[TLS] Re: Do we really update RFC 8422 in 8446-bis?
Sean Turner <sean@sn3rd.com> Fri, 30 May 2025 18:33 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E3FDB2EE6252 for <tls@mail2.ietf.org>; Fri, 30 May 2025 11:33:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aI54tx3j9V30 for <tls@mail2.ietf.org>; Fri, 30 May 2025 11:33:21 -0700 (PDT)
Received: from mail-qk1-x733.google.com (mail-qk1-x733.google.com [IPv6:2607:f8b0:4864:20::733]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 454492EE621B for <tls@ietf.org>; Fri, 30 May 2025 11:33:21 -0700 (PDT)
Received: by mail-qk1-x733.google.com with SMTP id af79cd13be357-7d0997d3ac7so259554285a.2 for <tls@ietf.org>; Fri, 30 May 2025 11:33:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1748630001; x=1749234801; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=bip/baBK/TUElFRsqdtVLheTMMusRVRtZf8b7t/T0/U=; b=cYFhCA/DXOKmxwR0l191RsKf+P81vOzTrzweV/bRSx3U6nUMJoIsVomjgDO/e3lUGf fed4HgAM9K20dMaxFcqwLhz0lAOO/HWpfmp20/JSdiYrXpLDkSNmcG8Q1BM/VDPd2mwg we0myvv1FQNLw4uIhSJTzmnfp4IeZE7hlA9gs=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748630001; x=1749234801; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bip/baBK/TUElFRsqdtVLheTMMusRVRtZf8b7t/T0/U=; b=s0seVFrNq31nUETLA7FpyJDOgYvu1O13PM6q0o5UBJRkYmPDVx/mlcMv5PBtz5Axbb t0rXBEZXnrpG3+7iSD8jwaUVzHSJFu8VtLrFrsccl3mi7LXwM8wNgVuvOVTB4s1qWyCO CDeQGNuS7aCMtHKGa/AzKoHqMSQbQm8tcTq9DiAcbE61KHGSss6MZYSIN0tuPNpEpYNs K/IcXfMT8EsKL2rnydgCWvmAM7GFBCaG7UTmSFjnFhTLuu1jCilu+O+lHs0O8BDdfYG1 3yV6maQu5CQloHz3TjQs3tVAy9iYdbriuMcjBXLyylNvzS6NllYDNy/EH1g/7kPpIQpp Rj7A==
X-Gm-Message-State: AOJu0Ywn4M7oWTGcyIhQNQWcGb1S1wIU6zPzptp2L8JJKYMlCn4fGUDv SfDiOHuP19Db6JitgzMP4iNRkAH1PQ6KvgofGMqUNwX29e18daASi43Wus6LD0TAuuvbFJj7Lix EK3+3
X-Gm-Gg: ASbGnctwDzFJFIBjfKGX5k+SLWtkuq2z0EAL+XCK0onnbp5IVXUXH7221PitG+OjFdW 7H6nADv9mUsnKnRhZCueOsZmHqHhm8jpJOGBR4JpL+2MSb1gtMGSvY+Es3me5iPRtpYrNlkD0cG bJkOuCR8GMqq2Mo4n6njGWwpxyVOUpt1ddYLLf/3ugtBxKVej/xiJmP+Vk6/IimEaFaltiiwges v3SIesAwVHf7szgelCsFZjKyHzp65hLWXrE2Pol9S2mcZ9mBfPoDLNychAaWMzvNrD+wMQNGKqU KR801hWqZLF2kUmK9QaNCCA5GBglLc8z/pYVuRKs34G3ecjuKGWsXv1M3LdeKLUaKi14Woum7H5 +QIo2MjM=
X-Google-Smtp-Source: AGHT+IFywDtYQFfThlVTcwpTRb97ju/T1rgHNfuOV9h6Jxg+jiX4vOzGEf/WdeCz6W3OPuAE/Gw1gg==
X-Received: by 2002:a05:620a:1913:b0:7c5:53ab:a745 with SMTP id af79cd13be357-7d0a2038c1amr754099685a.36.1748630000755; Fri, 30 May 2025 11:33:20 -0700 (PDT)
Received: from smtpclient.apple ([2600:4040:252a:8d00:e927:cbb8:2596:7b25]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7d09a1951casm275247485a.68.2025.05.30.11.33.19 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 30 May 2025 11:33:20 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Message-Id: <2E6061AB-FBF4-4E47-AC53-568CC53B57D8@sn3rd.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F408F645-68E1-4DCC-B2B0-9C323B09997E"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.600.51.1.1\))
Date: Fri, 30 May 2025 14:32:59 -0400
In-Reply-To: <CABcZeBMBaDR3n2kV0kNPo5mWjyMD3ze-HYKiPntdV+RU9axK2g@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
References: <CABcZeBM9a90HuTovaPEL3wrx1MUWE0v0-RX12pirBRwRXnw+4g@mail.gmail.com> <IA1PR17MB642172802E4C034F37B3632ECD61A@IA1PR17MB6421.namprd17.prod.outlook.com> <CABcZeBMVn-ELTG1QwN59uhQWzxAqP09fLgmTbj9VLce+AimGxQ@mail.gmail.com> <IA1PR17MB6421F6BA335F22041F12A21BCD61A@IA1PR17MB6421.namprd17.prod.outlook.com> <E3B57271-5471-4465-A355-1C77E827B4C3@sn3rd.com> <CABcZeBMBaDR3n2kV0kNPo5mWjyMD3ze-HYKiPntdV+RU9axK2g@mail.gmail.com>
X-Mailer: Apple Mail (2.3826.600.51.1.1)
Message-ID-Hash: K6KA3KBCPMQXWOG4UWCGNUCOYZIQFHSB
X-Message-ID-Hash: K6KA3KBCPMQXWOG4UWCGNUCOYZIQFHSB
X-MailFrom: sean@sn3rd.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: TLS List <tls@ietf.org>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Do we really update RFC 8422 in 8446-bis?
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/AgOwZ9MI7kN7X_tolERTygtnBYg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Since It’s an obsoletes I can get behind that. No need to drop the Updates header. spt > On May 30, 2025, at 13:27, Eric Rescorla <ekr@rtfm.com> wrote: > > My general view is that we should treat this RFC as replacing 8446 and so whatever should have appeared in 8446 is what should appear here. > > I'm certainly open to the argument that 8446 got these headers wrong, and it's not clear to me that there is a right answer. > > -Ekr > > > On Fri, May 30, 2025 at 9:29 AM Sean Turner <sean@sn3rd.com <mailto:sean@sn3rd.com>> wrote: >> >> >>> On May 30, 2025, at 12:08, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org <mailto:40akamai.com@dmarc.ietf.org>> wrote: >>> >>> I'm certainly not here to defend the distinctions between Updates and Obsoletes, etc. >>> >>> Ah yeah, I remember those discussions … >>> >>> The 8422 change is new to RFC 8446bis, so we need to address that now. >>> >>> Remove the reference. >> >> Since RFC 8446 updated four RFCs, 5705, 6066, 7627, 8422, and this one obsoletes RFC 8446 should we just drop Updates column entirely? NOTE: This was a comment I got from the IESG on -rfc8447bis; granted its and updated and not an obsoletes. >> >> spt >>
- [TLS] Do we really update RFC 8422 in 8446-bis? Eric Rescorla
- [TLS] Re: Do we really update RFC 8422 in 8446-bi… Salz, Rich
- [TLS] Re: Do we really update RFC 8422 in 8446-bi… Eric Rescorla
- [TLS] Re: Do we really update RFC 8422 in 8446-bi… Salz, Rich
- [TLS] Re: Do we really update RFC 8422 in 8446-bi… Sean Turner
- [TLS] Re: Do we really update RFC 8422 in 8446-bi… Eric Rescorla
- [TLS] Re: Do we really update RFC 8422 in 8446-bi… Sean Turner