Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-channel-bindings-for-tls13-09.txt> (Channel Bindings for TLS 1.3) to Proposed Standard
Sam Whited <sam@samwhited.com> Sat, 02 October 2021 03:03 UTC
Return-Path: <sam@samwhited.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CD603A012A for <tls@ietfa.amsl.com>; Fri, 1 Oct 2021 20:03:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=samwhited.com header.b=lNFUKnpe; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=dsLYa8T5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RQZe1auAYCfk for <tls@ietfa.amsl.com>; Fri, 1 Oct 2021 20:03:34 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 514003A00E5 for <tls@ietf.org>; Fri, 1 Oct 2021 20:03:34 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 8C3225C00B6 for <tls@ietf.org>; Fri, 1 Oct 2021 23:03:30 -0400 (EDT)
Received: from imap42 ([10.202.2.92]) by compute1.internal (MEProxy); Fri, 01 Oct 2021 23:03:30 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samwhited.com; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm1; bh=51oye v+G+kfjPiGPjDXfAQG1uo4dQ0rKrnJKsuvhX28=; b=lNFUKnpe3JeixR+drpGPl /JdHBLolO6H245FomxRnO0WPCoLJhyR6Nsz+Nek/hvHnxUiSzGB+UlnCe7BQhGbV u1+oxrCJAwD8+/VHNcjaa/kacpae/vfLehKBJDMS2U0+UkHHxO2BgfIJ70QX8CFM s77+ocgSgcnlpn6Fxsda1oFIr8Rc7MjJfMUnRGA7iF7ikQUyCdRVeBX/w1THlRhP 5Y9yTh4pliocrriGKyeY1MYCqOiMIR2/FOG5kqCQmRs3IxZ0+XDswL+qh/CXU0Zg sRyxeNKG09L62j4rqMEkwN7WWZJnubqf9zuzg4ndlBogpwb9ivD+J43tDPidJby1 Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=51oyev+G+kfjPiGPjDXfAQG1uo4dQ0rKrnJKsuvhX 28=; b=dsLYa8T5w2kdbxdEh8SwGeP13gZXmP2Vhgl2Nows7cDEdnMI+D3y9zdgn 3iPFIFl57T2yK1SxReipKXYFGf9OsCWdzbwvee+RnPHVfmfLVE33B/xc005XMFEZ p7DHdPIX6Xc88mpr7hg8ZwZSBQ4htEx6vziGeXI+Dmmi4uWRVbkieiyLM7S6OaYC JxGd3sMgtCeVd9oqMVjgf9chUK/T1rWYsaBSG0fq66DTiP8HplTkN33U8SBItRbV b0WwtHMey08ZuM+0kULL49FCi9Lr7sUNS90SgKhShIpISLUeqdPeqW3SM6kezWi0 Z1DoAK95sTrWZpo6iZROKpx0zkdtA==
X-ME-Sender: <xms:AsxXYT01i08Lxbr3Udz-9qO_3NOx6W4Xq2MlvCeJbD0QTfKUgBc-BA> <xme:AsxXYSGVTDLECmoOj0HEGqvoTidMhrP3OuNHVeDwZws2G-FPdkxEt9DLLC1ct0v2w f1WLPRzF154OJnYNQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrudekjedgieegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtgfesth hqredtreerjeenucfhrhhomhepfdfurghmucghhhhithgvugdfuceoshgrmhesshgrmhif hhhithgvugdrtghomheqnecuggftrfgrthhtvghrnhepvdffuedvudfhfedvieehueekff fhkeejvefggfegtdelhffhhfeiveekudevhfejnecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomhepshgrmhesshgrmhifhhhithgvugdrtghomh
X-ME-Proxy: <xmx:AsxXYT59Y0jbYSghcKq0Z3yRx7pal1l_QtCaGFBE20qCf8Por9YMAw> <xmx:AsxXYY1z7bIVFtkz4AdY9pw_pRL7VZ7c6f-8t-tbVsQTf-f6Vgk6fg> <xmx:AsxXYWGlKo16aN8E6Af9NNWDQDoJDfBT2egrMM2NCRhK8MZlW94g8w> <xmx:AsxXYaQqJNheKv1eMnrqSkedxcW9Wo3tjqX8jHJQPUCeOzf5dtXnag>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 1193D2180075; Fri, 1 Oct 2021 23:03:30 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-1322-g921842b88a-fm-20210929.001-g921842b8
Mime-Version: 1.0
Message-Id: <92ed26c1-bfde-43c1-93f4-2bbdbd4f6ec1@www.fastmail.com>
In-Reply-To: <CABcZeBPQG82xJdwMrmj4-=9aJymo1xts=D6VZedBW5X9k+34cQ@mail.gmail.com>
References: <163311243544.13917.11736165165419008870@ietfa.amsl.com> <20211001190002.GC98042@kduck.mit.edu> <CABcZeBPQG82xJdwMrmj4-=9aJymo1xts=D6VZedBW5X9k+34cQ@mail.gmail.com>
Date: Fri, 01 Oct 2021 23:02:43 -0400
From: Sam Whited <sam@samwhited.com>
To: tls@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5b0y-qKNKFq45zZwWZJk_JMGp8c>
Subject: Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-channel-bindings-for-tls13-09.txt> (Channel Bindings for TLS 1.3) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Oct 2021 03:03:40 -0000
I have to respectfully disagree with this. Anecdotally, RFCs are hard to discover. Having them linked from a logical place in other RFCs is one way that discovery happens, and if you're looking for how to do channel bindings with TLS the first place you're going to look is the TLS RFC (and its list of updates). Secondly, this is an update, not a retconn. It in no way implies that TLS 1.3 always said this, or that the TLS 1.3 authors were involved in the channel bindings spec. TLS 1.3 does an analysis of its own keying material exporters and we rely on this and present a standard name for one scenario where it may be used, this does not involve new technology or even a novel use of EKM. —Sam On Fri, Oct 1, 2021, at 18:49, Eric Rescorla wrote: > I don't believe that this document should update 8446. As noted in S > 1, we didn't define these bindings because we didn't have complete > analysis. This document doesn't seem to either contain or reference > such analysis and until we have that, I think RFC 8446 shouldn't be > retconned into endorsing this construction. > > -Ekr
- [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-chan… Benjamin Kaduk
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Eric Rescorla
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Rob Sayre
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Sam Whited
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Rob Sayre
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Sam Whited
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Rob Sayre
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Sam Whited
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Eric Rescorla
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Eric Rescorla
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Rob Sayre
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Sam Whited
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Salz, Rich
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Sam Whited
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Eric Rescorla
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Sam Whited
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Ross, Michael D (54510) CIV USN NIWC ATLANTIC SC (USA)
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Ruslan N. Marchenko
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Ruslan N. Marchenko
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Sam Whited
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Simo Sorce
- Re: [TLS] Last Call: <draft-ietf-kitten-tls-chann… Sean Turner
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Ruslan N. Marchenko
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Alexey Melnikov
- Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-… Simon Josefsson
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Dave Cridland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Dave Cridland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Jonathan Hoyland
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Ruslan N. Marchenko
- Re: [TLS] [kitten] Fwd: Last Call: <draft-ietf-ki… Sam Whited