Re: [TLS] Industry Concerns about TLS 1.3

"Ackermann, Michael" <MAckermann@bcbsm.com> Fri, 23 September 2016 15:31 UTC

Return-Path: <mackermann@bcbsm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61AE512BD0C for <tls@ietfa.amsl.com>; Fri, 23 Sep 2016 08:31:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z37bBN50w180 for <tls@ietfa.amsl.com>; Fri, 23 Sep 2016 08:31:48 -0700 (PDT)
Received: from mx.z120.zixworks.com (bcbsm.zixworks.com [199.30.235.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D8D412BCEE for <tls@ietf.org>; Fri, 23 Sep 2016 08:31:47 -0700 (PDT)
Received: from 127.0.0.1 (ZixVPM [127.0.0.1]) by Outbound.z120.zixworks.com (Proprietary) with SMTP id 367FBC1600 for <tls@ietf.org>; Fri, 23 Sep 2016 10:31:47 -0500 (CDT)
Received: from imsva2.bcbsm.com (unknown [12.107.172.81]) by mx.z120.zixworks.com (Proprietary) with SMTP id A5EE9C1453; Fri, 23 Sep 2016 10:31:46 -0500 (CDT)
Received: from imsva2.bcbsm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 70F80FE054; Fri, 23 Sep 2016 11:31:46 -0400 (EDT)
Received: from imsva2.bcbsm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 65AE1FE048; Fri, 23 Sep 2016 11:31:46 -0400 (EDT)
Received: from pwn401ea100.ent.corp.bcbsm.com (unknown [10.64.80.217]) by imsva2.bcbsm.com (Postfix) with ESMTPS; Fri, 23 Sep 2016 11:31:46 -0400 (EDT)
Received: from PWN401EA102.ent.corp.bcbsm.com (10.64.140.236) by PWN401EA100.ent.corp.bcbsm.com (10.64.80.217) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 23 Sep 2016 11:31:45 -0400
Received: from PWN401EA120.ent.corp.bcbsm.com ([169.254.12.26]) by PWN401EA102.ent.corp.bcbsm.com ([10.64.140.236]) with mapi id 14.03.0301.000; Fri, 23 Sep 2016 11:31:45 -0400
From: "Ackermann, Michael" <MAckermann@bcbsm.com>
To: "noloader@gmail.com" <noloader@gmail.com>
Thread-Topic: [TLS] Industry Concerns about TLS 1.3
Thread-Index: AQHSFXFM47cmA/iFbUeqweJ91YYuHKCHJUIQgABH84D//8NPsA==
Date: Fri, 23 Sep 2016 15:31:45 +0000
Message-ID: <4FC37E442D05A748896589E468752CAA0DBC699B@PWN401EA120.ent.corp.bcbsm.com>
References: <DM5PR11MB1419B782D2BEF0E0A35E420DF4C90@DM5PR11MB1419.namprd11.prod.outlook.com> <CO1PR07MB283F2C414B6478E993675DEC3C90@CO1PR07MB283.namprd07.prod.outlook.com> <394611bf-208f-03d3-620c-79aaf169645b@cs.tcd.ie> <4FC37E442D05A748896589E468752CAA0DBC66AE@PWN401EA120.ent.corp.bcbsm.com> <CAH8yC8kgYzYXwJ01NkK7WYxD-diponWEQOd+MNHssm+bLHE54w@mail.gmail.com>
In-Reply-To: <CAH8yC8kgYzYXwJ01NkK7WYxD-diponWEQOd+MNHssm+bLHE54w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.10.35]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-VPM-HOST: vmvpm02.z120.zixworks.com
X-VPM-GROUP-ID: 417540c5-71df-4966-9f6d-51630334b70e
X-VPM-MSG-ID: d9bb0a43-3cf8-4058-8539-c9e8227797db
X-VPM-ENC-REGIME: Plaintext
X-VPM-IS-HYBRID: 0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/NWwtwYslOWKY77UoWLUv9-1Rl9U>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Industry Concerns about TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Sep 2016 15:31:50 -0000

 I am not sure I understand what your reply means?   

Is it that we should create or even allow an environment to develop,  where all providers of service cannot  provide effective diagnostics and support?   And then see the constituents of these industries collapse together.     And only then realize we have an issue?      
I hope I am  not understanding correctly.     IETF is supposed to be looking ahead to provide better answers and circumvent predictable problems.    Not ignoring,  waiting and then reacting to negative situations that can and should be avoided.  

What I am saying,  in relation to your "Delivering a stable product"  comment is that over time various industries have learned what it takes to "Deliver a stable product".    We did not want to invest millions in these debugging networks.   But  we learned the hard way,  that it was necessary.  
I am not a member of the banking coalition that started this subject,  nor of the banking industry at all,  but I certainly understand their perspective and am concerned about  the same unmanageable future they described.  

Thanks

Mike



-----Original Message-----
From: Jeffrey Walton [mailto:noloader@gmail.com] 
Sent: Friday, September 23, 2016 10:55 AM
To: Ackermann, Michael <MAckermann@bcbsm.com>;
Cc: BITS Security <BITSSecurity@fsroundtable.org>;; tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3

On Fri, Sep 23, 2016 at 10:46 AM, Ackermann, Michael <MAckermann@bcbsm.com>; wrote:
> From the perspective an Enterprise that runs these applications and has invested HEAVILY in the debugging networks.........
>
> The reason we are debugging these networks is so that "The 5-6 order of magnitude of folks using them"  will have good service.   If they do not,  they will consider competitors and/or generate a litany service calls or complaints.        I.E.     When these "Folks"  are slow or not working they are just as unhappy as we are.
>

Isn't that the market operating as expected? Those who deliver a stable product at a competitive price are rewarded, while those who fail to deliver or deliver at an unreasonable cost are not? (Some hand waiving).

If all providers failed to deliver or delivered an inferior product, then it might indicate a major course correction is needed. But I don't think that's the case here.

Jeff


The information contained in this communication is highly confidential and is intended solely for the use of the individual(s) to whom this communication is directed. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information is prohibited. Please notify the sender, by electronic mail or telephone, of any unintended receipt and delete the original message without making any copies.
 
 Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are nonprofit corporations and independent licensees of the Blue Cross and Blue Shield Association.