[TLS] TLS 1.3 process and consensus

Watson Ladd <watsonbladd@gmail.com> Thu, 27 March 2014 17:51 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 276F71A071A for <tls@ietfa.amsl.com>; Thu, 27 Mar 2014 10:51:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4GUfMG3_x7Ms for <tls@ietfa.amsl.com>; Thu, 27 Mar 2014 10:51:52 -0700 (PDT)
Received: from mail-yk0-x22c.google.com (mail-yk0-x22c.google.com [IPv6:2607:f8b0:4002:c07::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 8DD9A1A0718 for <tls@ietf.org>; Thu, 27 Mar 2014 10:51:52 -0700 (PDT)
Received: by mail-yk0-f172.google.com with SMTP id 200so2648726ykr.17 for <tls@ietf.org>; Thu, 27 Mar 2014 10:51:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=2VygmRhlmDJG/YqQo9FR4mUyYI0T5cmHptseHJZnaOk=; b=StQVgG2YvXlxf6im5/9elRFtMixAnea0w70pBCa07b0Jk3OIUKfBmlEPBLlX7GzBsq X50lMOqwWdywGvuxz1naeDZ0UG1p/0X0Y5KjSMfWcwMz0Qrqoi2mrHZQGIqJlR3BT6ik eNNnGrQS2IQtU5cnyVDg9pdFMeEipuTFknWQS0dKPceJlRCfLrB63acE3bQoef6a78xC l9OfMydYcfdBkna41U3zSNXUyDk01oKJNP8vuXl/CWm3l2V9kwnVnKUxrDFvK/Ffu/HP YpTBda8vwh2dQTliYH/GfuBKwf8fRZAjNfkGZSU3o5o89ccJCUOddzKMRJfApcC9BalF SVVw==
MIME-Version: 1.0
X-Received: by 10.236.137.8 with SMTP id x8mr4310033yhi.4.1395942710714; Thu, 27 Mar 2014 10:51:50 -0700 (PDT)
Received: by 10.170.80.214 with HTTP; Thu, 27 Mar 2014 10:51:50 -0700 (PDT)
Date: Thu, 27 Mar 2014 13:51:50 -0400
Message-ID: <CACsn0cnrQQEHWOew8DbOfPdYPA_SBU5gpNsxui7_OsAiuphc2g@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/J8MZgQOfLvKaknR-6R8P-J6QVpM
Subject: [TLS] TLS 1.3 process and consensus
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Mar 2014 17:51:54 -0000

Dear all,

I cannot count myself as among the supporters of the consensus calls
that the leadership has recently issued for a very simple reason: TLS
1.3 does not exist, and therefore to consider the consequences of
changes to it is impossible. As good as the ideas are, to judge
features in isolation is to end up with a Baroque monstrosity.

Behind such pedantry is a serious point: TLS 1.3 has quietly become
TLS 1.2 with some features removed, and maybe a few new flows. As
such, the final product will be heavily influenced by design decisions
inherent in the choice of direction the TLS WG leadership has made,
with very little discussion from the membership about these choices.
None of us has the knowledge of the TLS ecosystem to design an
acceptable solution individually.

I think we should try to understand the design space for TLS 1.3 in
greater detail by enlarging the number of proposals under
consideration before we commit to a process of local optimizations.
Even more clarity from the WG chairs on the process would be welcome.

SIncerely,
Watson Ladd