[TLS]Re: Discussions on Trust Anchor Negotiation at IETF 120
Andrei Popov <Andrei.Popov@microsoft.com> Mon, 29 July 2024 17:48 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD93CC169428 for <tls@ietfa.amsl.com>; Mon, 29 Jul 2024 10:48:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.256
X-Spam-Level:
X-Spam-Status: No, score=-2.256 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YFEtJNngoGs5 for <tls@ietfa.amsl.com>; Mon, 29 Jul 2024 10:48:53 -0700 (PDT)
Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11022094.outbound.protection.outlook.com [40.93.195.94]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DE4EC151077 for <tls@ietf.org>; Mon, 29 Jul 2024 10:48:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=jMopwa8U7JiP1F9EP31w22hcwryp781vuWePjegX7i9BeZ9W+i2IzQEk6iya8/4pbdYwr8nICEe6vkwVyx1Q78FZAjRUQMMuRTgVbMex6b8H4P45VqkuGXRW04xAnh/x+kUa7GK50JqbXPj3hAVPnM4fPiolfgQSt4XNJoACxk5C4/54il9ywl7s5GkQLwDc0ibhqcGtSpj7ivKVhfdndzpAt8hqneNxfGzSEUaF2lbXa8i36NJBRIMppLf5vpwfuqW9nrjzqnF/w7Owa2awsE6EsVQ7dVJYr3RI13Hib/ZbCv9K6Y2+EbRfFc254RVs04JEh8wBLqNPtPw5idVqrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=p2YHm/pEM/3vp8OC/pvRphaDVG07V44rVn65AIA+FG8=; b=Vz6tqrtZ32HxqzCo+Q6Zxp0wcsLPBs6H9RIbFBvVaimFtupbLgSJ+S0obpMvX4aIYdDSC2rXHPG051qDMYFJC4iHP64/BMsjT81Dt3boPenwj2St499JUL/N5JitUXETsPOqjsb59XILXWxoNH7YJWpyoEYVG7BqAH4lFltHZ2Wy4EIAyxf7YUIyK8bBpFw6RBRQL5/pJ0HkcwmC7CPiBq87lR6SUW78kuzR3IrC6jmLKVaMrXz/ukYKANHB9tnk//ILhYYjT5oBjoMep800dTUBDXO6tWiv6/mvEPi/kXK/EfvcmKK3VXhS1ub8rgHiaC+0xM7AkhunXViuFrtCqQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p2YHm/pEM/3vp8OC/pvRphaDVG07V44rVn65AIA+FG8=; b=SKvEADmvQGUH6DbErTd8UvOnX6O8v6jqzJChnzMYOqF2vltjZYlsFQBI2CzSe89Wkp8WUXFLXwo19NFt3ON45SRlImII1JFR7ZAKQEPI8gBFMdwo2pSJLYu4qBO7s+XoK1kTU8ajhLGL0Z1OkxCTW927iDAyRICCMkhurPqHpdY=
Received: from LV8PR21MB4338.namprd21.prod.outlook.com (2603:10b6:408:22c::13) by MW4PR21MB2028.namprd21.prod.outlook.com (2603:10b6:303:11f::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7849.3; Mon, 29 Jul 2024 17:48:50 +0000
Received: from LV8PR21MB4338.namprd21.prod.outlook.com ([fe80::1f2f:c0d6:2e5c:12aa]) by LV8PR21MB4338.namprd21.prod.outlook.com ([fe80::1f2f:c0d6:2e5c:12aa%3]) with mapi id 15.20.7849.002; Mon, 29 Jul 2024 17:48:50 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Dennis Jackson <ietf=40dennis-jackson.uk@dmarc.ietf.org>, TLS List <tls@ietf.org>
Thread-Topic: [TLS]Re: Discussions on Trust Anchor Negotiation at IETF 120
Thread-Index: AQHa4dB49TS9BsGEIUCUSMrzUyYgYrIN+u7A
Date: Mon, 29 Jul 2024 17:48:50 +0000
Message-ID: <LV8PR21MB4338446115FA314EC48CB77D8CB72@LV8PR21MB4338.namprd21.prod.outlook.com>
References: <d1589f89-35cb-489f-b195-30feb3e7e40f@dennis-jackson.uk> <SN7PR14MB6492663C2AE4A15639D62F5583AA2@SN7PR14MB6492.namprd14.prod.outlook.com> <e7aee41a-0df4-4048-8692-6805d06cfadd@dennis-jackson.uk> <CAEEbLAa5bZ3zQX=A74THsxtgkryF4sCVCt1P+BTdDi9faraciw@mail.gmail.com> <0d0bd7c0-a34d-47e7-84cd-22f25537495e@dennis-jackson.uk> <6114AF6E-6A7E-4CD7-BA19-3B2E25B7F697@akamai.com>
In-Reply-To: <6114AF6E-6A7E-4CD7-BA19-3B2E25B7F697@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=08463b19-1069-40cc-9cb7-761c41f000c4;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2024-07-29T17:46:45Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8PR21MB4338:EE_|MW4PR21MB2028:EE_
x-ms-office365-filtering-correlation-id: 06eb4903-4b96-4cc8-e5a8-08dcaff6b493
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|4022899009|366016|1800799024|376014|38070700018;
x-microsoft-antispam-message-info: lSXIt4dFr8Qbj32CFK+8O4bReOxobe/b6L0LL20+EAdWeg3SxEEYb02z0B3DQ79ttaWk8SKCKmtQdrEf3RZo2FRa6tnxnCyi9xD0/ZkAEyp5WpFP2WD8O2rhgSYLegRciUCCGMu+LwnOjxYjY1UywVGPRDZFjLc6Y/53lkN2vCHSP6YrW+TrVI4FWVykyjIJ21YQYz/3F0/bxQpNG8yNzBfillQ7lLeiN/hJoI+3j756AHGF8r4uTUrZnhBh31LibnbmfEDwMsx61Gy9oLNcFe8cpzocAX9AOj8FW2ynkjrVj/hi4qnzw6yfZs0S4bfPz4jSJlnJmn+K3kx7kPIdfNB5PPNYo8m/mtPA20C4Hulp0O3y+GRsz5pGnPelWEG09wGOcKnEtXqB2nWt1hKeWm31ASj/B/GysJ5Io7tfyE3JbiWOvMGwCRUPRid4smaAsZfpWR+EknpFtC+VTbzd0TE1EhBPjRj4/03FBgApcSfbYq14X8vW1LiC9jhqt9wYYrxJBRkmuHfd6X77W/AYSavuFHZMZ1LCI7U2d/dWT2B4DCiod/cetrxx0Ru/TyyGvpNE5a3cyIqCzJG21HMBf/J5DuoZQJOex0upkO8Ve8Cd8yuX95SPhcCx8vutyymTZ5n9/ur5yVxF+pJH2p1FRmD6EnENvhdgWkS1PZXVWY5fUSXJp/iNXEBXXpQZRzC0u40/vnB5onTOUKM4McU0GISGwpvLJCaPS1OydErWzBKcgkoztbSYrJ6uqzsAYKKxEHS5pLtTVy8wGwO3onACh+h6bACvk87O3I9gzqm/2eraJ4IJzqqIu4D+U0lc5/i8Tl1WK2RbuXhLnyZHihDlN0C7lDMmfILaQiRT17a4Wh6vt4VhvUI2nK5FqrQ0CYvajPjQHSyXSADO+rvVbRA/q2tSfCuGO7+vxp1AHVTn8w2TceYMFbANkZLHGWQL7VA72tfTakC6b0wUkhIi9SlC8PTsZnYRCz1knPBvijJOOTM1ogAZS8SdcgZ4EKDsHPusqOxJCOfjgJf+dqNBN0CREWqEervWAp73WkTFLL+vTsy9JUcHmNCuF6veYiinANBuYNBE5ysPCADtCaG/q4VbJgysyoyThmV6C433w3y5mhUV2LeoHruCnJMaX+zIRe91nV6m8mhON+Uw1Bkhp0pZTloGzFkrnL5i1sWvIuRhjDG2WWyqxyRifMXUY3Xgkx2YnrVkFXTKcHbjFJ53kX07Jttb/acbuwfOjkPDbUVCoulQ4y+rflpMsTz5Wv/wxvaZg8KsOJcqniNK2KvPqHuZ8K0yLsSx+2mJ6CCJ8bNM4ewmmQeEEIJzeoNfUiHBWnSH4tQ+Qga1LPx71NhktsNMqyqH9ErSM1uTaaEYBjS4QZTO7OJCAwNLJGMcpRtgUTcNMtqVnBQRs+gQi8ulGEPkKw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV8PR21MB4338.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(366016)(1800799024)(376014)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: vYSZFwtT9gQZmmNBiWtcTtq7kcR8EkF2kmcuyfiha2WyZibTfX7P4vaz34Z+T0JW8gySNfMJq83XfEz9qRkI8PnLH6KIollv+adgPemjAXnG1wzW7NSqIMJf2j9wM7eiVVCmG0//4mKaptAEs13XoHKhJKJyiQm0kT9aFpuqcmN55nTF8mtjvjXBIsWamIhiAF+9HZ+esKCLv3xajwxwzwTDUV+Tw5WsJNjUo4QTKWjwLVBnj9NYGCc730YH3grHepfK2c/VtBTpSQhZkpCoc1XySeZxCkvW2Y61lAqRiePlTK/sf3EuEdPVZlfdyOf11faCvdIYTZ94Be0iC4ga9i2hXNR+EchpRwcJ7IJMxjSSWxSHDadnUwhIyrCgD529UeXz31o5ggfN69buucZ7eXuWqAKNDCJnvzSanoNWPoIB6c3gvyMeCu5ljn/1B//3zojAZYHQ+p7CTZY3S1NtIXSDz7Po2qaDb6Ocvgwgd4pFGnIXJG618ABJJgs8afB6Ks83WZQiHrST2SPKezMcgK9M0Wb9rdvQNF1cubOYP7SKI3RY60QV0gqkz4OnUPc31y2a0bEivS6JaAbMhmpIqPff6s4HoHlQ3BR24tzIiSq9bXo5gdBa+pvdwpaIW6iqZtstMnuny4RoEujzkJuyuDboEl0U3ZMCKnzYatu+c8bRBY0gIDuOVYFyXn9FwkBGxnohL9jBPFWbctJZCISAiyT7eysYxBpOzpBC30P1zPYfuVHYyn+3ijObEtP+//x0cutxJHTBy5Unyi3CxbckVm8Dom1IZ6CgL8BIZ2BtI1rIZb6pQHs8pYG65LTlkNKYM+GeB8F7j9P4lRJxaE6d3p6ySJi/KIraxk9np43SLuriiQgnJBKEgsyk64ZYsz4d6tDhBqPdia5UglxdwISwH3ls+fgyKzXH8Toi5OviLoAmyQ5h0R+lQ4/t37KUwJyZXqsgX8zJR9CVQ//qEufHNWT2S6baZ47nBjIhrsr7bOQRzou3vCd85ZE22onYTgECjriGWJ/t1ro3c4qctnHyYXERuulk8tiK672SQ6TeKDhj2CuPI1SpMCRp8rW5kW/z0sVC8uD83l95wHbyYvdkx/NM/auSDvh/RvVKhEsryG2gp9WBsk4/+YBtM1QwYgTVgFGLBkksCirEDZyhyfxxb+eSwk3spGqQCwCIM9wmLhLkB9J77PQmvxcBao1EWc49i/g6x46OS96iwB/GYhywjEihCSSdsZLRUW0JvRihi6+sLZWDlx/OAgzCS7dv1WojjUuJ0/kUBF6TyNpCB9XhY2dTnpxuIdKHcdx4VR0Ocz3yILl5j80E9zu97eVV6OppGSL3LWSnDg0i0Q039Xg30HiVjPUIBaYwPNkEwKo1t1s6PPugkZhjJkG1tNgmvlHBwMWiAWM5gSCboMiHrLuCoK1lUI0owEA8EGFlKuWBoBJ2gR1zFv8R70sLfjZUDvwyDUealTG/ItMNrXkdKNbNaRyEQRXruZsOwjSVjhq8tD5jAOet4WjJ7QR3TmQq3UsmO0r9nQdL4Zcu1E3sT9QrAvxS4gE+IoHJKRscnwZ4ytsNQ7bhssI+R9m7THRYxwxz
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8PR21MB4338.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 06eb4903-4b96-4cc8-e5a8-08dcaff6b493
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jul 2024 17:48:50.5588 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vDzj5194QVpsiXbV1/O1A+R4thIEOxgkfmT6AyzS/3wM8A9mk5XcRLsszPt7Sn1EHMXXXhU7wtfkCgLFryyZwg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR21MB2028
Message-ID-Hash: OL47GSY3JCGKW6OWVVVXMUACS7YBAJCQ
X-Message-ID-Hash: OL47GSY3JCGKW6OWVVVXMUACS7YBAJCQ
X-MailFrom: Andrei.Popov@microsoft.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Discussions on Trust Anchor Negotiation at IETF 120
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7jDOL88976gf7S_fZbGv8u37h3s>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
I agree that an interim meeting would be useful. It seems unlikely that we will make much progress on the mailing list alone. Cheers, Andrei -----Original Message----- From: Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> Sent: Monday, July 29, 2024 9:00 AM To: Dennis Jackson <ietf=40dennis-jackson.uk@dmarc.ietf.org>; TLS List <tls@ietf.org> Subject: [EXTERNAL] [TLS]Re: Discussions on Trust Anchor Negotiation at IETF 120 >The Trust Anchor Identifiers draft was first published only 4 weeks >ago, received less than 10 minutes of discussion in the meeting I strongly agree with this. Well, actually, everyone should be able to agree with this because it's two factual statements. :) I think the challenge of having an interim will be that one group will want to discuss the details of the proposal, while another group will want to discuss the details of the problem we are trying to solve. I hope the chairs will be able to make things explicit and keep the discussions on-topic. If the authors share Sophie's opinion, they could withdraw the Trust Expressions draft and just leave Trust Anchors as something to be discussed. _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-leave@ietf.org
- [TLS]Discussions on Trust Anchor Negotiation at I… Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Ilari Liusvaara
- [TLS]Re: Discussions on Trust Anchor Negotiation … Tim Hollebeek
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Sophie Schmieg
- [TLS]Re: Discussions on Trust Anchor Negotiation … Ryan Hurst
- [TLS]Re: Discussions on Trust Anchor Negotiation … Watson Ladd
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Salz, Rich
- [TLS]Re: Discussions on Trust Anchor Negotiation … Andrei Popov
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Tim Hollebeek
- [TLS]Re: Discussions on Trust Anchor Negotiation … Eric Rescorla
- [TLS]Re: [EXTERNAL] Re: Re: Discussions on Trust … Andrei Popov
- [TLS]Re: Discussions on Trust Anchor Negotiation … Ilari Liusvaara