IETF Logo Mail Archive

Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-channel-bindings-for-tls13-09.txt> (Channel Bindings for TLS 1.3) to Proposed Standard

Rob Sayre <sayrer@gmail.com> Sat, 02 October 2021 03:11 UTC

Return-Path: <sayrer@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 391423A058F for <tls@ietfa.amsl.com>; Fri, 1 Oct 2021 20:11:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Oe4_OxqHXGId for <tls@ietfa.amsl.com>; Fri, 1 Oct 2021 20:11:13 -0700 (PDT)
Received: from mail-il1-x134.google.com (mail-il1-x134.google.com [IPv6:2607:f8b0:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D54D3A059F for <tls@ietf.org>; Fri, 1 Oct 2021 20:11:13 -0700 (PDT)
Received: by mail-il1-x134.google.com with SMTP id j15so12518790ila.6 for <tls@ietf.org>; Fri, 01 Oct 2021 20:11:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hx2DeWaykofkeAtdM6Gs37zP8Z/MiAtqaibnqtZVaig=; b=VV95wHj2/PLXKDAs2UIcYrk/FKtXFpCM1KNMxdmnT+sUvm+jKVRnJqT8ffD/57lMZn Mvys2fyJNqGjc2X9VoDETQyj/EaqMroh5isZ7Z+HyEv3ZPUhGNCV0pq9HlQzc2ZzS+dK DEA5mMn904lXA/Ajk6e23Hj4ONulCwbPYgZ1EQVVaOmXBXF6TfaTcXDwzBtrlHfvChsy C6YkGJfXSOHPLNJuX7KFhy11q4ULh2wbhqmNGyUKVIkhQkkn9I2HaehIOH4hNhzexT1s ctoaGa/uCbtwVqARSRPbLWTIWSXgzo2oRNurtYUomCC/jS0VMAYbmdirtnKE/1M/KLhm yR9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hx2DeWaykofkeAtdM6Gs37zP8Z/MiAtqaibnqtZVaig=; b=sIlKkPpa/3GM8UL5v66THERpRZ4nFnkAKC3+J5FAAiYoRl2BVeWdnSqtNoWHwkxwUt I45lfTlNQrwYt0dM8g5Q9dfqEFp1PZZ6kHQJBFEfpHyiL3BgbPWtKgA0hnthRi0Q9Wkz Nw8htE4XZ7Ip6DDavd1gniTB5J9V99aNrEE3HIL1ApuokkKsHJhARPNpQQtBETPOZkxW CTi/pZ3xTatKhNpBcoMGMXXcH4GioLNmoFfru1arU+VFAaW/Pik/ReHLuEfxIm1JXeeo xD9kA/ljgdez0qY++GP9Pny58kikrxwMzQXIQ0BXxinR8/EBurXZTCRsaA+B9uMQ86c9 TshA==
X-Gm-Message-State: AOAM530oZc30W0agw7gu49gRgXlOd+U3WNzqL7UCSA98Ug3MdrVeg7i3 8AKX56/OPzXVO4xGm/PbMjGFvompmwRDO6Bjzu6GVvVh
X-Google-Smtp-Source: ABdhPJyi2V/tqOFPR4pnLmJkqcIXpdFJeP+xpVPB+5M0Aq7rkvH4+25psL5PXrColx2eEWx+idm35dmby8324tE/+8A=
X-Received: by 2002:a05:6e02:8a3:: with SMTP id a3mr1004933ilt.88.1633144272192; Fri, 01 Oct 2021 20:11:12 -0700 (PDT)
MIME-Version: 1.0
References: <163311243544.13917.11736165165419008870@ietfa.amsl.com> <20211001190002.GC98042@kduck.mit.edu> <CABcZeBPQG82xJdwMrmj4-=9aJymo1xts=D6VZedBW5X9k+34cQ@mail.gmail.com> <92ed26c1-bfde-43c1-93f4-2bbdbd4f6ec1@www.fastmail.com>
In-Reply-To: <92ed26c1-bfde-43c1-93f4-2bbdbd4f6ec1@www.fastmail.com>
From: Rob Sayre <sayrer@gmail.com>
Date: Fri, 01 Oct 2021 20:11:01 -0700
Message-ID: <CAChr6Sw6Rs42DfS8KgD3qasPcWM_gGZhWN5C4b7W7JsPy0wDzw@mail.gmail.com>
To: Sam Whited <sam@samwhited.com>
Cc: tls@ietf.org
Content-Type: multipart/alternative; boundary="000000000000360ae705cd5608a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/IpZYAHiq6kc60PNvcBADJRFCk78>
Subject: Re: [TLS] Fwd: Last Call: <draft-ietf-kitten-tls-channel-bindings-for-tls13-09.txt> (Channel Bindings for TLS 1.3) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Oct 2021 03:11:19 -0000

On Fri, Oct 1, 2021 at 8:04 PM Sam Whited <sam@samwhited.com> wrote:

> I have to respectfully disagree with this.
>
> Anecdotally, RFCs are hard to discover.



What do you mean, exactly, here?

Are you saying that this draft “update” 8446 in order for readers to
understand it and 8446 itself?

thanks,
Rob


Having them linked from a
> logical place in other RFCs is one way that discovery happens, and if
> you're looking for how to do channel bindings with TLS the first place
> you're going to look is the TLS RFC (and its list of updates).
>
> Secondly, this is an update, not a retconn. It in no way implies that
> TLS 1.3 always said this, or that the TLS 1.3 authors were involved in
> the channel bindings spec. TLS 1.3 does an analysis of its own keying
> material exporters and we rely on this and present a standard name for
> one scenario where it may be used, this does not involve new technology
> or even a novel use of EKM.
>
> —Sam
>
>
> On Fri, Oct 1, 2021, at 18:49, Eric Rescorla wrote:
> > I don't believe that this document should update 8446. As noted in S
> > 1, we didn't define these bindings because we didn't have complete
> > analysis. This document doesn't seem to either contain or reference
> > such analysis and until we have that, I think RFC 8446 shouldn't be
> > retconned into endorsing this construction.
> >
> > -Ekr
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email