IETF Logo Mail Archive

Re: [TLS] Call for Adoption: TLS 1.3 Extension for Certificate-based Authentication with an External Pre-Shared Key

Eric Rescorla <ekr@rtfm.com> Fri, 08 February 2019 16:58 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97B38126C15 for <tls@ietfa.amsl.com>; Fri, 8 Feb 2019 08:58:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M6PQ6M77f-xI for <tls@ietfa.amsl.com>; Fri, 8 Feb 2019 08:58:55 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D547A1200ED for <tls@ietf.org>; Fri, 8 Feb 2019 08:58:54 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id f24-v6so3628534ljk.0 for <tls@ietf.org>; Fri, 08 Feb 2019 08:58:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=m+xcqyU/CUURWgkrZXdVXA1XvtzNS6kRFZfAOzgHmZA=; b=SNnGTRppQTJ38dyAKHr1lTWwCpwxDNxMT6lYR15vi+7gjAKt7nGIM/UwxYO7s3rBAB ZNEX7D9ppJeafVv4H8nUzvOt0JmVikWcMlzOvy0AoRYt9uZ7FLlxKFdFFbPsXUpHNHDK ERGgagmGmsZoMt12Bj5CItix+xQ7HMfYUsGOAaDhfKKY7TfKh42yo6D8tR4g2ju40noI rMJsH5rs02HQPrNZoLFGJSeNNrtM6cMKiRJGzlAl4RmhslFBdG3vWMIoOvx0GQAjNJKQ 2sQLjGFFhofPIp9gkWTILFTwJjiZ8VB0unWkoQD4eUOQcqqLGF9Xitn+rnF9Jw608RBZ L+qg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=m+xcqyU/CUURWgkrZXdVXA1XvtzNS6kRFZfAOzgHmZA=; b=o8u8OIOgpyfYRt6ZEjfKavri4hTjxoeTmvPAO6ZeQZYp9JxyNdHW+7xKBxtdHz8Lce 13xf/Cdag0LA0n82lL4a25JAmCrRhT9O5p1XR09fhNUqoaUvFkdAhMxBr9EqBffx9+h/ v5QUmP13cPQYXHu+JmiCrlKlPBu2aKpoQ+7VvfCegdaU2lbvsPm3UD0KxCr59BzmzHCu 3bBBrjUU57hcD/M3l824FMOhw67twa6OmgO6DhDaQWg5j6tsADnRCLZmwRf80PD9f8Ji 0MvYoB3J/xK5WPBG1gwug1GfjHI2rVNLsfbktvgo35dC8mm4o3HjiwqC/JHtwPvUiyaH ODlw==
X-Gm-Message-State: AHQUAuYe5UFHyVSivcvWc94lsDReNUXFVdAf8DlbNkp5lQwTrdgwBOBC klcqJk3kfsww4xz40IYtt1lexaDFuBUapMvZzBRqlA==
X-Google-Smtp-Source: AHgI3IaQbIw+63hWG8MsRhiepc8BOo19ieX+ltoqq2iZvcX/T6OXqJW/ub8JggU+7Mg2VmOnyTcNnfqqojav/X61OzM=
X-Received: by 2002:a2e:9001:: with SMTP id h1-v6mr9924440ljg.28.1549645132796; Fri, 08 Feb 2019 08:58:52 -0800 (PST)
MIME-Version: 1.0
References: <CAO8oSXnk2+hPR64B0KVei-6H-+34or6ubD2DF9SyGCXzxinKYQ@mail.gmail.com>
In-Reply-To: <CAO8oSXnk2+hPR64B0KVei-6H-+34or6ubD2DF9SyGCXzxinKYQ@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 08 Feb 2019 08:58:12 -0800
Message-ID: <CABcZeBMgaWNFSoKfbT1M5jke5t=n1J1WAvhksGZCyiTZdJw_Xw@mail.gmail.com>
To: Christopher Wood <christopherwood07@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ab3663058164df91"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/L4QsFV2KZOMiOBCDNfInOUmhRaE>
Subject: Re: [TLS] Call for Adoption: TLS 1.3 Extension for Certificate-based Authentication with an External Pre-Shared Key
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Feb 2019 16:58:58 -0000

I'd like to hear from some people who plan to implement and deploy this.
Absent that, I'm not sure we should adopt it. Code points are free, so it
doesn't need to be a TLS WG item unless the TLS WG and community are going
to do substantial work on it.

-Ekr


On Fri, Jan 25, 2019 at 10:12 AM Christopher Wood <
christopherwood07@gmail.com> wrote:

> At the TLS@IETF103 session, there was interest in adopting
> draft-housley-tls-tls13-cert-with-extern-psk as an experimental WG
> item, provided that it's limited to external PSKs with certificates
> for the initial handshake. This email is to determine whether there is
> WG consensus to adopt this draft (as is) as a WG item.
>
> If you would like for this draft to become a WG document and you are
> willing to review it as it moves through the process, then please let
> the list know by 2359UTC 20180208. If you are opposed to this being a
> WG document, please say so (and say why).
>
> Thanks,
> Chris, Joe and Sean
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email