Re: [TLS] [OPSEC] Call For Adoption: draft-wang-opsec-tls-proxy-bp

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Sat, 25 July 2020 03:04 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C6C73A1163; Fri, 24 Jul 2020 20:04:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=cCEyO9ia; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=hOyGCSsZ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kug9baIsRJb8; Fri, 24 Jul 2020 20:04:44 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 554CE3A1154; Fri, 24 Jul 2020 20:04:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1938; q=dns/txt; s=iport; t=1595646254; x=1596855854; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=Mb6/2/frl5SyK1YrhW+IMO6Te+IUmGF2ntZEOl4C8oY=; b=cCEyO9iaV4VYL/J1xDB9t4Mbcfg3MpX2PUa6Mxi86JVvVjAuGRMdPLQf 5dzKAT8XxHtLqQNTODa4hyHDPIPuDI+ksyd8vI3wSo+tsXnAhtOheOyn4 a+H/0jNNf/Sal2v0N7BpNtOUUJwTX8oEOeiWIDfkgOOjgu1AiZ4s1LdOV g=;
IronPort-PHdr: =?us-ascii?q?9a23=3AbMe6hxIcAD0ZnwmcqdmcpTVXNCE6p7X5OBIU4Z?= =?us-ascii?q?M7irVIN76u5InmIFeGvKk/g1rAXIGd4PVB2KLasKHlDGoH55vJ8HUPa4dFWB?= =?us-ascii?q?JNj8IK1xchD8iIBQyeTrbqYiU2Ed4EWApj+He2YkdQEcf6IVbVpy764TsbAB?= =?us-ascii?q?6qMw1zK6z8EZLTiMLi0ee09tXTbgxEiSD7b6l1KUC9rB7asY8dho4xJw=3D?= =?us-ascii?q?=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BYAQCAoBtf/40NJK1gHAEBAQEBAQc?= =?us-ascii?q?BARIBAQQEAQFAgTkEAQELAYFRUQdvWC8sCoQqg0YDjVWKA45dgUKBEQNVCwE?= =?us-ascii?q?BAQwBARgLCgIEAQGETAIXggsCJDcGDgIDAQELAQEFAQEBAgEGBG2FXAyFcgE?= =?us-ascii?q?BBAEBEAsGEQwBASwLAQ8CAQgOCgICJgICAh8GCxQBEAEBBAENBRQOgwQBgks?= =?us-ascii?q?DLgEOo0oCgTmIYXaBMoMBAQEFgkqCZg0Lgg4DBoEOKgGCbINYgjOEBBqCAIE?= =?us-ascii?q?4HIJNPoIaQgEBAoEoARIBgzczgi2SX6I7TgqCXpR4hHUDHoJ7iUaTH5IUjQ2?= =?us-ascii?q?SBwIEAgQFAg4BAQWBaSRncHAVOyoBgj5QFwINjh6DcYUUhUJ0AjUCBgEHAQE?= =?us-ascii?q?DCXyOSgGBEAEB?=
X-IronPort-AV: E=Sophos;i="5.75,392,1589241600"; d="scan'208";a="712447675"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 25 Jul 2020 03:04:12 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by alln-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 06P34CK6018301 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sat, 25 Jul 2020 03:04:12 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 24 Jul 2020 22:04:12 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 24 Jul 2020 23:04:11 -0400
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 24 Jul 2020 22:04:11 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ikdlQbOktIjQTrsCSxSbpyzvgUK6y7SCPF/OXd2SJVSzI5d59X/TSypVip15ip2en/QcqFg3G2NWzIlgC4Sj3SVCw51slij7GCkOQfGUGM8tLJyvNg43kPcUOHJin/pEeKdtVZ+k4riQQKXoIspYUZMC+EnznmjxR8hLozurZoGKVPmbPzBybesjT6XHBG5t3+IvdQtTqq5v5lCFPa2/WFjg95LNjq5m0/67I99Mkyl+MwE9V5558p0abOecAh3un91TdmwVgG/B8vHGgBn/e4wZxICMx2+jKL2ZDfu3o4WX3B2VMqWaqgTBCGK5CJ54Vc363fhKVjI84nzX/1poCQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Mb6/2/frl5SyK1YrhW+IMO6Te+IUmGF2ntZEOl4C8oY=; b=X+LYY6TYJi31f0Y9itzHhpzvbj3zu5BDlV6H/c9w1HsAgZvdHwL8kWuIzedb1iSANo0tT5lqQFa1YX5cTk1zVqkou+pEYhEGFfIM2ghvrFz+oVEGk3HiGz6wx8gIvp1TFY8n3vD3khzUBfPnJbVyDLSa2XGYYyHY70uO7ke0Dioh7rWbHjt3voSLElwJDoeON+aojoujROgKxsYVq6gcamnHp5+jrIlSYReaHIo/UHxm2uayRzovcFBPrXlSqr4g6hBkWmwsY2mSt+YmzK3QboMf2O4VFgFtbEzjNTC+4IIA1JDm20MA2BflBHl6200hmDPxLUeHbqt3hQ7nx4Db2w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Mb6/2/frl5SyK1YrhW+IMO6Te+IUmGF2ntZEOl4C8oY=; b=hOyGCSsZDS/R29KloXDlcoEb2qXp1YxustpIEDtan7fBVIIRXj1qqHlKPwLt2xEvT4zMG1HdcMgAImpdP2JuaI98drK/alTDJnhzLuBHC26+xqYggeDOcL9XCSUsk0hfuIeJh+QWgUBe67miFYOFgve0CdDe5MitzGyOvH+pTps=
Received: from BY5PR11MB4070.namprd11.prod.outlook.com (2603:10b6:a03:181::16) by BYAPR11MB3334.namprd11.prod.outlook.com (2603:10b6:a03:1c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.24; Sat, 25 Jul 2020 03:04:08 +0000
Received: from BY5PR11MB4070.namprd11.prod.outlook.com ([fe80::e42f:216e:af3e:8ce5]) by BY5PR11MB4070.namprd11.prod.outlook.com ([fe80::e42f:216e:af3e:8ce5%7]) with mapi id 15.20.3216.027; Sat, 25 Jul 2020 03:04:08 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Jen Linkova <furry13@gmail.com>, OPSEC <opsec@ietf.org>, "tls@ietf.org" <tls@ietf.org>
CC: OpSec Chairs <opsec-chairs@ietf.org>
Thread-Topic: [OPSEC] Call For Adoption: draft-wang-opsec-tls-proxy-bp
Thread-Index: AdZd8qs4MVhjKcpfSaSC3eC5PK0rEQCniF8AAFkyZIA=
Date: Sat, 25 Jul 2020 03:04:08 +0000
Message-ID: <D69DD26B-DF90-41E5-89DC-45E9BF6866AB@cisco.com>
References: <DM6PR05MB634890A51C4AF3CB1A03DA0BAE7A0@DM6PR05MB6348.namprd05.prod.outlook.com> <CAFU7BAS=ymUPTAGB_fOSrHTG0OajV1n5M1-yOBWxvGam-a89AA@mail.gmail.com>
In-Reply-To: <CAFU7BAS=ymUPTAGB_fOSrHTG0OajV1n5M1-yOBWxvGam-a89AA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.18.200713
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [73.162.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ffcd21a3-4e4d-45cf-7daf-08d830476621
x-ms-traffictypediagnostic: BYAPR11MB3334:
x-microsoft-antispam-prvs: <BYAPR11MB33341B8B0F2AC6CD35206126D6740@BYAPR11MB3334.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: CO0MmfTca+6YM5tDx3TbGgsaYa57JI7aDUk9XEX/VuPXXPGSAjotx+LSKle3K8XIQEeLxXXHZLUW3WI8WOr8swf2RmE13IXNHRoiqD1yK2Bx8k0Y1W6BYDZIAxhEvBZjVDhSTY6Gk+iDqGA7fSEEXVoGYONBob6AO905MYNbRwipuZ6kKfP87ymYWy7A4RLke6+9jTBy7prFuohybqpxADx7Te+hqV70QdN5C5I/MX/VMtgP7jTKb8idiES3TuKCVvZnONaLrVk6lK/QIJqY88RXX/my301dd9nZka77oq5Q8mcHnPxwULTFOI75f4ejqQqNEdNC7PfwpxQiy8ZMpSuOtOKfgYBQWUQWnsqyaOAIMqP+rW5/JI2R6KP/CRpzXdMs+VxODsr1r9L8fBI5yw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4070.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(376002)(39860400002)(366004)(346002)(396003)(66556008)(86362001)(64756008)(966005)(6486002)(66946007)(66446008)(26005)(33656002)(66476007)(2616005)(76116006)(5660300002)(110136005)(186003)(36756003)(4326008)(2906002)(6512007)(478600001)(6506007)(53546011)(71200400001)(8676002)(8936002)(316002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 7PGwYg0zbhShK6a3By5mpD0P03aSA5lXt4qaOdHSjwiFZR6JQLjK2ucZrH3gGQPQw2BOOtX71C1ecfQqlyDsolkpx6A6xWsji6CMaMWPm4iibzmk2EKmjJN+pESrr9/qFfY9KikntRdW9Kahnb0Q3hEtRkaE62bJ+wjXj7EY2iEymVD68HiYmVTQ6NWz9S4gZLAIdneb8hZ59hFVwEf/UTzEilq26M3g1kDxNgrFIaXAqE0o8rWupmFCo/RpIITOhpymp/SmJzog2RQDnqB37V5y5uHcWKe/Aqemw2SaDgPLVdElSdIW5o3ImGdE7a0P4q/Ow2sa08qnHHkHiAQcD+UyCuUc3/2SUVaN/9FXiYQdFufuAmwKjDywkMtvpmYflnanfodM+q0h7l2FficM4c+IFbOsXTsVGGIm9zQxIUeSFaHl467ri7cjsyOHQ6hLXbA5fpMPc5GHOpK+j4Qx6zo7UqtBRvztjvvCTILWOcRNKLn5PNvXz9izO9gJ5ati
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <858B900874C59742894005932B5CD963@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4070.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ffcd21a3-4e4d-45cf-7daf-08d830476621
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jul 2020 03:04:08.3819 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6Zu3dV4EvBVdtJYoJOu7F5v4XsEz/EdUnerAOPf3XRBuLWRf1xW6a6sohTCrl6Y2GTNZWaQ6RN9jhJ0UkFF0ww==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3334
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: alln-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/LJ8Ic1X4PliJDFiWMpdQ3L-itiE>
Subject: Re: [TLS] [OPSEC] Call For Adoption: draft-wang-opsec-tls-proxy-bp
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jul 2020 03:04:46 -0000

This draft provides guidelines for TLS proxy implementations; given current activities using TLS with proxying I believe this document is useful for the community and implementors.  I support its adoption.

Warm regards, Nancy

On 7/22/20, 6:31 PM, "OPSEC on behalf of Jen Linkova" <opsec-bounces@ietf.org on behalf of furry13@gmail.com> wrote:

    One thing to add here: the chairs would like to hear active and
    explicit support of the adoption. So please speak up if you believe
    the draft is useful and the WG shall work on getting it published.
    
    On Mon, Jul 20, 2020 at 3:35 AM Ron Bonica
    <rbonica=40juniper.net@dmarc.ietf.org> wrote:
    >
    > Folks,
    >
    >
    >
    > This email begins a Call For Adoption on draft-wang-opsec-tls-proxy-bp.
    >
    >
    >
    > Please send comments to opsec@ietf.org by August 3, 2020.
    >
    >
    >
    >                                                                 Ron
    >
    >
    >
    >
    > Juniper Business Use Only
    >
    > _______________________________________________
    > OPSEC mailing list
    > OPSEC@ietf.org
    > https://www.ietf.org/mailman/listinfo/opsec
    
    
    
    --
    SY, Jen Linkova aka Furry
    
    _______________________________________________
    OPSEC mailing list
    OPSEC@ietf.org
    https://www.ietf.org/mailman/listinfo/opsec