Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard
Simon Josefsson <simon@josefsson.org> Wed, 22 July 2009 19:32 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5AF683A681D; Wed, 22 Jul 2009 12:32:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jp0b+EoyambG; Wed, 22 Jul 2009 12:32:38 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id 30C9B3A68C5; Wed, 22 Jul 2009 12:32:37 -0700 (PDT)
Received: from mocca.josefsson.org (c80-216-31-183.bredband.comhem.se [80.216.31.183]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5) with ESMTP id n6MJVi06024434 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 22 Jul 2009 21:31:45 +0200
From: Simon Josefsson <simon@josefsson.org>
To: ietf@ietf.org, tls@ietf.org
References: <20090720164816.328D928C1C8@core3.amsl.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090722:tls@ietf.org::9jU5XNU3M+XWxaAv:98V
X-Hashcash: 1:22:090722:ietf-announce@ietf.org::eKS59J+bF8RI9P/T:iEd
X-Hashcash: 1:22:090722:ietf@ietf.org::5PAh5zhrryUaq9qQ:DVmY
Date: Wed, 22 Jul 2009 21:31:44 +0200
In-Reply-To: <20090720164816.328D928C1C8@core3.amsl.com> (The IESG's message of "Mon, 20 Jul 2009 09:48:16 -0700 (PDT)")
Message-ID: <87y6qg8qfz.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.96 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: clamav-milter 0.95.2 at yxa-v
X-Virus-Status: Clean
Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2009 19:32:39 -0000
With the caveat that I have recently returned from vacation, and consequently may have missed some clarifications or paged out some context: If the #1154 IPR disclosure is the final word from Certicom on this document, I don't support advancing this document on the standards track. My concern remains that Certicom claims they have IPR that covers the document -- that is what the #1154 disclosure says (section IV). The additional information provided in the PDF is not helping: it grants a license for use together with ECC. It doesn't say anything about the use without ECC. The way I see it, TLS implementers and the broader Internet does not gain something significant by having this document published. Other IETF documents can use the TLS PRF to derive keying material. On the contrary, it seems both TLS implementers and the broader Internet community would be hurt by publishing the document since having patent threats looming over widely used techniques has stability and interoperability impacts. I recall that Certicom was positive about clarifying their intentions so maybe we can continue that discussion and get something more useful than the recent disclosure. Speaking as TLS implementer of the document and document [1] author that reference this document, /Simon [1] http://tools.ietf.org/html/draft-josefsson-krb5starttls-bootstrap-02 The IESG <iesg-secretary@ietf.org> writes: > The IESG has received a request from the Transport Layer Security WG > (tls) to consider the following document: > > - 'Keying Material Exporters for Transport Layer Security (TLS) ' > <draft-ietf-tls-extractor-06.txt> as a Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@ietf.org mailing lists by 2009-08-10. Exceptionally, > comments may be sent to iesg@ietf.org instead. In either case, please > retain the beginning of the Subject line to allow automated sorting. > > The file can be obtained via > http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.txt > > > IESG discussion can be tracked via > https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=16821&rfc_flag=0
- [TLS] Last Call: draft-ietf-tls-extractor (Keying… The IESG
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dan Harkins
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Douglas Stebila
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nikos Mavrogiannopoulos
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Martin Rex
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Paul Hoffman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Martin Rex
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nicolas Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nikos Mavrogiannopoulos
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Eric Rescorla
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Florian Weimer
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Eric Rescorla
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Joseph Salowey (jsalowey)
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Joseph Salowey (jsalowey)
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nicolas Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Matthew Campagna
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Matthew Campagna
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Nicolas Williams
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Todd Glassey
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Todd Glassey
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Martin Rex
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Noel Chiappa
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Wes Beebee (wbeebee)
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… David Morris
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Lawrence Rosen
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Paul Hoffman
- Re: [TLS] Last Call: draft-ietf-tls-extractor(Key… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Stephen Kent
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Pasi.Eronen
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- [TLS] Archiving IETF IPR documents was Re: Last C… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Peter Saint-Andre
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Marsh Ray
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Marsh Ray
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Marsh Ray
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman