IETF Logo Mail Archive

Re: [TLS] IANA Considerations for draft-ietf-tls-dtls-connection-id

Ira McDonald <blueroofmusic@gmail.com> Thu, 27 June 2019 10:43 UTC

Return-Path: <blueroofmusic@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA975120153 for <tls@ietfa.amsl.com>; Thu, 27 Jun 2019 03:43:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LO_9nsCpdW-4 for <tls@ietfa.amsl.com>; Thu, 27 Jun 2019 03:43:07 -0700 (PDT)
Received: from mail-yw1-xc30.google.com (mail-yw1-xc30.google.com [IPv6:2607:f8b0:4864:20::c30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FA03120125 for <tls@ietf.org>; Thu, 27 Jun 2019 03:43:07 -0700 (PDT)
Received: by mail-yw1-xc30.google.com with SMTP id s5so1159834ywd.9 for <tls@ietf.org>; Thu, 27 Jun 2019 03:43:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pOWTGsLsBnppjlcmQDrwR2XEJVrzWiqqVLm9xRZPVlQ=; b=rCeMCf7IzT2FzTnJGx+kX71zQrbIvJ0g9/Z5jIV/D0r0xeuQxh3HGmT5Wuv1mtIzSp fDU3oo+CtU40vB7jWwTnuHsZ61yT67SeuASWlIPFSjvXIrF6KtDe33uMRkc7dJGv8SWL nEeIOSOfwLfyYmL7VpPWfxz+8y4omao+VX2b51X4Sgw6ROBWRE6K8VRkchpzlgWO6LGT HzTuGa019sNtMJRmwaDeBg6REaMP2Cp1PInE9nqB81bhRBr0+YP8yWR2Zxnyn+geH9Bp SctYD/0q5gkQlHPGziKhACQgVV6Ta2I55dElkZZ1XKJbbFpye/Lb80VGVP76wuu2yZYn kXNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pOWTGsLsBnppjlcmQDrwR2XEJVrzWiqqVLm9xRZPVlQ=; b=CvFONpIsaB12ohRudOwNLbiLeMIMmyt88SCnk4GpAlmYlrQcYOz2PN0BYp4Aa5ULZH ZtYI1zieZ89xUu7x1K52pwiUmFLgMkHZM0zypA8CaGKyjbb8o2sOBVgaczMaBzALvx6M P0+Bx/GNN0FQOMmHMPInMW33n2qIrYicgtrzlog2SPKNQohHcvaf79NnviX0Sd/iauUT rAB8ovKY8TS9HLeORR8tHK3YZs7lYdYsA3VlW9hZV9zZwq6wH4vi8x+AF1ciwL9LmP3w 36xL/qIHC7lyTlZQYAZf2eidB0ulw208U+/gbelEFR3DLPVniNAYTOtjhJf4gZK4yk3f KYYw==
X-Gm-Message-State: APjAAAWqgCAvQV9Gg2wrLx5XYkuDsh0NuAPTi3IAbmsaSNkh+KCr4fAo 2cz5mwPzOVI63RqsqmkolQN/XG3Wy+pMCtLzrNE=
X-Google-Smtp-Source: APXvYqxhT/6FK/t6WWR49EVQAeVZpqsGlI+qBgKHuTiQ0/iqU9LkN0AsXXuYIAnZw2Lrzuj49eSLLloGaCas79XI+as=
X-Received: by 2002:a81:af52:: with SMTP id x18mr1838005ywj.289.1561632186230; Thu, 27 Jun 2019 03:43:06 -0700 (PDT)
MIME-Version: 1.0
References: <C31B22F0-1AD6-4CBA-AA75-082F940A81CE@sn3rd.com> <34DC165A-B219-418D-8609-C63424E912C7@sn3rd.com>
In-Reply-To: <34DC165A-B219-418D-8609-C63424E912C7@sn3rd.com>
From: Ira McDonald <blueroofmusic@gmail.com>
Date: Thu, 27 Jun 2019 06:44:20 -0400
Message-ID: <CAN40gSvqipCqPFkwNVNFEz-m7i0Wrf2c9rRfQiGLukq89KpYLQ@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>, Ira McDonald <blueroofmusic@gmail.com>
Cc: TLS List <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000baeede058c4bd332"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7yg474abUj-XvheQ169HnlVwH48>
Subject: Re: [TLS] IANA Considerations for draft-ietf-tls-dtls-connection-id
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jun 2019 10:43:10 -0000

Hi,

I strongly prefer option 3.  The future-proofing and avoidance of a
proliferation of new columns in the IANA registries is paramount.
The points about QUIC highlight the near-term need to clean up
this this issue.

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Co-Chair - TCG Metadata Access Protocol SG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic@gmail.com
PO Box 221  Grand Marais, MI 49839  906-494-2434



On Wed, Jun 26, 2019 at 1:32 PM Sean Turner <sean@sn3rd.com> wrote:

> While these IANA points are minor, what is being considered here affects
> all TLS registries so please let us know what you think about the proposal
> for the following issue:
>
>
> Issue:
>
> The IANA DEs (Designated Experts) think that the registry should indicate
> that the connection_id  is DTLS-Only.  This is the first extension defined
> that would need this marking.  Currently, there is no “DTLS-Only” column in
> the TLS ExtensionType Values registry nor is there a "DTLS-OK" column like
> there are in the TLS Parameter registries [0].  Note none of the TLS
> extension registries [1] have a "DTLS-OK” column.
>
>
> Proposals (there might be more):
>
> 0. Do nothing
>
> 1. Add a note to the top of the registry that says connection_id is
> DTLS-Only
>
> 2. Add a DTLS-Only column to the TLS ExtensionType Values registry and
> mark this one Y and all others N
>
> 3. Think about the future (inspired by Achiem in the GH repo):
>
> - Change the “DTLS-OK” column to "TLS/DTLS”.  Allow values of TLS, DTLS,
> or TLS/DTLS.
>
> - Mark all DTLS-OK=Y rows to “TLS/DTLS” and all DTLS-OK=N to “TLS”. [2]
>
> - Add “TLS/DTLS” column to the TLS ExtensionType Values registry and mark
> the connection_id extension as “DTLS" and all others as “TLS/DTLS".
>
>
> Selection:
>
> While option 3 is the most work it does kind of future proof the
> registries and would make the columns the same in the parameter and
> extensions registry groupings.
>
>
> spt
>
> [0] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
> [1]
> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
> [2] Most of the DTLS-OK=N are deprecated cipher suites, but a couple of
> Exporter Labels are also marked as DTLS-OK=N.
>
> > On Jun 20, 2019, at 21:46, Sean Turner <sean@sn3rd.com> wrote:
> >
> > All,
> >
> > During the DE’s review of the assignments for
> draft-ietf-tls-dtls-connection-id, they requested a new “DTLS Only” column
> be added to the TLS ExtensionType Values registry. This connection_id would
> be the only “Y” and all others there now would be “N”.
> >
> > The chairs also noted that the IANA considerations in
> draft-ietf-tls-dtls-connection-id needs to specify values for all the
> columns for connection_id in the TLS ExtensionType Values registry and
> tls12_cid in the TLS ContentType registry.  Here are the proposed values:
> >
> > connection_id
> >       TLS 1.3 column: “-“ it is not applicable to TLS 1.3
> >       Recommended: “Y"
> >
> > tls12_cid
> >       DTLS-OK: “Y”
> >
> > This has been captured in the following PR:
> > https://github.com/tlswg/dtls-conn-id/pull/67
> >
> > Obviously, please comment.
> >
> > spt
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email