Re: [TLS] TLS Charter Revision

Patrick McManus <pmcmanus@mozilla.com> Thu, 12 December 2013 15:59 UTC

Return-Path: <patrick.ducksong@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD92F1AE325 for <tls@ietfa.amsl.com>; Thu, 12 Dec 2013 07:59:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.256
X-Spam-Level:
X-Spam-Status: No, score=-0.256 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O7eeIpo593WD for <tls@ietfa.amsl.com>; Thu, 12 Dec 2013 07:59:48 -0800 (PST)
Received: from mail-qc0-x22d.google.com (mail-qc0-x22d.google.com [IPv6:2607:f8b0:400d:c01::22d]) by ietfa.amsl.com (Postfix) with ESMTP id CEDAA1ADF64 for <tls@ietf.org>; Thu, 12 Dec 2013 07:59:47 -0800 (PST)
Received: by mail-qc0-f173.google.com with SMTP id m20so460258qcx.32 for <tls@ietf.org>; Thu, 12 Dec 2013 07:59:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:cc:content-type; bh=KzjLZsHFa8AvASbXFAraEtleezM7hsez8eOgjcrOJbU=; b=iH5lGc7WFRqkCUw30J56CR1CZ2hDEVR2ytqgbLhJnIoTNPMhHS4SGhP14OuIOPqcv+ hXEi9fwAxvWGE98uqB26yZG8VOLMdy/kX2yYL3eN6ZzQCWcLPB8nUg6cxAp++WQU+1DY jUzUQHOH7mrSR6hljNhFEVlnbYeMW0pg4TRtGxnq3RHQb7vvAUcXX80q31RBl4AaS48j +Y6/28eKDSs7zkOQSlI0dn5EAMptesO1kYD8BT+D8nH9Eh2+4v99cQOPmiq1fFSqEvPK HzCXpxSzI8WRj21xUlGoqXWT0mnTwxtg3WiwilUliEj0UIytXMA4nAcjX/jxPpRcwHEG prYg==
MIME-Version: 1.0
X-Received: by 10.229.179.69 with SMTP id bp5mr7193665qcb.17.1386863981626; Thu, 12 Dec 2013 07:59:41 -0800 (PST)
Sender: patrick.ducksong@gmail.com
Received: by 10.140.86.168 with HTTP; Thu, 12 Dec 2013 07:59:41 -0800 (PST)
In-Reply-To: <3A9A4169-6B5E-453E-930A-F00291B541F4@apple.com>
References: <2F2286E3-7717-4E8F-B1EA-B2E4155F7C17@cisco.com> <CACsn0ckzA9hd3+zTH5FNNBbPAQqUqaXD8_Z35a8vKEG6WjXbTg@mail.gmail.com> <53edda7bf2804289817f54a8c2ecce33@BY2PR03MB074.namprd03.prod.outlook.com> <2A0EFB9C05D0164E98F19BB0AF3708C711E42D63D8@USMBX1.msg.corp.akamai.com> <3A9A4169-6B5E-453E-930A-F00291B541F4@apple.com>
Date: Thu, 12 Dec 2013 10:59:41 -0500
X-Google-Sender-Auth: r-rvEPOIoIvpcIBdritiq04ug1Q
Message-ID: <CAOdDvNqQ_QaX4QjweRWuAQ=P83fXhew_diEWOp0Rq0amwW3OAQ@mail.gmail.com>
From: Patrick McManus <pmcmanus@mozilla.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary=001a11c2bf4efa24fa04ed586e7f
Subject: Re: [TLS] TLS Charter Revision
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Dec 2013 15:59:51 -0000

Time to first byte is extremely important to web content - so any kind of
latency-scaled overhead is viewed as a serious cost. TLS induced latency is
one factor that currently weighs against deploying content over https:// --
That is a dynamic most on this list would like to change I am sure.

Reducing setup overhead of all types is vitally important to that
constituency. That's not just assertion - we see that reflected (sometimes
indirectly) in ongoing efforts such as false start, snap start, stapling,
session tickets, iw 10, tcp fast open, http/2, tail loss probe, and quic.

A robust discussion can be had about cost-benefits of various approaches to
RTT elimination, but the demand side of the ledger should be clear.


On Thu, Dec 12, 2013 at 10:33 AM, Michael Sweet <msweet@apple.com> wrote:

> FWIW, one of the big features of HTTP/2.0 is the ability to run multiple
> simultaneous requests over a single connection which mitigates most of the
> effects of extra RTT. What's left is the initial connection setup time -
> important for benchmarks, perhaps, but definitely down in the noise for
> most web pages...
>
>
> On Dec 12, 2013, at 10:22 AM, Salz, Rich <rsalz@akamai.com> wrote:
>
> > I agree with Marsh that PFS should be included.
> >
> > I am concerned about the 'political' emphasis on reducing round trips.
> One of the arguments heard I hear against 'https everywhere' is that the
> extra round-trips' cause too much latency and impact customer's web
> experience. If we can work to reduce RTT without sacrificing security, then
> that's great and I would like to see "while maintaining security features"
> or some such added.
> >
> > I would like to add a bullet that says backward compatibility with
> previous  versions is not a requirement. Given all that downgrade fallback
> issues that continually arise here, we should strongly consider if the
> right thing to do is just break the chain.
> >
> >       /r$
> >
> > --
> > Principal Security Engineer
> > Akamai Technology
> > Cambridge, MA
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
>
> _______________________________________________________________
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>