Re: [TLS] TLS@IETF101 Agenda Posted

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 09 March 2018 21:24 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A0A21270FC for <tls@ietfa.amsl.com>; Fri, 9 Mar 2018 13:24:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B7DUGYpmgio1 for <tls@ietfa.amsl.com>; Fri, 9 Mar 2018 13:24:28 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22EB2127873 for <tls@ietf.org>; Fri, 9 Mar 2018 13:24:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id BFDCFBE3E; Fri, 9 Mar 2018 21:24:24 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5rnzdanPguhH; Fri, 9 Mar 2018 21:24:22 +0000 (GMT)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 12AF1BDF9; Fri, 9 Mar 2018 21:24:22 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1520630662; bh=UsRCE9XbDPiJM67rAtVKrL0JGP51131PZ6CgyC0eVsk=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=180fcHVNP4pwoTwUXUg/wYLMtcMF39i0XoyoD7zbxDsGx+1SE/YoS/Z63fXxh8Fhs 1mGvFpvTka0yVFXCk7rGkRvQYogPqRhsSxAEYDDjGS2N44oRlyTgwXvI3fP6nRNsqP sYSVnr9i87GbCQmdaBiaPzIb1lDVQXxXpfmHFJKQ=
To: Joseph Salowey <joe@salowey.net>
Cc: Sean Turner <sean@sn3rd.com>, "<tls@ietf.org>" <tls@ietf.org>
References: <6140B7A6-A1C7-44BC-9C65-9BE0D5E1B580@sn3rd.com> <986797a7-81b0-7874-5f39-afe83c86635b@cs.tcd.ie> <CAOgPGoBYc7O+qmjM-ptkRkE6mRsOYgc5O7Wu9pm3drFp3TVa6Q@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Message-ID: <d7dfdc1a-2c96-fd88-df1b-3167fe0f804b@cs.tcd.ie>
Date: Fri, 09 Mar 2018 21:24:21 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CAOgPGoBYc7O+qmjM-ptkRkE6mRsOYgc5O7Wu9pm3drFp3TVa6Q@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="VVk0TsOTlewUJowWXIBl6KhT5HxvlKYaM"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/FKMQIoP-Ti8ERdfMdUnAs_WEjb4>
Subject: Re: [TLS] TLS@IETF101 Agenda Posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2018 21:24:31 -0000

Hi Joe,

I'm sorry, but I gotta say that answer seems to me both unresponsive
to the questions asked and unconvincing.

On 08/03/18 23:08, Joseph Salowey wrote:
> Hi Stephen,
> 
> In the meeting in Prague there was interest in this problem space, but
> neither the consensus to accept or reject this work.

Without rough consensus to adopt, the work is not adopted.

But your statement above isn't accurate - it wasn't "this work"
(as in this draft) that was discussed in Prague, but rather the
entire idea of weakening TLS in these ways - quoting from the
Prague minutes [1]:

"The main question: Is this subject something that the WG should
consider?"

There is clearly no consensus to adopt *any* work in this space,
whether that be draft-green or this latest iteration from Russ
and Ralph.

I see nothing whatsoever to indicate any significant change in
sets of opinions since Prague.

What makes you think iterating on yet more proposals like this
will ever conclude? If there's no evidence of that we ought not
waste the time and energy. Can you point at any change that
could possibly indicate that this bun-fight is worth doing yet
again?

>  The authors have
> revised their proposal to address some of the concerns raised by working
> group members and are asking to bring the new approach in front of the
> working group.  

What significant change has there been since -00 of Russ and Ralph's
draft? I see nothing major there. that -00 was debated on the list
which is the primary place for  discussion. My read of that set of
threads it that it pretty clearly showed that the same folks have
the same opinions with no significant movement. Can you point at
some evidence to the contrary? If not, we shouldn't bother to waste
more time on this.

If instead you mean Russ and Ralph's draft differs from draft-green,
then see above - it wasn't only draft-green that was rejected in
Prague, but the entire idea of adopting work in this space, which
includes Russ and Ralph's -00 and -01.

That the authors have asked for time counts for nothing, when the
WG have no consensus to work in this space. If just asking for time
does matter, then I'll now publicly repeat my request for time
to refure the assertions that'll be made for breaking TLS. You said
no to my request, so what's different about one that relates to a
draft that has been debated on the list and attracted significant
negative comment?

> I believe in this case this is the right thing to do even
> if it appears there is some repetition of topic.   

It is not "some repetition" - this topic has been debated f2f and
on this draft on the list and there's zero evidence of significant
changes in opinion, in fact the opposite. Can you point at any
such evidence? If not, your position as chairs seems illogical.

> However, if the new
> approach fails to achieve significantly more support I believe the authors
> will need to find another path for their work that does not go through the
> TLS working group.

But the WG has already demonstrated a lack of consensus to even
consider "work in this space" (your choice of words I believe.)
That should be enough. What does or doesn't happen outside the
TLS WG is not at issue here.

To reiterate, in Prague you asked "The main question: Is this subject
something that the WG should consider?" The result was a clear lack of
any consensus to work in this space, which means not working in this
space. Yet here we are again giving agenda time to highly controversial
proposals in this space.

Please: just take this off the agenda and let the WG do it's real work.

Thanks,
S.

[1] https://datatracker.ietf.org/meeting/99/materials/minutes-99-tls

> 
> Cheers,
> 
> Joe
> 
> On Thu, Mar 8, 2018 at 9:21 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>
> wrote:
> 
>>
>> Hi Sean, Joe,
>>
>> On 08/03/18 16:20, Sean Turner wrote:
>>> I’ve posted the draft agendas:
>>>
>>> Monday:
>>>   https://datatracker.ietf.org/meeting/101/materials/agenda-
>> 101-tls-sessb
>>
>> That includes:
>> "
>> TLS Vizability - Russ & Chairs - 30min
>>  - 10min draft - Russ
>>   https://datatracker.ietf.org/doc/draft-rhrd-tls-tls13-visibility/
>>  - 10min discussion - Chairs
>>  - 10min wrap-up - Chairs
>> "
>>
>> Consider this as an objection to that agenda item
>> being given any time. I also have some questions
>> below.
>>
>> This topic was discussed at length in Prague with a
>> very clear lack of consensus to consider any work in
>> that space, despite there being quite a few fans of
>> doing such work in the room that day. I don't see
>> that anything has changed in the meantime.
>>
>> Russ' draft was discussed on the list last year, also
>> with (ISTM) no consensus at all to do any work in
>> that space. (While you didn't make a consensus call,
>> am I wrong?) The -01 version is not significantly
>> different from what was discussed on the list so I
>> see no need for any presentation nor discussion time.
>>
>> Given the above, on what basis are meeting attendees
>> being asked to waste yet more f2f time on this topic?
>>
>> And why is another want-it/hate-it exercise useful?
>>
>> As chairs, are you going to continually allow the same
>> topic to be raised, in the face of a very clear lack
>> of consensus to do anything in this space? If not,
>> then what's the plan for ending this?
>>
>> Thanks,
>> S.
>>
>> PS: I also strongly object to the "visibility" euphemism,
>> and while that's partly a comment on the draft, it would
>> also IMO be a significant error to pose any questions to
>> the WG based on that euphemism.
>>
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>>
>