IETF Logo Mail Archive

Re: [TLS] New draft: draft-rescorla-tls13-new-flows-01

Eric Rescorla <ekr@rtfm.com> Fri, 21 February 2014 15:17 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2697F1A03CF for <tls@ietfa.amsl.com>; Fri, 21 Feb 2014 07:17:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Khy3zt0_CuMh for <tls@ietfa.amsl.com>; Fri, 21 Feb 2014 07:17:44 -0800 (PST)
Received: from mail-yh0-f42.google.com (mail-yh0-f42.google.com [209.85.213.42]) by ietfa.amsl.com (Postfix) with ESMTP id CFCFB1A01AB for <tls@ietf.org>; Fri, 21 Feb 2014 07:17:43 -0800 (PST)
Received: by mail-yh0-f42.google.com with SMTP id a41so2487977yho.1 for <tls@ietf.org>; Fri, 21 Feb 2014 07:17:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=OWlHDDmxjD16SvwL1OVH+5OehcGMnmYN9gVsJeL/2Ws=; b=A1oyMJ92zheqOQQ6lmz+lFiWqadcgOFuaN+wDiaJUnhXM5wT60OVddPS0Cw0hxkGZC y3nncNtr6o/eVL9gedBafz3JjkxwAjJfYCJYXbt5JNUb4t2ntVDiHN3aU2Vep63G7HYP /VZDAzaVgMIDz9VpxpISs/SAx64P4PXo491AFuq85xo2jzvAzbMg8ajUuNEOHLE/TsjB 5RGbrddc81gDoqmiZO03FluqChtxSMEYfCd16/CsyYy8U0I+2ameWxu+iX/vC/dX0g0O /CczdoU8N8MhPCV+6GLFgPtmLTk52+YBlWqk7UcZyPN0PN1L+gScfUYa7NAbwrt9avoE MdmA==
X-Gm-Message-State: ALoCoQkiiMJNhdIWCT0+sfWcnBWagyFAcY2SMCQ/xAbznFsqCIBm2bNiZtDCiQwcnJsg8ug6BHcg
X-Received: by 10.236.135.172 with SMTP id u32mr11590559yhi.107.1392995859745; Fri, 21 Feb 2014 07:17:39 -0800 (PST)
MIME-Version: 1.0
Received: by 10.170.173.205 with HTTP; Fri, 21 Feb 2014 07:16:58 -0800 (PST)
X-Originating-IP: [74.95.2.173]
In-Reply-To: <1392993987.4494.46.camel@dhcp-2-127.brq.redhat.com>
References: <CABcZeBNUjg_Y3MKtRrAMmYAeYFLM1QyHvr1DCbOfA6MB2tJOYQ@mail.gmail.com> <1392993987.4494.46.camel@dhcp-2-127.brq.redhat.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 21 Feb 2014 07:16:58 -0800
Message-ID: <CABcZeBM8rjAPG79USBPZcbqeTB+3Bw5VPbhhrvQKKivKr_TmfA@mail.gmail.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Content-Type: multipart/alternative; boundary="20cf301af77364fdb404f2ec1f31"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/H9qWXnvaCw-Znuxpp9_2_Vy3_Cs
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] New draft: draft-rescorla-tls13-new-flows-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Feb 2014 15:17:46 -0000

On Fri, Feb 21, 2014 at 6:46 AM, Nikos Mavrogiannopoulos <nmav@redhat.com>wrote:

> On Wed, 2014-02-19 at 12:40 -0800, Eric Rescorla wrote:
> > Folks,
> > I have prepared a new version of the TLS 1.3 flows document which
> > should appear in the repository shortly and in the meantime can be
> > found at:
>
> Hello,
>  I haven't read it yet to comment, but may I suggest something
> procedural? I think it would be better to first agree on the list of
> issues that TLS 1.3 will fix, and the list of features it will bring,
> and the security requirements for this protocol; as the charter is very
> high level for that.
>
> I believe you have already done that as part of your presentation in
> IETF 88, and there was some discussions on the list some time ago, but I
> don't know what was considered or discarded. It would be nice to have a
> draft that sets the desired requirements for TLS 1.3. (I'd volunteer
> maintain one if that is the issue)
>
> Then it will be much more easy to check whether a proposed solution
> satisfies the requirements, and input from other unrelated groups such
> as CFRG would be more easy to get.
>

I'm certainly sympathetic to this, but I don't think it's really practical
to do detailed requirements first. That's always a hard approach in
IETF, but it's especially hard here because there are a lot of tradeoffs
to be made in terms of feature set and once you get beyond the
trivial mandatory elements it's hard to make them without
understanding the implications of opting to include or not include
any given features without understanding the effect they have on
the protocol in some detail. So, instead we've been doing this
as a cyclical design process, with the charter as the very high
level goals and then trying to work downward.

After Vancouver, I had a lot of feedback to the effect that we
needed to work out the mechanisms more so that people could
make an informed decision, so that's what I've tried to do here.
What I'm hoping we can do in London is to use these more worked
out mechanisms to reach informed decisions on a number of the
big requirements questions (static RSA, encrypted SNI, resumption,
etc.) and then we can work on a refined design that matches
those requirements.

-Ekr


regards,
> Nikos
>
> PS. As I believe that security protocol design is part of cryptography,
> I'm still of the opinion that we should more actively seek for external
> expertise (e.g., by a competition or other appropriate methods).
>

v2.23.0 | Report a Bug | By Email