Re: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18

"Salz, Rich" <rsalz@akamai.com> Thu, 03 November 2016 17:19 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D6D8129546 for <tls@ietfa.amsl.com>; Thu, 3 Nov 2016 10:19:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.218
X-Spam-Level:
X-Spam-Status: No, score=-4.218 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b7FOLpMEy1FX for <tls@ietfa.amsl.com>; Thu, 3 Nov 2016 10:19:58 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (prod-mail-xrelay05.akamai.com [23.79.238.179]) by ietfa.amsl.com (Postfix) with ESMTP id BFFF3129467 for <tls@ietf.org>; Thu, 3 Nov 2016 10:19:57 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id E63AF4237A6; Thu, 3 Nov 2016 17:19:56 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id CEBC44237CE; Thu, 3 Nov 2016 17:19:56 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1478193596; bh=zqNCihO0fdtgl40TpaeUEr4OO0YMk88TM6fH2+Z55Ac=; l=735; h=From:To:CC:Date:References:In-Reply-To:From; b=Wczq/MeOm6f0dPXiYvYNPe87Db061i1EqeAya1ACIupSmkQ8berXh+gy2Qohs9+H1 I914kKgiXhBEi54LYGDiL3pPiPccpPpyg2jO/HZtcMhCBkOsmnnz0h3/Y/TaxlKh2+ lbeIb/EgGIx4cBcOineHUwDXHucvshw4sD7FAAYg=
Received: from email.msg.corp.akamai.com (ecp.msg.corp.akamai.com [172.27.123.34]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id C73381FC86; Thu, 3 Nov 2016 17:19:56 +0000 (GMT)
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb6.msg.corp.akamai.com (172.27.123.65) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Thu, 3 Nov 2016 10:19:56 -0700
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1178.000; Thu, 3 Nov 2016 13:19:56 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "mrex@sap.com" <mrex@sap.com>, Ilari Liusvaara <ilariliusvaara@welho.com>
Thread-Topic: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18
Thread-Index: AQHSL/2+7HM9ClSQ40Wwf3PQxwdBMaC+S8KAgAAG0ACAACSwgIABS5EAgAfeKgD//+tGMA==
Date: Thu, 3 Nov 2016 17:19:55 +0000
Message-ID: <cf2c2058eb2e4b81a3e53aa92b53c37b@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <20161029142228.GA27171@LK-Perkele-V2.elisa-laajakaista.fi> <20161103143126.7B0F71A576@ld9781.wdf.sap.corp>
In-Reply-To: <20161103143126.7B0F71A576@ld9781.wdf.sap.corp>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.37.0]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/I8EvmtO73EAAsg8GY7bmDOU0Qxo>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2016 17:19:59 -0000

> Since then, I've seen exactly ZERO rationale why the cleartext contenttype,
> which has existed through SSLv3->TLSv1.2 would be a problem.  

Because it's kind of implied in the charter, about making as much private as possible.

> years), because it is actively being used to signal state of the communication
> channel to the application and to *NOT* break application architecture that
> relies on (new) application data remaining visible on network sockets as
> "network readable" events.

One app's data is another adversary's oracle.  Or is it that "signals have no morals"?

	/r$

--  
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richsalz@jabber.at Twitter: RichSalz