Re: [TLS] draft-green-tls-static-dh-in-tls13-01

"Roland Dobbins" <rdobbins@arbor.net> Wed, 19 July 2017 18:38 UTC

Return-Path: <rdobbins@arbor.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1C45131B3E for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 11:38:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thescout.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id opNMp-ij42xb for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 11:38:31 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0096.outbound.protection.outlook.com [104.47.40.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D305B12711E for <tls@ietf.org>; Wed, 19 Jul 2017 11:38:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thescout.onmicrosoft.com; s=selector1-arbor-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=BlyRg1PqM8aN5jMSK5uhM5ij5g1fdcVV4OU99f7Y+tE=; b=nhGpHMIBNr5r3nknVZfIjFQSGvIcyaUz9QsXpqjCSnOActnXSzXYPz0U7b11RUApEabAnKGjSdYk5pDDqnXKuq8VjDqLSjIIe0tun73Qpr0WwPHi0XnMaHSUfnWJv/LsucsOh2DX6jVUbXYVs3NwyQlp7K5q+mZzxAoEg/HydX4=
Authentication-Results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=arbor.net;
Received: from [172.16.1.3] (88.208.89.131) by DM2PR0101MB1039.prod.exchangelabs.com (2a01:111:e400:3c19::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.13; Wed, 19 Jul 2017 18:38:27 +0000
From: Roland Dobbins <rdobbins@arbor.net>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: "Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu>, tls@ietf.org
Date: Wed, 19 Jul 2017 20:38:14 +0200
Message-ID: <2D273F40-2DF4-431D-9392-5B492409363C@arbor.net>
In-Reply-To: <CACsn0c=K-w_suSWj7ZUgbmCmMSerCnggOSgrHqqTfy9B09OH2g@mail.gmail.com>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <72BACCE6-CCB9-4DE9-84E6-0F942E8C7093@gmail.com> <a0a7b2ed-8017-9a54-fec0-6156c31bbbfa@nomountain.net> <6AF150DF-D3C8-4A4A-9D56-617C56539A6E@arbor.net> <CAN2QdAGRTLyucM1-JPmDU17kQgAv0bPZNASh54v=XoCW+qj48A@mail.gmail.com> <CACsn0cnc0X5++cOvTNsboda8J42qg3VDquZ4Va-X-YDcggnbvA@mail.gmail.com> <7423703D-5277-4F78-A2ED-1B7E152E7B08@arbor.net> <CACsn0cmo0HXBj7MidTTwkgE+Hwed9SrEODSzN8oURzQHJTW1aQ@mail.gmail.com> <E5BF12C2-B79A-444B-B4C2-90D28B40CCAC@arbor.net> <CACsn0c=_OT8R6SSr0P3RvT7Qx+smfz1DAKjH9Gni+jM8Ue4v5A@mail.gmail.com> <CAAF6GDc9e9TGWVaOjdb83AFH=z2kt41Rje+r4Ureoc6KVgEUJg@mail.gmail.com> <B08F0D98-FAE9-494C-AA96-4CE89792B770@ll.mit.edu> <CAAF6GDdSnCggfsrSG68An348ngR+fcb+9nQcKvJJGFtxg8NzJw@mail.gmail.com> <FDC8499C-FA96-4992-B1F2-C90F6154856B@arbor.net> <9A49F3C7-DEC7-4FEA-9017-B48DAC1D1446@ll.mit.edu> <5E90933D-3D9F-4166-808D-7ECE53D264F4@arbor.net> <CACsn0cm3pzmyN+RRbHv_KznS3ZvGhkEVe51RzUhAMe6n7L=q+g@mail.gmail.com> <0739E598-8CE6-4B41-BFC2-4085218A06A6@arbor.net> <CACsn0c=K-w_suSWj7ZUgbmCmMSerCnggOSgrHqqTfy9B09OH2g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5347)
X-Originating-IP: [88.208.89.131]
X-ClientProxiedBy: VI1P195CA0005.EURP195.PROD.OUTLOOK.COM (2603:10a6:800:d0::15) To DM2PR0101MB1039.prod.exchangelabs.com (2a01:111:e400:3c19::28)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 844a6e89-f57c-493d-643c-08d4ced558d0
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(300000503095)(300135400095)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM2PR0101MB1039;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 3:XGyTC8nGBNpC5YZQZo1uP9MYEZplupYEQP0o/jrR8u8ZPBan8J1Dz21Qc5RULKjVUttXl5vpoBt6RZymXyNhrQVb/XzyjImPv87H2NkzhmkRDcRnwQ3g46Y5ZSDYKk5/GKxZgzx8b0x6pvjolm+csxY/Fq1lGArKRnzbojBjhnQGPbGuXK6Q6A6enJa5RIS6y9l0dEJUL2ICmZXqIZAlimqqWO2znYm/tx2fziJjn/JkBWISEzyCzn0KOevviSo5BHaj6hhOvF7s++UiUivMpw9rYWEiJwdrfTF92dCsZNk9bSXwOOEA1AoyjdxFvQwzQM2Nes1fqeiujhIOz2Ot9AmgiZg02foW4l3x0VaZyytgzALB6bkR4MHHgpRJDoBtXbCmB5ab/BRzt0EjtjS2yuapzjEn4IP3WNbXzeCkFVx0LKOoR+l1MR3sacmiDfDht6P5AApYa7BnUVDhN08DlQH0mQvmgNq5auYy8auWrFjPwsDcQr1cK83ak4mzP2n8DauDfQp/A8tUJAQ2xigHK6T/dS6xUIAz6QJ5/3hbu1dpYUGCt6rlZDXU/DfmLJ1xw+jIQMMddXeTneiF5UBExmbqnjJXxqrd8mJq3f54u8N3YGXm/t65Ab3SU0Wf7lIvobl7OewTzyOMXt9OXjU3kt4sPOmm2WgwKhV37xTG9/8FS1zYp58uWhTyOOwVmik7/UGTKab+eH2s5W8VikLzNLXu/nEckGEm+maEttz05mM=
X-MS-TrafficTypeDiagnostic: DM2PR0101MB1039:
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 25:lTJGo1Ozm9QpCzOBnYgvkuw6kMgOazK7dOlroOISWUsr+F53GmAI23Gimb30+x/zf8+rLzIChg8GlTBzMLTXX+j/fJ6AEkMd4R7+JhKDHUilaPBn5ZgMfXdmxGDmgelmiOzXWCKnnNk26zfQT1I+5i8aK4ior+figQjXjxZDmRrTqVK0TvjjlKwU4eaKiPBLuFO9ql4mRPupnjYPEGel+/VIiByWjEtL4RlV9OYZBpmf2HckUF9cDHD7kpOfeDyN3fWfeQvGjlcsJy+LM7QHCp4jUeCDILR/yyWfkm30Usz/D5RMeTskCdu2EoMONNctoNSsuo3QVOz/SXs7kLAT/boCgHuk2pbtxb9+8Fidyh0E6CiTXlJTI7mfc9MBfxpnSUupxsuLYF8FwJMe9p6EAE+nBWureNPunFOknCq95TIyNRRC6+UDcnKpzDjbjy+zBTDkJohX2nqdWCgUWXsllIFk/dbeSgCNndWy+ZWAtm4RgOTJlD4XitwwWI8vBAhu0ZPQndW94H20TNHEAjEt06R9goC3rvjLYDTrxgeVp/EoaC1dDSmcxsAeGvlsMxsJIovSIababGD514Zd2FS0LfD783SuoVC8Y2oxc8efzEMkexZKKIgmsNz9vh4Jt3lz3/o5ljPpI2KoFWsYXTvnxdv517qhGfSZGl0VJlNMS4uDtZSyMNGSMnn+V3UEd2jbB1hiVKQDejwScvDZeAID/StuVdtyq2gc2hvk6GVCL4u9lXYujhPVWsJ0y9+eHcLv6r3+XeSQocy4wseAeem6fFjOCs9JOT2LKs5hsYeWPTVTM5Qwxt0rU6Den6AsKtBIA9eX26fbRddU4bH0/JnNlE1iq7TnF9nxoATc9fFC6xRxvSMdiRnyjBpNKiDetdT5HYkg9IU0Lc4SVIe0fVhnwvEQIP/y1Lqkzo/vE0Mz0JQ=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 31:3Qbks2003rYA23Wj78ADHsuuDeenSmM0/s/pnHuYXFdottikXC5WqSgVwWC1DPz5IlBLt77spCJ0KGBc28Rrf/gqRPkDttCMoZEgpTtyboHqrgLiUMEKP1ZBOSeXmHFeC+gLLn7ztmkPXIdwnj2Fzzov+ev3m5Rd05yRR2LAAF9Uu4rmTdGMgs2z1Qe/GNRdZ6modACm6oGBoOjQ9TUPdrdrEaG6tDN7OYepK6rlSuCnFatxuubiQPzBj98C9K+0ITUPOXFhwu3UA5RiT9k7nTzfDnrVrsGbBOhdUOf+4xkLYWjx5fX4aLLR9fXSH7orCLffLj71Fb7qbd2opLyCGSh4zlSQmmoe7DrrE47S4Vgy43CtTpWBsrk0nplNsW2g9sdci47yPrN1a3B3Vknq6kp6hCb7CnUiRI4jlVnGkMPj/HO1dh7W3pEkpwYYJgIq2UxUPzLk8Csy6BrABTnN0P2fTNnmMZqyIh0YKLerwnk+/KomUiqpYUIG8Vg2s8JSJsHZ8wQMFCLsLeWj45LfIKbCWEWIdumvs1DXRiNNGoY9jsiuxeEEJu3X4CEqhLG2w1mK9t62bI3l+6/3DAPZ31ROFTOpIFEQvcip9SLixd9jhoLjWrTquC8wV8BmZv4xbcpCPzU5g/q1T8THog5fgftzJ4+PUMVcFtHWDs6VQq1JHVTAYC1UrIvRjL8BHI/B
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 20:1tAnsZJrwUBwTRjclsiMjNEUoq3bTM0bJhieyEEe3pDM3d6M/mIYLEnoK49Q8juBrEmzDIGfReuh734RqoHZzcBwB9+P5XiQZxbjpEkDK/OjW0EB6gfUa10OW3vI1eCSeop9bDUH05QDeBFo5R9U51+KV5I7nwISfVjDBacNpnaR//Mp+37IidYNl3y4CnIXrTlTU7iO0ZD99AWczzBDJcF03vfEJU355HR3nP5oGDWe5RzyLF5tS/uxe9JN37Z6Kma6xJ4C8sEUTxW1QaT2nnwVS8dB7KFHDmWfSe9/DN4bJDqCYA1Jum62SSG6lF1HV/H22Uwhr5a3YKkkRgnx03CW7GsnKM175H6aukvqIYmEyWd973Ixi2nP1ArC53PjXm/d8U9mw7x7m0wE18gVy+1WgO12YPSOaXfxDNU/B7P437oWja1qX+MOm6kW3AxpnqYQRjsJtrzpBP6GCdCqsFjhkBsOgH3X4rsmgD3QAeQ1Z/l1/i7oYHFDCM5ByvU0
X-Exchange-Antispam-Report-Test: UriScan:(236129657087228)(266576461109395)(247924648384137);
X-Microsoft-Antispam-PRVS: <DM2PR0101MB103941EFAF77642ED6975785CAA60@DM2PR0101MB1039.prod.exchangelabs.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(2017060910075)(5005006)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(3002001)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123560025)(20161123564025)(20161123562025)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR0101MB1039; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR0101MB1039;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 4:hzwS8H+k2+sq3vC4i+CnsH3FBn0o6LiAIp4VK9ZADIozvYp1eOcnncevECRk+zPYatk7jXLM7XMoQiTFuvIrjyo5NM1hWTORwtoW1IakxYhqNEPJkdeJzbJXzTj6oe0CRvmMt3hqEe5rpsCBZw10wd6UrjnFL1B4+QYdAh0OHCfYR/UNjQoHW+ubynaYw4l5g9UcfARJdM+ECHloJzxgLLsTgsPUBHY0FHC8F0Xs1Co/Bt7IARWBei+NQ4SWY0MtXPQ19u4A9CI6y9vTRDqKS22iWzLv+yWI168t/ro2nC3Sij0ExKAK1703lnUpCIiYWncVUgSKr6Ml5ifY+zRDnZbbIhxraJrqvxvKW03ssa1mp1TYbggczpiOySsFAfq6+iUeVKEMP0HYL6VYySMAFny1Hp/tw0FXHiUBk5BCxCHXzfKZLjglluScQV24dCFL6+LGz3iUvdDn7PplSyqPaPguR/kjXovWICbB+yQkLrALUpv9JLPkz9R0HDp96oBRVbJiPdyPherq8C/UjsrvEMRaYdA9UlzAJ9axNJxWWWDRTkCeyufE7IJuyFL8CCkekjjre3coguLQTQ8Pfj2V3ofOBOZNBo+OoeuX0Ba78Vhoh3l5woOUkSAQHnQY2QnC/rWdgPNuzaI/76sB2nvBY4KoB/D+xmnzdvM9GYTuNPFlT4v1cRhI02LOuv/MIUyblEfKPd9IZSLz/jpK9KXwy+xx3bOIPJfCJd1zSPH84NICW6sxGR0V6SHezHp9oA0+gu7+GSvW4lHPYvhCAulo9J9RL8FE4bk+LGnBPcg9FE2f8ZJVyyBEdAyiw6aise54FuZiho8/Rqyu945P88jaOdh/9kPsJXetB2vR+M3jOcHkR3HUc0npiBedDg2nG2MgTSsQAGn3vBwi2ZWmt6lu0u3jy07WeFk3p+iaHthFxbWGWj/uLQtFH82a5jukdYiCIwBqPw8HKPcEY6YsOr+Xj0mNM7FGmUKhZwZAde91v2JqnFYEuWg2hjZm1WQAjUn/cSolwAH6wOwW/HL4GrMvpVOb97tW+abloDtAdzKxitbaDUGZ4krlaxbwbz19SJ08TxSnay24BlzQbhy/NnqeEQS39r0dJM0ru16u04ogAnNgtKj8JzoaS6HQ6zQaMRu+uMrl70Zqa5KMGbpXAnrEKaqjcIErlFEBpBgVdMRKqIZB0I9b03LTmGoWvzWjyeEv756SFKrzysXMMJO2FFigHL6wfit3YdWP4BCWnLDoNOs7DJpCjU4sTESjf3+JIQsn
X-Forefront-PRVS: 0373D94D15
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(7370300001)(6009001)(6049001)(39840400002)(39850400002)(39400400002)(39410400002)(39450400003)(24454002)(82746002)(6916009)(2950100002)(6666003)(5660300001)(229853002)(77096006)(6486002)(3846002)(6116002)(93886004)(42186005)(230783001)(83716003)(50466002)(5003940100001)(86362001)(1411001)(50226002)(36756003)(66066001)(81166006)(8676002)(53546010)(76176999)(189998001)(50986999)(110136004)(478600001)(6246003)(4326008)(2906002)(38730400002)(53936002)(47776003)(25786009)(7350300001)(7736002)(305945005)(33656002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0101MB1039; H:[172.16.1.3]; FPR:; SPF:None; MLV:sfv; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 23:MJEFOQg9zLS0s//hPTc+J6hMneCsrfXF2WaG++dq4kyKcPHm9I8UfUnQ46V4PAeHVvQ/55gB5frvv2HoIQHEU4QROxe7Ek8ai4DVcrjZd2eJR9FLJyFE2taozc+u1WqY6UTwk2hOntiyFoXBVKGz62X/y4vOGqfiwLFT6DYXg1KSUkned0YIgVRG/bwF5gt7iRrMIXEXHS0Gn1m5vkZxMbrohRfZTKfJHrvEeJj+ClQlcaK/wPt7WYbCNvqVQVceSEqqUMk8v7t2KvrMfj+uLRmS9Ayffh9zYrLpfbdu1CI1XmJnzlDHMDHRF/ReAGcFWH1W1bR4GZhst6qTuRQ1371BTerW7bpIfIeIiZ3LLhtpT5rOBfxNxldTPpPnbg0GcAvz1KQEG3k9J6LYC/aKHYHQ5iEZJ3m/jmCFXOJHwYoDyWKduHbkuJ1BRjEtCQkdiOzBwzExKyZLfX5vIjnIm41hRYMl9NOf2Ee109AiWsNP0+jX305vtdIlhL76ESAr0EQrbbWQwa2oIVAZvood3jkDXf+g9J3VXw2RB0GKHIg2rMlD7ytbwTMqhdlAr0nyqP1r63Z1v0TppiSAuySbAwhQCjKZZZg+eO3VFFYQ0Q5DjGtO2gcEnVB6GLVFei2D4es2TSgPECNEJpqugkWo2T8S/Wi4Mb4L27MJGAIVRoiS04W3YMOwgFMTZ/pFgWf5XRFOKQs63G+GL0Plm1zMRtFTfAwKOcVPE1chvbpX/OZf+jRwXfAZ+nT4CQUHKI24O44afxVOcqPGgsXl4e5BHWJV8sNWlvw13WRKvojItXeL1XdFflgLGau0QBgGfM1fIrlo3vSEpSh4Ywf3Yil+aFUip7qcr4O68QROC2oLoFuohLCZ/cjEk2TaRs9kHFJHn+EpE8LWt/QM88uvQAx6w5wOQfOhAgc1BjG40L2Ha1ZJ+OAAQfe2AU1I4LSmoXjW24QSqwqCN/kPU2+3g/fzf+pgVtcnDQ4fxdWGiv5d64yGMLNjJkRNagQ0FkyLvj8juRKMMbH3gRYkn+V7xWwEFDJe7z3hANl4sNGGSguUVJHhEFaIQrccR0K4c9h1U0VyEl/kK1TTd9UeR1DqlyJhnH26gdoqyfRb5Now6SN9J7eV4AHyESSocXOOToLpytrZ8F9UjKTnCZ4ZIJMkrRAYN2SDVUPgmjfwhaW+afHeAW4t4fnQVedFSqLl9xUXVZBOahjFriFEbRJo11+racVZEtX9pyneCJJpvphUVqZ/LsI=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 6:Dx+fpDtTyde0+CudGiu+5BDnY/dJIQhuoCNVqsDtq6C/nOPo+aQlrc8CZwu2uWV27xYHs6I3N5gIfa8KHa9RwxJm7SYDfBn8Z82Hg6jfFfyTznXIwBPnHyQu6iKPeVFZkZ+0nx6P+nckmXSOxGRqqH1IreOLlsFCEt46La60meuwnlav+56/0qfH3OI+esjvly1ICNhT/07/d94oud6hsvKUuD4wetzIUtD+XPWbmG2AHKNI0SZcq+BDZvp2v6VpFwgrSlhyuV8mIsKbuIWgmmKjuQ1JP0l8iFYN3uCc6gNoEXsaV/PNumWzYbmGRhDdICMVZuS6M2WT/ypwsWHp62DowLd69PDHGqfkhECjxf+hdvvY4i3R31z5w0br5SUqI+19uUFPGLw4e7CmalHXkslsYU1O/+qmPqw01eYrti/NckwVYAwGmykifOmUwZ4iMUNxsYRdQuznZXM/AeQJjZhQ0E5h/Qxm16HQkavMwYybriOxq6rhUZpJdaGApU/NSYbtauvUydZi3mQKDNeTV4sPx9QmDl3VLGhbdc92RbnwKoHxbWyPVsZTa05AceDIEO+FmV2MOVHJTetUyH5J9vH/8tDpUGAVhw2CWLoZs7C5fNkAQgnEHU1dtj5LygPpqTyM0W1bgbXlFAw01J6CL3TuoJzoO1Vll+CygnaJL6ejM8RROnutPza+z8NxjeyHC/JV6dqIFOAg6I96B8UcQWIO0RB+b2sOrivr7CI0Quey/QJlN02Gg5pADVZ3Ac7LU6lc76oZgytHvbEPDQAM58vuq4nznsY+4JgUag/y1e/YJW6IG9Bpgb+fKMM1S4OCTj2WJcq7ZtKerT9jf/Q/7HhkwE69Ud7Db3LC0hvvrYCMUReSGU4SvbwjMd2XTALBbuHhW+p359CwmzUyf4098QROXcuf/chokFPNQZeIpT7iQ7fowey+/coiMLOL81nmifIFwwTE0onqQTQ1EAIEUUpTlLmAhHvbMY+3Fl7Sf4k=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 5:daI4ABLKU0QmIbaCvQ9ezE0VsFooX3BxElRMeV3UwmAw0kyazZ4EpEBNpFlkXU4MhYjBxSeiBa1KHAe20QPLlK05yNXDW4zGj748pURYlywVfxID1IbSK8eruqjyQNOLoPw9oAp+tCmtL+vuLGKy1TukUPJFnZHrwGcyNKBpIEvZspf4XNlb6Oh8RcvPwZyazMfqyV8hcvXTBBoBaYy3CT4tjhV3g0C33HPBC+wi566SbHBqXgX9R3YO8m82MdJisn5dL94p9tU5o43wFcnsUHsf2k2J+cdwNIrNlGBmSj1H3tjcQif/es71jieCLmskzEHbev060Z+TzgVBAEejjOvoU7GTIZsdVE2/nja6DSrUFOg6Kub+6euzctCmAUuWe02cLlSANB7/Ub6o7AXybraJVjYbnNHoGo0Wp3oMpOeshCLDMyCr2o2KORbWOpoRyB1kcydZRDOTFy+EmdrHr8l7f8gTCUcZPl7zQoWbT4Yor52UI3OlbTCeLOi23pzo; 24:M/jwnGdNOyg832T7mcvDPTR9dNmSMqZO4n1oaCXnVW/X8c7n88RiaVHryGWeTWAH+NSaMlG44fs/LhnHhvjbMu9ypG/gBB+7rRMc47EOUPM=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 7:a6+di+x9VIcAXxcdPD+rjUinyoG8IFEOSE/olrdQMmNU3qFuYZapUEBLA80e5Ay1xqJk0CURcPsFEuCylnb2TOtFm66Uu/WiGAtkSeDegRFnvWcbnjvwhlHvKYTonxAz2gTUz4sKpvGN3Ww9lK6LJcoIvGeTcAaw38kv4jM8SDqdfHHWi9+pNzAWe9ZV1QyZnJa44hm9m5HDY8SogzybVC4IYjySWyP8dS7/FkL2saLjm+NQOJa7WX0L487I9PS/0L+OCyfm2AbwIfnDigsaF3NAZZI8Y3HfATksq+8DVLaj8gYyJiYhihzU7jRiD8IdWnqYQCrg23vAemDD7M75CqBVmW1mazdq9hzusYupkaKUaeUZN78xlmilnOQJlAqs54Q/BHMAI+3DbdPIk53eG9Wk1xZ479O9jbi6hVglNQib8UWbfg8xWQLiqfkmDFlyiweCYf5F1iNmPqunt8krTcd+5SOL9sy0j7XqIioZqYXaHnh7p4zl++XSX9TYGxDHYQBTXXT9E/D5pe11hiWSOMfIDR7gNUX3c52jicBFjNDBotORgWP7lCemFPUmR0uiYSTRJmtK8urVbxyr4Yqt2Wl+vpD8b9reGKHpO7fnHDMOmzTlAYamWWtHwiUot5rGXWSqcRlYnVpkd8AvFARLm4GoX/VE51gCzOEmQdOnJ5nOr6S4+fQpW+96qPbRtOFd3QuSRrbWrPpO8nilwmIilA9whQqLNYyG052xtmiZBqaPqGvN35Qr7wOhZHP4gPEFO88DGTddNP5j4SMPmUdW2Jj7So6ocKAUOv/x9cmltP8=
X-OriginatorOrg: arbor.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jul 2017 18:38:27.1834 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0101MB1039
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/99bLWwnwyZF_qSiLceBE7bfZKpo>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 18:38:33 -0000

On 19 Jul 2017, at 20:29, Watson Ladd wrote:

> Now it turns out that the requirements on solutions came from
> organizational issues you never told us about.

The organizational issues have been described previously, both on the 
list and in the meetings; and the technical issues are quite separate 
from the organizational ones.  The one isn't the cause of the other.

In many cases, the organizational issues do not exist, yet the technical 
ones remain.

There is a serious technical issue here; the only reason the 
organizational issues were even mentioned was to provide context.

> I still don't see a response to how you determine unauthorized access 
> happened without being the authority on what access is authorized.

It's possible to have the relevant access policy information to hand 
without being the authority oneself.

> Apparently exporting the PMS from clients and servers  isn't possible: 
> I find that hard to believe.

It isn't practical from a performance nor a network architecture 
perspective.

> Let's standardize an extension that exports an encrypted EMS and be 
> done with this debate.

That does not meet the technical requirements.

There's some quite useful and constructive discussion of possible 
approaches taking place - I'm observing it with interest.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>