IETF Logo Mail Archive

Re: [TLS] Recommended yes->no for max_fragment_length extension?

Martin Thomson <martin.thomson@gmail.com> Wed, 07 February 2018 20:56 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 019FA12D86C for <tls@ietfa.amsl.com>; Wed, 7 Feb 2018 12:56:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hlOqXZT1nJEc for <tls@ietfa.amsl.com>; Wed, 7 Feb 2018 12:56:38 -0800 (PST)
Received: from mail-ot0-x22c.google.com (mail-ot0-x22c.google.com [IPv6:2607:f8b0:4003:c0f::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFBAE127863 for <tls@ietf.org>; Wed, 7 Feb 2018 12:56:37 -0800 (PST)
Received: by mail-ot0-x22c.google.com with SMTP id f56so2117528otj.13 for <tls@ietf.org>; Wed, 07 Feb 2018 12:56:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=vFNuuYhaMokEhhoScxzcf1Yzn/gI87Pbwlalbe7ssiU=; b=bMGMoTZH/MrkuGKXsSb6iFu0Zff9qZySuWuA/F1IjpmxsLm50OE5Q4cPcqseAIvA7x 5M17dVDIrRSTR/doXgHdPU3h/48FmAA1Wxd7/wLMAVUN4RADm9GUm1dOoyxhiAwOsSci 1o3kWg57YyyBaJIjTyCm1sz1YNVmQrBzRVP/NfnBKSQiN7gkjwhW7ZOcjw866zrKv+pN iIEWt19x88SWNRAA2fw2B4PQUhS3qTdy839c69InDhymNCQ4WAsQ0EfgRejsT6TUs3BB Isn5spYEG1CjEx/gq99w3w6X48OPNHqOZqu46880mwukpB2VGkA+lchTF4pPC7zkpsXA PyuQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=vFNuuYhaMokEhhoScxzcf1Yzn/gI87Pbwlalbe7ssiU=; b=rNK5VyUT/s6jTlPYe8K076ot02JSVIjYHc1iYHzTczsC2dzSEDw6/S2WKKRB6q9yNC GTSlD6vFv9NO2SSojeZ2HWxn0K1shnD/xc/zK6Y643K9lP79TnGiZv77r5RnmTTuK3TR xVHgALwq79Imcsluqs4wsqjSi9vIH4+60iw2M4bET0DbIj1YnY3O1ddjefYoCWCiTu2y uxa6mNYMEvri9UJ5AfWcyeLx2oC2vrFs+OKms6cnVJ4GQm9upgAD8OLxZ/kHxOp9x/wh eMKoLYp5Tpm8kVk/Z1rXfr6I0arZHT5ibfDwNUktoFO1oLP913zYajS5T7YtjgD+nhT7 Ya8w==
X-Gm-Message-State: APf1xPD3p/ZalsUD/X2heKr5Q0NyIJjQN37NyDQkv5XlOPF9KkFvIjOT SeCg3YI/nSAHBduTukizOfkfFSv9KtmbxKU57SQ=
X-Google-Smtp-Source: AH8x224wrO8Fx6LwLrQNIVl4eGMIjbgrxnZVykKSKnekACeNqrjxzc29nQMJRNKqKnOR1tNHjR8tRzfPiurPQPgxcd0=
X-Received: by 10.157.72.221 with SMTP id a29mr5581578otj.308.1518036997187; Wed, 07 Feb 2018 12:56:37 -0800 (PST)
MIME-Version: 1.0
Received: by 10.157.52.196 with HTTP; Wed, 7 Feb 2018 12:56:36 -0800 (PST)
In-Reply-To: <B0AB78E9-8AD9-4555-8AF1-5C509D6491F5@vigilsec.com>
References: <0BD40460-F194-4A2B-8E7C-4FD2D084111B@sn3rd.com> <B0AB78E9-8AD9-4555-8AF1-5C509D6491F5@vigilsec.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 08 Feb 2018 07:56:36 +1100
Message-ID: <CABkgnnXdOQUF2OXfDyBzBnC6_D=fxfSvyifAv8ekSM0qLpsF0Q@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: Sean Turner <sean@sn3rd.com>, IETF TLS <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Ovq_mrpb8crdmuJW9Ly97MfgYfA>
Subject: Re: [TLS] Recommended yes->no for max_fragment_length extension?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2018 20:56:40 -0000

This is about the OLD extension.  I think that NO is appropriate for
something we deprecate.

https://github.com/tlswg/tls-record-limit/pull/14

On Thu, Feb 8, 2018 at 7:37 AM, Russ Housley <housley@vigilsec.com> wrote:
> If the WG is going to publish the standards track RFC, then the extension it defines should say 'Yes' in the recommended column.
>
> Russ
>
>
>> On Feb 7, 2018, at 3:33 PM, Sean Turner <sean@sn3rd.com> wrote:
>>
>> All,
>>
>> Prior to pushing draft-ietf-tls-record-limit [0] to the IESG, the WG needs to confirm that draft-ietf-tls-record-limit should change max_fragment_length [1] from “Yes” in our soon to be created Recommended column (see [2]) to a “No”.  Please indicate by 2359 UTC on 14 Feb whether you are for or against this change; and if you are against please indicate why.
>>
>> spt
>>
>> [0] https://datatracker.ietf.org/doc/draft-ietf-tls-record-limit/
>> [1] https://datatracker.ietf.org/doc/rfc6066/
>> [2] https://datatracker.ietf.org/doc/draft-ietf-tls-iana-registry-updates/
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email