Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 8DB791A6F67
 for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 15:55:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.366
X-Spam-Level: 
X-Spam-Status: No, score=-2.366 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
 DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7]
 autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Rm3H8RzfvdNI for <tls@ietfa.amsl.com>;
 Wed, 16 Sep 2015 15:55:05 -0700 (PDT)
Received: from homiemail-a85.g.dreamhost.com (sub4.mail.dreamhost.com
 [69.163.253.135])
 by ietfa.amsl.com (Postfix) with ESMTP id 0DEC21A8ACA
 for <tls@ietf.org>; Wed, 16 Sep 2015 15:55:05 -0700 (PDT)
Received: from homiemail-a85.g.dreamhost.com (localhost [127.0.0.1])
 by homiemail-a85.g.dreamhost.com (Postfix) with ESMTP id 8C1DCBBA088;
 Wed, 16 Sep 2015 15:55:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date
 :from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=cryptonector.com; bh=E0MN4PNj2jXO6z
 CfDj3cUPWjkbc=; b=Mu4tc/y2saNlABCVk7yjeFaz5t7pk/IBZ7vvAOPshUQ3nO
 uIsJka6z5qSKX1bimSd59TPCH2qXaGBbk/QFoluidLFGcaJFTXsuVQP0kSINWQVJ
 WAAoSfwBqWPFNKtDw6yFDpU4qZilymnpl8XCTxsbmDYUbg5QgIbZbnUmOBRO0=
Received: from localhost (108-207-244-100.lightspeed.austtx.sbcglobal.net
 [108.207.244.100]) (Authenticated sender: nico@cryptonector.com)
 by homiemail-a85.g.dreamhost.com (Postfix) with ESMTPA id 18E4BBBA076;
 Wed, 16 Sep 2015 15:55:03 -0700 (PDT)
Date: Wed, 16 Sep 2015 17:55:02 -0500
From: Nico Williams <nico@cryptonector.com>
To: Brian Smith <brian@briansmith.org>
Message-ID: <20150916225501.GR13294@localhost>
References: <CAOgPGoBT9C=pWebXShqxhbOsnqK+OZe=-n-SvZ_pH-dAtRaWXQ@mail.gmail.com>
 <CAFewVt7_23v18HpzzDy4ew1h66iNTBOSdP+CVBgc9T-4Z3isfA@mail.gmail.com>
 <20150916210113.GP13294@localhost>
 <CABcZeBPY6JRnLiqd=-aQQ+8kZGHa3TujSr9+hn1CSt1B_X-r=Q@mail.gmail.com>
 <CAFewVt64QphK5=WtAZhN8A7uhjmMZ1wc0nLOKvS8sgTRwY_vkg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAFewVt64QphK5=WtAZhN8A7uhjmMZ1wc0nLOKvS8sgTRwY_vkg@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/AB3xFQ5k5wPCpTFXBEuwbmHLP3g>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Call for consensus to remove anonymous DH
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
 group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
 <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
 <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2015 22:55:07 -0000

On Wed, Sep 16, 2015 at 02:25:52PM -0700, Brian Smith wrote:
> On Wed, Sep 16, 2015 at 2:05 PM, Eric Rescorla <ekr@rtfm.com> wrote:
> 
> > In addition, they are already part of TLS, so the question would be if we
> > have
> > consensus to remove them....
> >
> 
> This thread  is about the removal of DH_anon_*, not about raw public keys.

Yes, but you implied that you might not support keeping raw public keys.

I'm not in favor of removing the anon cipher suites if we also remove
raw public key support.  This is important.  I don't want the cost of
doing anon with TLS to escalate piecemeal.  All cards on the table
please.

Nico
--