IETF Logo Mail Archive

Re: [TLS] [Cfrg] Closing out tls1.3 "Limits on key usage" PRs (#765/#769)

Martin Thomson <martin.thomson@gmail.com> Fri, 10 February 2017 05:45 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01C33129FD2 for <tls@ietfa.amsl.com>; Thu, 9 Feb 2017 21:45:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lt3bV66qbDRd for <tls@ietfa.amsl.com>; Thu, 9 Feb 2017 21:45:00 -0800 (PST)
Received: from mail-qk0-x236.google.com (mail-qk0-x236.google.com [IPv6:2607:f8b0:400d:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB30C129FD3 for <tls@ietf.org>; Thu, 9 Feb 2017 21:44:59 -0800 (PST)
Received: by mail-qk0-x236.google.com with SMTP id 11so28603712qkl.3 for <tls@ietf.org>; Thu, 09 Feb 2017 21:44:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pEtd0fEv8U6PQOY3b8h8LYIS+jtgiM/ZK3qdRssSQA8=; b=DW9veGmHWC8l6IejdO54hCUeH9G38cZW7v1+zMQm7avCsPea5+6KGcH9ghraHy+Kky eFVKQL0hc4MwOyJ95D77ofu6N773JDLpzdM4ZHM1mDZk4MT2on48nwTpM2hd/qv/Gbyc ksRvFhVeP6/h5CXZsLETM/Im5W8SRMpPEXKFGpdqUV5LRDkIlj+64tFOHKXfdBRxMAdl zsfs9FgCYcR6uEQ2HXqhrZQR6ptGf5HmBOXewG1IESNLMVJl6IrQIqwiXSAI29TVQF6m FuUVVaixpqhpfkwQ888tPnZIo9RR/vbHCv+TP52q/GoPj6uwEi0MQkVtwck1dE5XEfJD pwkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pEtd0fEv8U6PQOY3b8h8LYIS+jtgiM/ZK3qdRssSQA8=; b=qF57eKHzOxOAE/IHzBXv96wDhA6kr7J83wuAQRlMtRSkDPcT4vKm7omrEMstZ3MmJu KB67RL0Ca8JEPeiSmtWHWFigsHls4NExhdKjgN9Vk0Q5QoH9+KuMEYRR8f3xmjW2kl4K jgy4/+XdzGoJ0KlIa+nezsBInzI4PirAr3+ziaUNVkTad/XZj7hNtBaZ8lj0kmRl1cSU DTLSDb4Y61JfVwAuT/QZ/yAEPmWuAy4mw1ZW9vLsUNL7XlpPFhZEEHw87wpIKNmOZyo7 KuGV/0F+bcqVGKu2Yi+/viRpMvjTiUXU+S83LY8t/8OWuErvjROsXCq9559rk04HFjk2 gM/g==
X-Gm-Message-State: AMke39kOzIHmd+hV+Su+3s4R2RogIOhiU04CcmsXNtKOtVP+yYrshEpk1pCf6d6N3zAcOv23sZPLaIPUCjGjCQ==
X-Received: by 10.55.151.7 with SMTP id z7mr7060987qkd.316.1486705498946; Thu, 09 Feb 2017 21:44:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.112 with HTTP; Thu, 9 Feb 2017 21:44:58 -0800 (PST)
In-Reply-To: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com>
References: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 10 Feb 2017 16:44:58 +1100
Message-ID: <CABkgnnVrFGHe0eKREXbG_pv=y18ouopZsE2c5+Czz0HAGko6rg@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Dd_w9UjfI7tkTMB9_ipRyzRyFTc>
Cc: IRTF CFRG <cfrg@irtf.org>, "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] [Cfrg] Closing out tls1.3 "Limits on key usage" PRs (#765/#769)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2017 05:45:01 -0000

On 10 February 2017 at 16:07, Sean Turner <sean@sn3rd.com> wrote:
> a) Close these two PRs and go with the existing text [0]
> b) Adopt PR#765 [1]
> c) Adopt PR#769 [2]


a) I'm happy enough with the current text (I've implemented that any
it's relatively easy).

I could live with c, but I'm opposed to b. It just doesn't make sense.
It's not obviously wrong any more, but the way it is written it is
very confusing and easily open to misinterpretation.

v2.23.0 | Report a Bug | By Email