Re: [TLS] draft-deprecate-obsolete-kex - Comments from WG Meeting
Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 31 July 2022 10:28 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16DE6C17A74F for <tls@ietfa.amsl.com>; Sun, 31 Jul 2022 03:28:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.608
X-Spam-Level:
X-Spam-Status: No, score=-2.608 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3XiY_pIeoaCx for <tls@ietfa.amsl.com>; Sun, 31 Jul 2022 03:28:29 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.21.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DB19C15A72E for <tls@ietf.org>; Sun, 31 Jul 2022 03:28:28 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2177.outbound.protection.outlook.com [104.47.71.177]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-17-gTnCkF8hOPaPF9oXItXyVA-1; Sun, 31 Jul 2022 20:28:23 +1000
X-MC-Unique: gTnCkF8hOPaPF9oXItXyVA-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SY4PR01MB7874.ausprd01.prod.outlook.com (2603:10c6:10:1b5::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5482.11; Sun, 31 Jul 2022 10:28:21 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40%3]) with mapi id 15.20.5482.015; Sun, 31 Jul 2022 10:28:21 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Ilari Liusvaara <ilariliusvaara@welho.com>, "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] draft-deprecate-obsolete-kex - Comments from WG Meeting
Thread-Index: AQHYopA/+RKpIcmIc0CaPTkmFAPHpa2VYTolgABAZ4CAAqmmAQ==
Date: Sun, 31 Jul 2022 10:28:21 +0000
Message-ID: <SY4PR01MB6251EE26098B200AFCDCCC73EE9B9@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <CABiKAoSvJqewOs=pqS+ggyWBCasoQYU9GoGMMOq6V4HZqmUH+Q@mail.gmail.com> <SY4PR01MB6251B80C4F35F6921854DC72EE999@SY4PR01MB6251.ausprd01.prod.outlook.com> <YuQdX10fR27Z2iKd@LK-Perkele-VII2.locald>
In-Reply-To: <YuQdX10fR27Z2iKd@LK-Perkele-VII2.locald>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2d7adfb8-6813-4e87-9891-08da72df64af
x-ms-traffictypediagnostic: SY4PR01MB7874:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: iMiV7b6B9wUCjeq7ZWJZ/bRwAAEgt5xdc95sgntgkxUx0qI7FlRL6+7n/uKDutzl+i8Hyt4VZLsIipjGxKQNm7Ggg4TnmcWuuDY/cdLGpcuOqk7rOre/UlljxmQKkxni7aQIrFxy00mCHT5TMQnJrqvDg4IlYsgfErAzhRxTXVhicAKWLC5tq9+tHo7FzBKq6EHUgkYpQC+X7VWYsys26QODHok31Toi3bzXhJ+oVKo4rhX26ve7e/83n4dz0/IbsqnjCB/3VzpVW7wehP9+Y20bjwbc8t6O2EQQ6mZbjzKgT8hDCwRgExtZm5bgDYvuQVgEcymmx06acJTb1x7iHQTuX+8JiQPGVvwhgIWLrLk2SHeRO/qLljEcA3iw97HCpbw9wxvqDRWc4yXVjHFuwYLm+uqXXIxgpGhjR2qUxPEwCMgdjaCIia3+kWlajEubKf6UP6Rw707cmN1D3iUEgL7zHpahM0N6Qrcxt5HmcCS9UBagEu9G67Ib2PJPWX3JmBEqG5gjhCo9dWQXhO1pZJ1hQkA0s6X3Xn+DUqDheFPEvRGX3lKm5YrzzU0Qu2rkwCZa51MkavjfzujaQUUBqFkmMPXYx4DAk/K0F124ma2rXPq5CpWQG7kW4KOHiXCfUR9oxl0rFLGDEALNIu+7E03hgpXctnzHxVsLT814AfeNgwEFBYHKP5eCgAVb9Y/l9WpjfflE5oYqhAYzo7RS6POxRITy0sLSOWSJQux6/hdybVLBA+NNcn/Egv4j3Q/REH5yV9Hgu9xiF/AplYzvCk3CVO+zv5zGVhwdA2lV1lUTzhRP5zcfG+3XwfWOTY/PoPy/wNWtDcAOePTmISJ/xA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(366004)(39860400002)(396003)(346002)(136003)(83380400001)(38070700005)(26005)(122000001)(186003)(316002)(38100700002)(110136005)(9686003)(786003)(41300700001)(2906002)(8676002)(33656002)(8936002)(52536014)(76116006)(66446008)(64756008)(66556008)(66476007)(71200400001)(6506007)(7696005)(66946007)(86362001)(4744005)(478600001)(55016003)(5660300002)(491001); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ifvdU1FpV2GdLIk3awnoOOOVmknsihBo9jQzls9QLVtVyS5VtjBbOeJSqoPwRYZoHwgsNt4ib26WHb9MbxFPZUcwDtdMhvTwlF9XGMgEV82PIB+onhpRf4Mo9JmR50OCDsZ6jxbfFZoCcz52fpoZDoRa2GGoHn/JgWAlBiI3Qbr9FW51TpcepwlSVypzAtKp36FRtQ+kPWWZVLTLVdHGhR0/xSTDtoVpTdVfLNRVkpVAbfE1pvgX3WiTQHgY49Wo8n6jwQc6LsACHv6R/Flf9XliW/EI9d1eDUpoy+h7JRX1WRpI9TdQ83VVFSXvJb8iR8CXaRVCN/5QPVpjjGWCQcQv1RU3khRV95C7T8CK1rF0Xt4q6gFGslRSgR/zunaHMfo67qVWMxNWcRaoIEZsbEvEe/KwoYz8uGu8WnFVlinJJBU59M9GoNhFEkVx9yKyhFnj73ZiVYMg6B1tWxxjpDNqhEkG/BinVQmckWbVTtD1D+3hlYy1e3HqBaB1sG1sA2YhX4rEA3ZDz5U9NtQtdJReL3svxXMPksujJyNHvB8IzWfT/efew2TjIMGNvd8fZZAzW6XMcpXd2xhYhyWWi1kejKQmcmW2z9UOFk8KZXGmpjfkmW/5UB7d45FO2huJK7yuA1sAdAKWhXryvsV2sMGtb4UjjZ8tEitnf1QMDOC4qcVG8kHOM1IeSyY0U3NogcJLyqRVskSAGRvwf2sUpSJU5lvXuApUNFpyI+y5yBiw7s2odixjhw4kyk+MLkSdzdgGISHJe5Jbz4cantImluuElAoawxIc3euuvWvW4BxvO6JU3yqjVyfm+GG9I9RvIiA7bdOtdgL46/ha6abX5EBCc1XmwbT/0QesUGNspRIeAWlvLQ/iigm16AKe6kmlC5ZETzeteUqyp8DK8fm4JSXY2KrPuOYClLeOsl9PziFdacr9yoISVaaZ6o9Gf2dW1AnCAIhEdFIvddoq8+mTA/3KRUzhXL9lc/g2pK2evqYWjOz9vSSLwFAtFoegwoVpCGpU13sI2roIo6v4uDiZPbFrjQzXdxqe9+lXWyWfsy3CeWg4qECdOW4ShUnE5xyJf8UANvNkxtBC6KZ7jZJHJoXxmj6oOmun85Xsb5S38f5FcrDibEdUzYctbglBwsYlpzXA/qudVvxqATXjIyNkCTTplDpEzE108B20Jcpb+xekXQWWYzm9z0xxx2fN4QhhigI4mPJ/DlXh52ySFlOh1srCbtlUdyGJRz+Uq+B5Fn2PEUShFinCzNQmK5UCIA3G0Wr7Yihl3eUQilejd+/msVtZ8vv2iyEgmlZ7rJsJq8y4oKv0Lf6pp6I3W6x6NAm4SaAqmsAsWLp+VYEdOX5b7Bd/HNHgbaVNKLu6rs2HTYxo9nXHy3vO3W46yBEyal1lFE/fRV7A8OZmtTdWmX3VsOS/q9Njvf3d7yJEnpcc9Ud1xjADrL+qILeT8o1lWLUWIOH8S039SNaaMgStyQmQo7XSUE/49lTqMa/0SFId2YbLxUIGFrMLobcIF0JDoKgqe4xSnRGR4Hl31x+wTFh4vjX7/8dAjZokn5PQll6UwcJT5DB+V8IyBhUV3Z78WkpnfrqmYj3NUV8oeSIUMXspbg==
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2d7adfb8-6813-4e87-9891-08da72df64af
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jul 2022 10:28:21.8381 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gm/v/pDlijCO+MgnpAObzl2oGpWeGfEFCy6o2IxLfzWOnqoH/Aq6hd4zxvBe7UUWJnAKRR+pDUnBl2qMGgUQrGtKIMG/qH9RO290ZaFrt28=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY4PR01MB7874
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7nfnS18PUKzuOzmjOby3byyixBY>
Subject: Re: [TLS] draft-deprecate-obsolete-kex - Comments from WG Meeting
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jul 2022 10:28:32 -0000
Ilari Liusvaara <ilariliusvaara@welho.com> writes: >Unfortunately, that does not work because it would require protocol >modifications requiring coordinated updates to both clients and servers. I was thinking of it more as a smoke-em-if-you-got-em option, since -LTS is by negotiation it'd be something to the effect that if you're using -LTS then you're covered, otherwise do X. Peter.
- [TLS] draft-deprecate-obsolete-kex - Comments fro… Nimrod Aviram
- Re: [TLS] draft-deprecate-obsolete-kex - Comments… Peter Gutmann
- Re: [TLS] draft-deprecate-obsolete-kex - Comments… Ilari Liusvaara
- Re: [TLS] draft-deprecate-obsolete-kex - Comments… Peter Gutmann
- Re: [TLS] draft-deprecate-obsolete-kex - Comments… David Benjamin
- Re: [TLS] draft-deprecate-obsolete-kex - Comments… Peter Gutmann