IETF Logo Mail Archive

[TLS] Re: [IANA #1419884] expert review for draft-ietf-tls-dtls-rrc (tls-extensiontype-values)

Thomas Fossati <thomas.fossati@linaro.org> Thu, 29 May 2025 17:21 UTC

Return-Path: <thomas.fossati@linaro.org>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 4A0842E6569D for <tls@mail2.ietf.org>; Thu, 29 May 2025 10:21:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=linaro.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSx1q2ViYLmP for <tls@mail2.ietf.org>; Thu, 29 May 2025 10:21:21 -0700 (PDT)
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 6B4672E65698 for <tls@ietf.org>; Thu, 29 May 2025 10:21:21 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-43edecbfb94so12699145e9.1 for <tls@ietf.org>; Thu, 29 May 2025 10:21:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1748539280; x=1749144080; darn=ietf.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=Xr6dlhzoMSTtrk89cYRfGSCGrD8w3dtVFowx0uGwZaE=; b=og6/ET9E2ef5TrTWtf8UVS2IrMm7Y8nzyExAa2tJqrf2H5FNsEDD6AbMP25yUVTA2w G3Hjh4Nl+l1jJz1htOQhpNm8tuv/DsXRdOPm4Lm5fF/Tly5UsXbTFbcpkNcTnGkSKf3Y zm+CwdSEz3bMGJImpk8S6N5THsA0DMfRFaP7Nzk8JPuTvPk1p/lU+hJiz9Eoyu4hNrH6 wVN6HJ/JgUkgMlmSqxj2FI6Nd2nRQgEUOXXBTQkHd8vCfD+bH4cBhhs88A1cjRc31PCL bV8USQil/eA/o92wLXK2sGHNIaChFYEH0i5p8WYhwcVZFsutnF6mQWQfwBzK5bPC5gte SOUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748539280; x=1749144080; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Xr6dlhzoMSTtrk89cYRfGSCGrD8w3dtVFowx0uGwZaE=; b=LFjlDyYDREoluz88Dn7Uf0N1DIEwzyis3WgnDlf2IKn1Gxsw9pHrjwq1Ut4qza1Ry1 8LQmiZbNTLn7vE2AcYlkI+iW3e+megHfbgvuUdHH4NYXx6vV3H5/d+rlGmPhmJmBFx6V /Q/mmVsCZvxfmSSTXM5wy+hraocx6h+Pvp2sC5ss+7te/rS93EYzgFkbYw8XsOjRO826 P9VZ2YBLUnR7Tgg4vmO7FqZ6pZO2omwlKwmNcGVAipzNat01w8qP2v4ij/bx2KQc6kte 5Np2gnO+vji2Veyb2WynY6+bdipr8B5ajanrIZJSSi0OPte+TKrg1E9vLe0viaAwxJEH T/aA==
X-Forwarded-Encrypted: i=1; AJvYcCWAOyegg40qgzVXDXKkNBZ1cz66+CmPOJGl2qiFuv4XiNTAkJtk7GlRi36V2jUYuHaH7Rw=@ietf.org
X-Gm-Message-State: AOJu0YzZVMx960rjSbZFHhtctYd27Pui8890r4Q3raVCSEtWxfZfISma r+hrJhs5aIbCDRvHAqbyYyZk4OD8/sbIDkBAgmg1cx4twoRzwvcf3hH/sA0hIqk06+1vtQzYUlf wWvNwkqI=
X-Gm-Gg: ASbGnct+wh9D8DK3h/uRA8AadmEVCNJXvhlTMC68K4UonRg6htaRnSYo1lftePVv9do cIUy5N9uPwwWCM4w0zvMp/NMVtkW8nmKr9P0N9vHuMFGiOV8v0M1Z5fgfJXf43CIHH0KkCMFzOC pWlJ+MzQy54F45mQhXHekZhHN1aA65Dd/6GJvJqq5FZ3p+F0Z+79969JypVkDX8fFKIpaFqkkjW g/p/M36+TQJzdmTH53Sog7TDhe+FyWq0T6bnlLhei6FinsuODZceu4OhTC58Qq4Mu0k6YUJsXWd 7pIcfK1qY9/yGDDVTPlefk1pVJjujcYKgooycJJn+Y5anOZtD37MXjB1TH5SO/3UK6NbCFYUmH/ VCcrpIlK6obOn66M=
X-Google-Smtp-Source: AGHT+IGn+e6xwjvlimEPhUfH8GJuXfvrUU+EPcxpDcxCvhpeVIcEn3Dmv2xLDHg8b9h4RV5fkqAlJQ==
X-Received: by 2002:a05:6000:18ab:b0:3a3:63d3:369d with SMTP id ffacd0b85a97d-3a4f79954cfmr128482f8f.0.1748539280372; Thu, 29 May 2025 10:21:20 -0700 (PDT)
Received: from tho-mbp.home ([2a02:1210:6ac5:f500:f83d:fc01:c6c:7e99]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3a4efe74111sm2636865f8f.56.2025.05.29.10.21.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 May 2025 10:21:19 -0700 (PDT)
Date: Thu, 29 May 2025 19:21:18 +0200
From: Thomas Fossati <thomas.fossati@linaro.org>
To: "Salz, Rich" <rsalz@akamai.com>
Message-ID: <564nxnftz2hdoci3oc2c7yc7232ctwz2cer4j3zjgf5bwrfjaz@jevomkh2u4a2>
References: <RT-Ticket-1419884@icann.org> <rt-5.0.3-771993-1748389585-210.1419884-9-0@icann.org> <rt-5.0.3-776217-1748394957-1627.1419884-9-0@icann.org> <IA1PR17MB642175ACD5AEA66CB57271DBCD67A@IA1PR17MB6421.namprd17.prod.outlook.com> <m6b3v4ogzomyvplgn7fj6aa33ecj7qwhbr3ixqfexdjhaoumkk@pt5ktqrjmqx3> <v52rp7vxxkjaymwb6mzgh274mvplsm5ouasfjuqeycblmaihs7@si3lsihcjkxy> <gavxagncdjhcxcl56u4kvyjbjcqzdapy2nabyq2b5xbk3cee7v@tnramx3zqpkk> <IA1PR17MB6421A0CB65C558C527761025CD66A@IA1PR17MB6421.namprd17.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <IA1PR17MB6421A0CB65C558C527761025CD66A@IA1PR17MB6421.namprd17.prod.outlook.com>
Message-ID-Hash: DIFK4EJSAJU42ISA6S6MSQ6ASDK2BK2H
X-Message-ID-Hash: DIFK4EJSAJU42ISA6S6MSQ6ASDK2BK2H
X-MailFrom: thomas.fossati@linaro.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "drafts-expert-review-comment@iana.org" <drafts-expert-review-comment@iana.org>, "tls@ietf.org" <tls@ietf.org>, "nicholas.sullivan+ietf@gmail.com" <nicholas.sullivan+ietf@gmail.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [IANA #1419884] expert review for draft-ietf-tls-dtls-rrc (tls-extensiontype-values)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/FJrmvpVz45ETjq1v32G4PLf0w8c>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hi Rich,

On Thu, May 29, 2025 at 03:15:42PM +0100, Salz, Rich wrote:
> The downside of Standards Action is that it makes experimentation much
> more difficult. (Yes, you could address that by setting aside a range
> for experimentation.) But is the concern really all that great? In
> order for it to materially affect the operation of the Internet,
> multiple parties would have to implement and enable it.

The codepoint space is relatively large.  We could easily carve out a
block for experiments.

> What is the real concern about someone defining a whole new
> sub-protocol for DTLS?  My view is “so what” If it works, and it’s
> better (by some metric(s)), great. If it fails, it’s only a subset of
> users of one implementation that will feel the affects, until it’s
> disabled.

I have no concerns with that; I simply want to ensure that we have a
process that minimises the risk of inadvertent introduction of a feature
that interacts poorly with the rest of the protocol machinery.  Otping
for Standards action appears to be more effective in terms of
a) distributing load and responsilibity,
b) ensuring the appropriate amount of scrutiny.

> Note that expert review requires an available specification, and all
> other TLS registries are expert review. Is this one really all that
> special?

This is not the typical "algorithms" registry.  Expert review, in this
case, needs cross-area expertise (WIT & security), which
significantly narrows the candidate pool.  (We could address this with
DEs from different paths of life collaborating in tandem.)

> Perhaps it’s worth having an explicit consensus call around
> this issue,

Makes sense to me.

cheers!

> as opposed to a change made in response to a WGLC review.

v2.37.1 | Report a Bug | By Email | System Status