Re: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18

"Salz, Rich" <rsalz@akamai.com> Tue, 08 November 2016 18:18 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E1B21299C7 for <tls@ietfa.amsl.com>; Tue, 8 Nov 2016 10:18:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sBB-W-TttYaU for <tls@ietfa.amsl.com>; Tue, 8 Nov 2016 10:18:45 -0800 (PST)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [23.79.238.175]) by ietfa.amsl.com (Postfix) with ESMTP id AA9B51294B5 for <tls@ietf.org>; Tue, 8 Nov 2016 10:18:20 -0800 (PST)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id B328B43340D; Tue, 8 Nov 2016 18:18:19 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 753884DC05; Tue, 8 Nov 2016 18:18:19 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1478629099; bh=4c2nFFsdq4aKxQvevpzzC2mt1KTm7ohGAZGlbkt8PL4=; l=723; h=From:To:CC:Date:References:In-Reply-To:From; b=IdypUT2EaYMnjrv3y4o+yaxDQE7TyD2qz9PUk8F132xKW/a20dgSWGBfQ5QYWUtIL T5hRNXo+pmk5ydp1Ta5Ut5c5QSUJ1ah74mxMZbUBjFegR0nT+ZyMQSopXszfZOcA57 FlVDkl5UJ/3FF9mo+AIpVwGtOaFrAgK/b0CdtmyY=
Received: from email.msg.corp.akamai.com (usma1ex-cas2.msg.corp.akamai.com [172.27.123.31]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id 719661FCBE; Tue, 8 Nov 2016 18:18:19 +0000 (GMT)
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 8 Nov 2016 13:18:18 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1178.000; Tue, 8 Nov 2016 13:18:18 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: "mrex@sap.com" <mrex@sap.com>, Yoav Nir <ynir.ietf@gmail.com>
Thread-Topic: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18
Thread-Index: AQHSL/2+7HM9ClSQ40Wwf3PQxwdBMaC+S8KAgAAG0ACAACSwgIABS5EAgAfeKgCAADJLgIAADcgAgAAE9wCAB7aeAP//2qmA
Date: Tue, 8 Nov 2016 18:18:18 +0000
Message-ID: <61800c8dd50f4a1a911f8f2c96b65dda@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <735A85B6-DDCF-48FC-8EF8-F31D44762F74@gmail.com> <20161108152558.370F91A57E@ld9781.wdf.sap.corp>
In-Reply-To: <20161108152558.370F91A57E@ld9781.wdf.sap.corp>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.33.118]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/FduFxQrex8OISnnX-hM2fV2upuo>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 18:18:46 -0000

> the PDUs are still pretty much predictable
> heuristically (by their ordering), even when they're padded.

...
 
> So besides being completely pointless, can you describe any realistic problem
> that is worth breaking middleware at the endpoints so badly?

I found the language difference interesting.  We could conduct an interesting thought experiment by reversing the emphasis on each of the above fragments.  But I won't.

Instead, I'll point out that this is in-charter, in-scope, and WG consensus has generally been to "encrypt all the bits" as much as feasible.

Some applications in some corners of some enterprises, might lose out.

Just like those who depending on static RSA, right?