Re: [TLS] Rethink TLS 1.3

Nico Williams <nico@cryptonector.com> Mon, 24 November 2014 11:15 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 341C91A1EFD for <tls@ietfa.amsl.com>; Mon, 24 Nov 2014 03:15:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.744
X-Spam-Level:
X-Spam-Status: No, score=-0.744 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M7CUNpSoPgCb for <tls@ietfa.amsl.com>; Mon, 24 Nov 2014 03:15:55 -0800 (PST)
Received: from homiemail-a106.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id A65AB1A1EF7 for <tls@ietf.org>; Mon, 24 Nov 2014 03:15:55 -0800 (PST)
Received: from homiemail-a106.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a106.g.dreamhost.com (Postfix) with ESMTP id 4FBE12005D00A for <tls@ietf.org>; Mon, 24 Nov 2014 03:15:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=+olBzahwmj9DQuOvAwy1 9cC58pE=; b=n1oWH4FN9zBpaid+FDHlS3ANyFMVfjKy+kBRyt9Or7BscxaRpjTb enj180JesB3d2eKQ8gHa/nX7zPZ1s951Zt2XIecIubR6Xo3tDZsA+6rTLGzh+Mjk qgz5tfNomWdN+fcaAm4WTFFngNVClJlu/O2uHbhWuqfQDhzJQUJtX/c=
Received: from mail-wg0-f52.google.com (mail-wg0-f52.google.com [74.125.82.52]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a106.g.dreamhost.com (Postfix) with ESMTPSA id 117AA2005D008 for <tls@ietf.org>; Mon, 24 Nov 2014 03:15:55 -0800 (PST)
Received: by mail-wg0-f52.google.com with SMTP id a1so11867157wgh.39 for <tls@ietf.org>; Mon, 24 Nov 2014 03:15:53 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.180.98.233 with SMTP id el9mr20306319wib.3.1416827753757; Mon, 24 Nov 2014 03:15:53 -0800 (PST)
Received: by 10.216.32.136 with HTTP; Mon, 24 Nov 2014 03:15:53 -0800 (PST)
In-Reply-To: <20141124105948.GH3200@localhost>
References: <CACsn0ckmYrx+S--pP6P7VgjsmqQsoYnp+m-9hTPT-OJ9waUtkA@mail.gmail.com> <5470742A.8020002@streamsec.se> <CACsn0cnKqkHxw0Hudw0OGM1mVxZKJhj04ig2G3KtURtWhYTacw@mail.gmail.com> <20141124101744.GC3200@localhost> <547308E2.6060809@streamsec.se> <20141124104226.GE3200@localhost> <54730E1D.8060104@streamsec.se> <20141124105948.GH3200@localhost>
Date: Mon, 24 Nov 2014 05:15:53 -0600
Message-ID: <CAK3OfOjnygH56MW2OiGR9VxTJiXZy3LUQpL3O5yBZHCH7K4WKQ@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: =?UTF-8?Q?Henrick_Hellstr=C3=B6m?= <henrick@streamsec.se>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/OAml5gmEezJ_yflQcBPx7ZHuolw
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Rethink TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Nov 2014 11:15:56 -0000

Or, to put it differently, we need to state an Internet threat model
succintly.  The thing that has been missing from it is massive
capabilities on the part of some attackers.

If we have to publish a new standard Internet threat model, then we
should do so.

Nico
--