Re: [TLS] Publication of draft-rhrd-tls-tls13-visibility-00

Ted Lemon <mellon@fugue.com> Thu, 19 October 2017 17:15 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4369D132CE7 for <tls@ietfa.amsl.com>; Thu, 19 Oct 2017 10:15:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V7GWH9BkqWIl for <tls@ietfa.amsl.com>; Thu, 19 Oct 2017 10:15:05 -0700 (PDT)
Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85A3B1321A7 for <tls@ietf.org>; Thu, 19 Oct 2017 10:15:05 -0700 (PDT)
Received: by mail-qk0-x22c.google.com with SMTP id l194so11224239qke.13 for <tls@ietf.org>; Thu, 19 Oct 2017 10:15:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=rRhliPpaskRabGbO21CfobDrb//g/fpwY6IHH8UrLDE=; b=SEoqtZbeXc5X5kqJFsYjDf9RT9X2yKRAjy2JfnpjyJurVq0VDofmw+91vAFz9l2AxK g4NI2kf2tBt+/P1nHglYGIvtdF41q6hv1oI79DXKark9MG8KCgLM5/3q3kvcYGkoChmB 0NXGQgm9SDeha8zYH6XBEQOwvGFL352QSG9zPfuNGRV5wva0FkU1l2rFN226UDiyq1Vx /xJeeNTfmbYxvEfwH7ieFpAMpK4vDnGtmd3DJsoYdV3zc9IHCY2IrZSnD17MwOf1uXJS WUcVmnCaKHuj5KCZiJgFM8Ki/wxJKs7QXbL4813inemooIOEHSVNGE46k6V3cA0cRaDS SMFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=rRhliPpaskRabGbO21CfobDrb//g/fpwY6IHH8UrLDE=; b=VldZMpqFrfDaRTn8ejgqumIZPdzQQ77s2SRfK3T+U9wDaHaX5HLaXjZVWI6W8VqJIx EEbOMYEVvbcjlXDH+/lSdggOzhMKSOYNQVqsGVcJd5r8owzKB5doo825ygiMMspS4hJ1 fHqZWLYRH7963oZX21EIzqigIYBctoHQTU7T5Gi7rqgAEsS+alTwT3Pl4uK4YAB9kOEE Zsaa2MsVKZEM3C5FEt5N7KdsbrEgt74P6pYrgBTTax7kEur0tVR9xtcah+fIIBGQ+wp7 iS462cvdmXpfapcUde65XrZuNe43x9dpqoYKSWycEEhMNhWSfIdx6khOToejUVVTN2Ti rhoQ==
X-Gm-Message-State: AMCzsaWSVYucuY4+2Vs0PixwiOvDaIs2fRfF0P+7v1rheh7najZ9shyK wIQ7wfBDp8O4YpYTcXE9lr+EabNRfg4=
X-Google-Smtp-Source: ABhQp+S5aygJ4kOK+XxVMm/z9YjhX7Nvbt/X54cRzNrNTjzRnZar/K0Wj8IWbDKRuCFnm58dReRaSw==
X-Received: by 10.55.204.77 with SMTP id r74mr3053546qki.25.1508433304651; Thu, 19 Oct 2017 10:15:04 -0700 (PDT)
Received: from cavall.lan (c-24-60-163-103.hsd1.ma.comcast.net. [24.60.163.103]) by smtp.gmail.com with ESMTPSA id z207sm2547446qka.52.2017.10.19.10.15.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 19 Oct 2017 10:15:03 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <85C0030A-CD39-470E-9B19-7DD909C65D13@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6E617ABE-F8BC-43C4-84F5-8E860EEB8629"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 19 Oct 2017 13:15:02 -0400
In-Reply-To: <D01E6FD7-C141-4039-BDE0-67D66034D6F0@ll.mit.edu>
Cc: Paul Turner <PAUL.TURNER@venafi.com>, "tls@ietf.org" <tls@ietf.org>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
References: <7E6C8F1F-D341-456B-9A48-79FA7FEC0BC1@gmail.com> <a599d6ad-54db-e525-17d6-6ea882880021@akamai.com> <71e75d23f4544735a9731c4ec3dc7048@venafi.com> <3D2E3E26-B2B9-4B04-9704-0BBEE2E2A8F7@akamai.com> <000501d348e5$1f273450$5d759cf0$@equio.com> <70837127-37AB-4132-9535-4A0EB072BA41@akamai.com> <e8417cc424fe4bf3b240416dfffd807a@venafi.com> <B11A4F30-2F87-4310-A2F0-397582E78E1D@akamai.com> <fd12a8a8c29e4c7f9e9192e1a1d972d6@venafi.com> <D2CAAA44-339E-4B41-BCE0-865C76B50E2F@akamai.com> <d76828f02fc34287a961eba21901247b@venafi.com> <56687FEC-508F-4457-83CC-7C379387240D@akamai.com> <c1c0d010293c449481f8751c3b85d6ae@venafi.com> <4167392E-07FB-46D5-9FBC-4773881BFD2C@akamai.com> <3d5a0c1aab3e4ceb85ff631f8365618f@venafi.com> <D01E6FD7-C141-4039-BDE0-67D66034D6F0@ll.mit.edu>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/J7doy4O0r-vMDzNUilICPwSzqWs>
Subject: Re: [TLS] Publication of draft-rhrd-tls-tls13-visibility-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Oct 2017 17:15:07 -0000

On Oct 19, 2017, at 1:12 PM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu>; wrote:
> If those middleboxes already have sufficient alternative options, why do we spend time discussing this draft? Why do we need to add yet another alternative for them?

Indeed, if this proposal were equivalent to CA forcing, then the solution to the problem this proposal purports to solve would be CA forcing. The reason this proposal is preferred is that it's easier and less apparently invasive than CA forcing.  Making less good crypto have an obviously less good UI is a good thing.