXqTsbBCEX4PiVWoC3sD/pM9wVohuTUKg0FjLPclGr8NhfHJhJJW5ugrF+7A9TnILg==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IEoDAMC1BdY9OBc/+VleVpbaSdxNL+o+Ox4G5QBaUcE=; b=DyHIjqMXMxLehuxfAfD0a3B5gOtEcAh02N5WuK1HvjDrhGVqITGw7+Ncs0d0R16bM5qm7FDMGuHDMchMmowypTl4WMkintCIgkcOG2CrHeD9af4yQRSX+uxTQsaBQ6yZnobVhEjL53vvhdHyrfbPgTTBdMDfWUoXsonECtedaCpYrdek9ILZMiv0Wc9TqxbxVV+yn+I2ipkydk9mSO8zYecoQFt3iIFsTkJVS16H/kSzkmnwYev6GFK+oO9u6zBfcBe7V710uWa/ft5fAFbpAxmxcyy+tzLz/EddVaMNi8nEnC9udfgbQeJMRPzvh9j+f3dLUhx/3EFGf74PlHO4Zw==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=akamai.com; dmarc=pass action=none header.from=akamai.com; dkim=pass header.d=akamai.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai365.onmicrosoft.com; s=selector1-akamai365-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IEoDAMC1BdY9OBc/+VleVpbaSdxNL+o+Ox4G5QBaUcE=; b=ZJOyX9UK9AAivZRTCdZ+POuiyn/QebRnv61RKW6puyrPLr5QPLcp16ngCjHqKcCQRCB3YGy2IoHrZrM6HxdfjBYbtF6beR6i6NaHOqFfvE53STgJHN7dGdLjeb8//P+AuQG6s5CTSFbKbkmtOlAZtEGA3F5995dWHDD6WrtyCkY=
x-ms-traffictypediagnostic: MN2PR17MB3901:EE_|SA6PR17MB7340:EE_
x-ms-office365-filtering-correlation-id: 16ae285b-a77b-40ed-b650-08dd6486eaba
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|8096899003|38070700018;
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR17MB3901.namprd17.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(8096899003)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR17MB3901.namprd17.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 16ae285b-a77b-40ed-b650-08dd6486eaba
x-ms-exchange-crosstenant-originalarrivaltime: 16 Mar 2025 12:34:38.2386 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 514876bd-5965-4b40-b0c8-e336cf72c743
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: ujnjk36kwvMDFb5hmqgmpA4VyOakcA6sklS7cX4izk2Q5RE4ou6V3LT0QFFYQr7+PszMPWxhhzP805aqBlSRAA==
x-ms-exchange-transport-crosstenantheadersstamped: SA6PR17MB7340
Content-Type: multipart/alternative; boundary="_000_MN2PR17MB390161ED980D5EBB9B9D5037CDDC2MN2PR17MB3901namp_"
MIME-Version: 1.0
X-OriginatorOrg: akamai.com
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1093,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-03-16_05,2025-03-14_01,2024-11-22_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 adultscore=0 bulkscore=0 malwarescore=0 suspectscore=0 spamscore=0 mlxlogscore=689 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2502280000 definitions=main-2503160090
X-Proofpoint-GUID: 1DQ_Tp1pkEzgB9w-YU9NBDD9eOxE-Hxj
X-Proofpoint-ORIG-GUID: 1DQ_Tp1pkEzgB9w-YU9NBDD9eOxE-Hxj
X-Authority-Analysis: v=2.4 cv=TMFFS0la c=1 sm=1 tr=0 ts=67d6c564 cx=c_pps a=YfDTZII5gR69fLX6qI1EXA==:117 a=YfDTZII5gR69fLX6qI1EXA==:17 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=wKuvFiaSGQ0qltdbU6+NXLB8nM8=:19 a=Ol13hO9ccFRV9qXi2t6ftBPywas=:19 a=xqWC_Br6kY4A:10 a=Vs1iUdzkB0EA:10 a=g1y_e2JewP0A:10 a=gPZh2wQbg3kk8WKcZa8A:9 a=CjuIK1q_8ugA:10 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=XguYystABaS0mUDV:21 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=frz4AuCg-hUA:10
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1093,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-03-16_05,2025-03-14_01,2024-11-22_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 spamscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 impostorscore=0 phishscore=0 mlxlogscore=513 priorityscore=1501 suspectscore=0 adultscore=0 clxscore=1011 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2502280000 definitions=main-2503160090
Message-ID-Hash: U54GSXWIW55QJPLVAZ2YUPZ6TO7NDJ5U
X-Message-ID-Hash: U54GSXWIW55QJPLVAZ2YUPZ6TO7NDJ5U
X-MailFrom: rsalz@akamai.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-tls-tls12-frozen.all@ietf.org" <draft-ietf-tls-tls12-frozen.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Opsdir telechat review of draft-ietf-tls-tls12-frozen-06
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5X1lKmN2IeLTmFoGnJWSdDXvsyc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Thanks for the review.

I'm not a native speaker but I'm afraid this sentence may be read as
'encrypting more of the traffic' and 'removing primitives" are examples of
known deficiencies, not fixes. Maybe rephrase as '...it fixes most known
deficiencies with TLS 1.2 [TLS12]. In particular, TLS 1.3 encrypting more..."?
This is a very good idea, thanks!

v2.39.1 | Report a Bug | By Email | System Status