IETF Logo Mail Archive

[TLS] The TLS-LTS Saga

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 02 March 2025 07:45 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 0C3854BD001 for <tls@mail2.ietf.org>; Sat, 1 Mar 2025 23:45:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.auckland.ac.nz
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IjV-XxzG1ZKT for <tls@mail2.ietf.org>; Sat, 1 Mar 2025 23:45:23 -0800 (PST)
Received: from SY2PR01CU004.outbound.protection.outlook.com (mail-australiaeastazon11021095.outbound.protection.outlook.com [40.107.39.95]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 4AA444BCFE0 for <tls@ietf.org>; Sat, 1 Mar 2025 23:45:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=eBOiZr9o5AlrpJ2z26DjeTrx78zXcThTf05ZltaIIcC34X7EhR1DKuS6l+Q3K8evfwB0c8uG8WC/c6L/8kOUswmyoxkP+C2FPPFaj/6JKo/y8k9IaYYpFZakfNLGi2ybJSNN0rh/oBLOOY/qS0E06azf2buyr8BLW8kc1aJjzqH9/aVFl3LBkcDRzLUBMCug1hknJU9renZgO8R3CpWkHjvx0R6ItiydwiqxUpzE4uw9jzHWv5JX47C7OUnzY0630NWiHHtQDiF7T4rvKP/jMgfZ0nKeu7c+4BxAW7IwoKVcv1Rk5xUMGwi/w1pTGX2iN1VGWuXXH1DOT0c45jPhmQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JG2K32N3xklVARMC3unzk4AL/7WbUd/z3rfuihkm5Po=; b=O5ZxqfMIdrOiCnU+iyy7DolHMkjgzYk2mmVQ6nHtyefeUwRtwAPOA788I+7FgnNwKDEHKKuDtZIqSf8uL5/TFFl2+FPetJ5dyl0HKuRDPhlm52DfepU+v0OyK/kUK/Xcs8Ea69HFYZdnQ22aSMccYLZvDTORQpNtRYn2pqI2hsf3APRsXC4BHlEy4qNiqgYa14GCwhkTUtYNfmhKYef727k99qnwxqndePUz/LoMbW6obGP4/ZA74EP+bzvriSAjUi0SQeisA0BFQZOb2sM+KmibDvVzkdO83DQp4rsTDo02G8QWnhye6S52Jykze7p/E4/IEPAOrtgmGU+0EDsmBA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.auckland.ac.nz; dmarc=pass action=none header.from=cs.auckland.ac.nz; dkim=pass header.d=cs.auckland.ac.nz; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.auckland.ac.nz; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JG2K32N3xklVARMC3unzk4AL/7WbUd/z3rfuihkm5Po=; b=WEnZ3rqyHZJcvNtnrURr5Hl4yih10behvxyQ4zFoJOKnI/QXji9wy2d90mKdOxlU7ONPIz+9BEadCbYHdCQI932yiS/xGG5PYYHrJj1IWai9FboKtzjznN499MaEORexuQBAqLGAVQGB5ktcSG7ksnClE0Czx521pZ2iv4pOBevxRHSphYjUgkz2vxryZbdu4lGnx6eN4SBaRpGDAOJoZFyLix6GVPqwQIUDtYQV026YngKBqsOdUNk10BRtISt6x28RqzR2P18xIHtq2foQzJIuN+RdSLI8RA3gKt2kAolo1c2v96PG8n6q/KzA2vO4MyRCzmUmnAKBdkaPdhbpgQ==
Received: from ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM (2603:10c6:220:229::18) by SY7P300MB0389.AUSP300.PROD.OUTLOOK.COM (2603:10c6:10:287::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8489.25; Sun, 2 Mar 2025 07:45:16 +0000
Received: from ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM ([fe80::2b6:430a:4d2a:5c52]) by ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM ([fe80::2b6:430a:4d2a:5c52%7]) with mapi id 15.20.8489.025; Sun, 2 Mar 2025 07:45:16 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "TLS@ietf.org" <tls@ietf.org>
Thread-Topic: The TLS-LTS Saga
Thread-Index: AQHbi0bjl2sWQ6GkkUKL4Qz7TWeNlQ==
Date: Sun, 02 Mar 2025 07:45:16 +0000
Message-ID: <ME0P300MB0713919126AA23070B32E043EECE2@ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM>
Accept-Language: en-NZ, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.auckland.ac.nz;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ME0P300MB0713:EE_|SY7P300MB0389:EE_
x-ms-office365-filtering-correlation-id: 699cfe04-3bee-467d-b72a-08dd595e2c65
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018;
x-microsoft-antispam-message-info: xJWpgTwKNRssG/PQ2kLKhiGpGQeqZhD/jU8NHNrfP8+uVa0ap4qfcsarCJaDLclbc0cWUavcvMVv13a7CW4lDsCLGg2vxqpK4BYrQBhV2Us/dysJx4nrSgfyCvfN6wBJQg5NWsbYLnzX2lpZyPnqHugdpQKz5ybpmyPeZXm7ICfSl1Ni4EwtEBycE1e4zgEhv33m5zy07gNBuVbomC5M1YYmwXt+jBeBrk7UeXq41GQmlKrHatIuX3b2vIKuW7orZ0ve54EdC1isAOyILxqiX9d1958dOytm6Jvngbkt9kau/Y+pA7/Bx+LxPub3xe5HQUMnzYwuViWTOcxOrHPN52R4LX48OqBhbv4av3evMbzdANLCaQGBlHVMhMK14ZTHd+Zid9ih8NVq4Ab9rSBnUMIN3aE8jmC7GvMvots5bTvEyURBGvPtS9zJrtAQhGlQz3Pi5TKKuhOWELj56Ymt/VxhZMs5aenpTGKlx7lMqaABUq0DMnnn6QhLUnE5rnRZ9lqRcALA8NScw7okY5GoGA9v10AOUCbHhtxy8M+j3x87TAraPEBTEudQT0J0JV1azcCOU35Kbg7MCVzHELR0tq7LQxacVvJMPz276X7a4C0plx9OXucZHM/OFki/YSdJf2ZxCf9Q/BYwTcb49Q2d90SHuk/bRIFYHafu4bdrSu2Xhz5nO3k81kvlEolDIkV2w1AMDzRJ/RywiKP3yuH1halLZFZpcHuvrvCkAfRp1CWAvvQEFncxF7/BJ4EUBuUnKmraTj8+7VNrfEj+LnOs0hBk5TqrPecO5RiDe/rHtwAj7h5XZWAT0nodoBmn9pHt2fNlDYTL429SEa1R1IEbRBYDApS1GpaV5ddqseENhY4oar/CKR/cUWkX+QOu3ldaYWG6XH5Oa85rZ0IPE40xWKrNujNrMRG+Mn+rf9HQE9y9JoA89mHOn0sCX7gbAqhRcaT9MfneUjnDuK2KJIjBoShSAmZcwOONiLwxlCUlPgb22OJWjox//FWZM1uQ1KkpAj1xxCVURMks+3Yxibt81DEgdKbBMQOI9BHiCU/6dKjQ7MBUpFtNj3hOVrTDh/lSZwBzzVGKvS81ZxqD9HiTWxIOAHwdQJ16MT72i21qbpaRwN0Hg3V60P17Ri9RjP4XkXruC7Gem94PS2fAUdXrI7+PeRfMlIynxEg2nL22Wbi1QCHxcrCcjR1nfxmV6CBZG8QtdiY+yElamCYWJx9gl2LBb4pm27LP0YJcM7AgK+rn/Dp81K1bIbnxINFFFGN0emozsbdOEbKv5nTBQbJwtUeXs+eBgBZOJ1QhP3t4R9g/b6tYHPfsxjqDoGAht8kGG4CYfvVky5le2q2Fjd1r3fsl+hButSimcno0qbUb4ujn0bgz+3os5gi71r2mlGPFNOWbF+y/2IRv/FMLbrTSDXjDHhPkunKT2eb47NcLgo/CIApW8It9Xc1U40dsvJpf
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: IbWxENnMYWrPpA3qrH/y7JZ9PhKgkpqOpG79Ft9wuQDhiAk8uTQuyY6CGviCjiaVzvJpXSg4vZlcOXw9Oz7AjGVQvp+7WZSmtYNrggpwgNy9OjniaDc6pi/HobwXEGPoAxwxUYZ6ONCO0sIWZLEqpA7OJsOfWMaE0577IVVA0OG7eoISv6n7SPIzaNL0UGIAoNYSTj+AzM54tvh5tnri+BUBXTwxf+1IE7P5Oy3pSiAIsm8zT4EpLJkbjdbPI45Yevwkq6II5Rn4nmpeJFNd6egPD1+FTrgjlytwTvTVH5i8CNEIRpbip10dBu2hryxcj6rP9pXK00kEzGhQZQTLQw1fqaC06UxxF3DbIrDwTDKbR9oo22u/7tiBZHPLSjeixLhF7co+MXGnsqVPVIyRBAmv+9ZBuW/kMorcW/WDhc+AmJQLaYPxNFLTF4q+ndW3T/hlcyQvwAa35F0Yh/pl29E3+ncRnQVryx43lz9AJo5XAqq5sVdbnllp/AfqDhjIbmBzwJ4ECYSeo22K0rKr7czx1h6MkP397m7rYqvM3wKqO23HUdmWtXjqPbumEURsDcraJy66ykOFljrZeesxKs83v6uMxsA/6saBsTWO3O7kZgGjZDssxlQPQUeAwlbZEVLTeiwPZtv3yx9lGifUaHKZ0rpnjqO7b4QR0wtRNBUF7M4hvhjVZP6PKRS486bReiDl5ZMkuUrM34fA+sI1PH/eO+TrSIg1k0cITyhzR9oYnAji5qwFq7YgSkZm7OekSsrAERHc/DdkscBgkTGbxEmIrEugVj8hveg0YqS7VKE8vyGLAMRI6IBVXcJSZzWEKxmMw+sIpDe7nuHluL56sYyLj0Cd01xx/Bc6TBepiPngAUiUACaZm99PaETpfJlpyPOsdUZ5wKo8Lvc/UqoSIaKc4Z6Zi1Z7Xz5aNe3dqH4MXb/POrTkICP1VL9FDzbcF6m35LWh3zB/hAoo3ogCMh/toHOYBRFP+lYz8MrLbC4VOEkU2IgfChUBP/c8OEyH+t3oHrQj4Eep6ixTcA1A/rt5LUsPh8jwPY212k+S9qjweVKoh2GccU4WvyNFv08H7UC3tLaZNXFNHl5W6DErZbd8SfyquafoOeCo71k9Wox7MtleVYAJ3jcIiz0e/vnTjDVKl2Zsa6cOW4Hv9qsOCEtf0+5CRlFsK62mTichgYZndEgm+/pAwBwPvJCVq1u4T179PdQQ0BZUhEKGyQ1G5iehlQIogjJB7BVTJPF42gGxhm5lwy5bUn2u6VpE5Kd0BF930BHpr+dChVL1xHA4ElrltsB8exa/Bi6tLnRcz1Xe6wFhnFZBJ16hnf1LiKO1nO+Ula/Cr6p53BUg42DS8aVKFFMMDjScE+u+uNYmEsbYh+3jfMr0ou953am1bI9LD1stAwiFbKOzO3jd2bFEwJE+Omxi+IReniZ1bQQYnFpCVgvNbUkPuyLwrSGb8fdy54veD+GnC5RA+Gqoiyu4/lH2SMROzvkmejyuHASdSlsNaAKyaAFhe4FNtROxoqORTptQ5Ihe3QtBeUOjd3XHtPI8PsRZ0jsnok62C8JbylwC53HjkplwYSsrzcu88TvP
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 699cfe04-3bee-467d-b72a-08dd595e2c65
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Mar 2025 07:45:16.2989 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ovp0jfsjOjlug+Po1TAPrVQP2halyzStK6demBzaHSJkeuzNHgZbnMiprWolWSddYHSFrqizfU9zEXhbpSR/vif1P/l8OYf1JrP2CpjgYxw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY7P300MB0389
Message-ID-Hash: JZPWZFZYPATATZ35UV6EMNNBOI5P5BTC
X-Message-ID-Hash: JZPWZFZYPATATZ35UV6EMNNBOI5P5BTC
X-MailFrom: pgut001@cs.auckland.ac.nz
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] The TLS-LTS Saga
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/CASTiBUA7It6b0QnGe0-DlEzh_o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

TLS-LTS has now been rejected as an independent-track submission, the
justification being -frozen.  So the process for this draft was as follows:

- I first posted it in 2016, and was asked to delay publication as an RFC
until TLS 1.3 was finished, so as not to interfere with the 1.3 process.

- After waiting some years for TLS 1.3 as requested, I proposed it again, and
it was shut down with the excuse "we've got TLS 1.3 now, we can't have -lts,
put it through the independent track".

- So I put it through the independent track, which involved being asked to
clear a series of seemingly arbitrary hurdles that I don't think any other TLS
RFC has ever had to clear, and which would probably have prevented half the
TLS RFCs from being published had they been applied to them.

- Finally, it's now been rejected on the basis that -frozen doesn't permit it,
even though in the earlier discussion about this it was stated that -frozen
doesn't apply to -lts.

So it seems the entire nine-year process, with its endless stalling and
delays, has been designed to railroad -lts into a position where it can never
be published, and where there was never any chance of it being published from
the outset.

I've followed all the rules and steps as requested (well, as best I could
anyway).  However the rules were then changed at each step to ensure it
wouldn't be published, no matter what steps I followed.

Peter.

v2.31.3 | Report a Bug | By Email | System Status