Re: [TLS] New Version Notification for draft-rhrd-tls-tls13-visibility-01.txt
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 02 March 2018 22:07 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8124124239 for <tls@ietfa.amsl.com>; Fri, 2 Mar 2018 14:07:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dqc0onVHJSX2 for <tls@ietfa.amsl.com>; Fri, 2 Mar 2018 14:07:41 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17BC512025C for <tls@ietf.org>; Fri, 2 Mar 2018 14:07:41 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id DCD1DBE51 for <tls@ietf.org>; Fri, 2 Mar 2018 22:07:39 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KznmPYsUp2hx for <tls@ietf.org>; Fri, 2 Mar 2018 22:07:38 +0000 (GMT)
Received: from [10.200.0.239] (unknown [193.180.218.196]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 031E0BE3E for <tls@ietf.org>; Fri, 2 Mar 2018 22:07:37 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1520028458; bh=fNC9V2DoYHEDCdLd4F8KwwmTpvWaQC66xKoiFZnaTyw=; h=Subject:To:References:From:Date:In-Reply-To:From; b=qZxNJq76IWBM6UCRJDZ1K4HY/BpQV33JF6tYKD/NsGuX3MJNAKKXd0AkibW9bnIrM H1iRKkSclmV7WcG04lBKtHpcF15sdnaSnRPSK9QAGmF42Iaz0YQnEwyRkSPsDCgyZ7 TbdBlXHjmHXh/6Zv58mmzCgW/8hPn3cJUdJQt8SQ=
To: IETF TLS <tls@ietf.org>
References: <152002431583.15747.2766011063357920018.idtracker@ietfa.amsl.com> <AC7EDCAE-A2B8-4389-B2EB-DF706823BFF8@vigilsec.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Message-ID: <c4276624-9a84-5e47-056b-4a73d9da8ee2@cs.tcd.ie>
Date: Fri, 02 Mar 2018 22:07:36 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <AC7EDCAE-A2B8-4389-B2EB-DF706823BFF8@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="pQyPscar3NTEFaqZGa4Bv7xkhxmgDGVqm"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/C1g7Dgkoi5nq9bU4fKgt5bBJ3Hg>
Subject: Re: [TLS] New Version Notification for draft-rhrd-tls-tls13-visibility-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Mar 2018 22:07:44 -0000
With no dis-respect to Russ or Ralph (but with zero acceptance/respect for the main concept espoused by this draft)... I request that the WG chairs not waste yet more time on agenda items dealing with proposals for breaking TLS - a working group that spends so many f2f hours (yes, hours, multiplied by a few hundred travelling people in a room) on ways in which the core purpose of the WG (read the abstract of the tls1.3 draft if you doubt that) could be subverted *by the WG itself* seems really really weird to me. Enough, already. Given the (lack of) potential for any of these (IMO bad) ideas to garner rough consensus, I really think this would be a *terribly* bad waste of f2f time and participant cycles, no matter who proposes we waste time in that manner. If time is regrettably granted for this yet again then I also request time to propose not breaking TLS. (I don't care if the presenter for that rebuttal slot is me or someone else with the same views that the WG charter is clear that the WG exists to make TLS better and not to break it.) If a rebuttal slot is not considered appropriate then I request a slot to help us reach consensus on whether or not there's value in documenting the reasons to not break TLS. (I believe the chairs agreed to try figure out if the WG have consensus that that'd be worthwhile a couple of meetings ago, but we've not done that so far.) To be clear: given a choice of (a) not wasting yet more WG time on this and (b) another bun-fight with an inevitable outcome - I prefer (a) but will engage in (b) as necessary (and enthusiastically, whilst grimacing;-) Thanks, S. PS: That Russ requests a few minutes for an update does not affect the above - I for one do not agree that this draft ought get any WG time and allocating a few minutes for an update would IMO normalise what ought be considered entirely abnormal. The number of "proponent minutes this time" is not a valid agenda-planning consideration IMO. On 02/03/18 21:00, Russ Housley wrote: > A few minutes at the TLS WG session in London have been requested to talk about this draft. > > Russ > > >> From: internet-drafts@ietf.org >> Subject: New Version Notification for draft-rhrd-tls-tls13-visibility-01.txt >> Date: March 2, 2018 at 3:58:35 PM EST >> To: "Ralph Droms" <rdroms.ietf@gmail.com>, "Russ Housley" <housley@vigilsec.com> >> >> >> A new version of I-D, draft-rhrd-tls-tls13-visibility-01.txt >> has been successfully submitted by Ralph Droms and posted to the >> IETF repository. >> >> Name: draft-rhrd-tls-tls13-visibility >> Revision: 01 >> Title: TLS 1.3 Option for Negotiation of Visibility in the Datacenter >> Document date: 2018-03-02 >> Group: Individual Submission >> Pages: 11 >> URL: https://www.ietf.org/internet-drafts/draft-rhrd-tls-tls13-visibility-01.txt >> Status: https://datatracker.ietf.org/doc/draft-rhrd-tls-tls13-visibility/ >> Htmlized: https://tools.ietf.org/html/draft-rhrd-tls-tls13-visibility-01 >> Htmlized: https://datatracker.ietf.org/doc/html/draft-rhrd-tls-tls13-visibility-01 >> Diff: https://www.ietf.org/rfcdiff?url2=draft-rhrd-tls-tls13-visibility-01 >> >> Abstract: >> Current drafts of TLS 1.3 do not include the use of the RSA >> handshake. While (EC) Diffie-Hellman is in nearly all ways an >> improvement over the TLS RSA handshake, the use of (EC)DH has impacts >> certain enterprise network operational requirements. The TLS >> Visibility Extension addresses one of the impacts of (EC)DH through >> an opt-in mechanism that allows a TLS client and server to explicitly >> grant access to the TLS session plaintext. >> >> >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> The IETF Secretariat >> > > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] New Version Notification for draft-rhrd-tls… Russ Housley
- Re: [TLS] New Version Notification for draft-rhrd… Stephen Farrell