Re: [TLS] Barry Leiba's Discuss on draft-ietf-tls-session-hash-05: (with DISCUSS)

Karthikeyan Bhargavan <karthik.bhargavan@gmail.com> Thu, 14 May 2015 08:58 UTC

Return-Path: <karthik.bhargavan@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90F991B3554; Thu, 14 May 2015 01:58:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.983
X-Spam-Level:
X-Spam-Status: No, score=-4.983 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, HELO_EQ_FR=0.35, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FCuRHyD3WNQw; Thu, 14 May 2015 01:58:18 -0700 (PDT)
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FBA21A1BA5; Thu, 14 May 2015 01:58:17 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.13,426,1427752800"; d="scan'208";a="145893277"
Received: from wifi-auth-191208.inria.fr ([128.93.191.208]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/AES128-SHA; 14 May 2015 10:58:15 +0200
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Karthikeyan Bhargavan <karthik.bhargavan@gmail.com>
In-Reply-To: <55546240.3010902@cs.tcd.ie>
Date: Thu, 14 May 2015 10:58:14 +0200
Content-Transfer-Encoding: 7bit
Message-Id: <FBCB2F18-4975-45EE-9550-5D77450AB5FE@gmail.com>
References: <20150509225248.21800.83581.idtracker@ietfa.amsl.com> <55546240.3010902@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/A7o4g8hj7bZanEj3f0Zewh00rpg>
Cc: tls@ietf.org, draft-ietf-tls-session-hash@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-tls-session-hash.shepherd@ietf.org, Barry Leiba <barryleiba@computer.org>, draft-ietf-tls-session-hash.ad@ietf.org, tls-chairs@ietf.org
Subject: Re: [TLS] Barry Leiba's Discuss on draft-ietf-tls-session-hash-05: (with DISCUSS)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 May 2015 08:58:20 -0000

The session-hash draft has roughly the same impact as RFC5746, which says:
"Updates: 5246, 4366, 4347, 4346, 2246"

We would be happy to add this list or a subset.

Other RFCs affected by the current proposal are: rfc5929, rfc5705, rfc5746.

Should we note these in any way, other than as Informative References?

Best,
Karthik


On 14 May 2015, at 10:52, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> 
> Folks - I note this didn't get an answer. I don't recall that the WG
> considered it, and I'm sure if it had the conclusion could have gone
> either way (and a random choice would have been fine too:-) but can
> you confirm or correct me on that please? If you can do it before the
> telechat today (by ~1400 UTC) that'd be great.
> 
> Thanks,
> S.
> 
> On 09/05/15 23:52, Barry Leiba wrote:
>> Barry Leiba has entered the following ballot position for
>> draft-ietf-tls-session-hash-05: Discuss
>> 
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>> 
>> 
>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>> for more information about IESG DISCUSS and COMMENT positions.
>> 
>> 
>> The document, along with other ballot positions, can be found here:
>> https://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/
>> 
>> 
>> 
>> ----------------------------------------------------------------------
>> DISCUSS:
>> ----------------------------------------------------------------------
>> 
>> This is a DISCUSS purely because I want to discuss it; whatever the
>> result is, I will be clearing the DISCUSS, and not delaying the document
>> on this point:  The last paragraph of Section 4 makes me wonder whether
>> this should "update" 5246.  Basically, while this is an extension (which
>> wouldn't normally use "updates"), it's one that you're proposing as
>> standard behavior, and not really as an extension.
>> 
>> 
>> 
>> 
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>