Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Andrei Popov <Andrei.Popov@microsoft.com> Fri, 07 July 2017 17:19 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CAE4131749 for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 10:19:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lm9RphuuXrN1 for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 10:19:55 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0104.outbound.protection.outlook.com [104.47.37.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88513131747 for <tls@ietf.org>; Fri, 7 Jul 2017 10:19:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=TCZcYY5Jl5k+A6T2s8V46qa5svdyDpJzMar930HjRqo=; b=adGTDp3zrTqH7mGNBXwWgzJJv7T82O0HakzvQzWYDWaUvZo1BRSlxIwPEqcU06dow/WYR4XLFrl2RgcvaWNibYiCBttH8/AZaYJcSZ37SNKpwCKNqCfaAQnmy369Ka3EnUQI85I8Tpwl/Aa24KsD69JYy4RwhORz0Pmt+2RHgV0=
Received: from DM2PR21MB0091.namprd21.prod.outlook.com (10.161.141.14) by DM2PR21MB0011.namprd21.prod.outlook.com (10.161.140.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.3; Fri, 7 Jul 2017 17:19:53 +0000
Received: from DM2PR21MB0091.namprd21.prod.outlook.com ([fe80::5001:5681:2188:eed6]) by DM2PR21MB0091.namprd21.prod.outlook.com ([fe80::5001:5681:2188:eed6%18]) with mapi id 15.01.1240.007; Fri, 7 Jul 2017 17:19:53 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "Salz, Rich" <rsalz@akamai.com>, Russ Housley <housley@vigilsec.com>, Richard Barnes <rlb@ipv.sx>
CC: IETF TLS <tls@ietf.org>, Matthew Green <matthewdgreen@gmail.com>
Thread-Topic: [TLS] draft-green-tls-static-dh-in-tls13-01
Thread-Index: AQHS9u8Rp3NE5QR80U6Cdwl/o72b4qJIVJcAgAA7lACAAAuhAIAAAHFw
Date: Fri, 7 Jul 2017 17:19:53 +0000
Message-ID: <DM2PR21MB0091CF646D313D120FA0A00A8CAA0@DM2PR21MB0091.namprd21.prod.outlook.com>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAL02cgRJeauV9NQ2OrGK1ocQtg-M2tbWm2+5HUc4-Wc8KC3vxQ@mail.gmail.com> <71E07F32-230F-447C-B85B-9B3B4146D386@vigilsec.com> <e25f75b11312481ab0441e2d129803f1@usma1ex-dag1mb1.msg.corp.akamai.com>
In-Reply-To: <e25f75b11312481ab0441e2d129803f1@usma1ex-dag1mb1.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: akamai.com; dkim=none (message not signed) header.d=none;akamai.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:e::4ca]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM2PR21MB0011; 7:Mii4Dy3IaOFozfKP+6khFYq5r8aGvnvY/Wh08t3IqvlsTopSnagN5rWvSUUBgnUfYvCts6hh+MTVwje5EQE1lzDzb/Zu5KG32uqicwsNBYP+N/0ASC4/gOWSm8F2WPEtmWYrWArkPvlCXaNABndHNxw2+vWGkWDd+tuQmLy+PenkUfvqqUwrXIBo18+/eLKSotr5ZzBcvfFzJe2Fp55k/8TDtu2TMSph10i4NHGm7MdZHwIzXgRIa+iuapR1NsZngaNGOAb4nWt4vqeB78ZhuekK9nkLWSRiw6SmmShxR/V8PnlS1bb1tDa0tDPp0fgWQWHuelw59EakUPSidFPwfaIzGB7oeAJjQJDWKy+KUix7qjSX9eZftoKNKjCuP9pkocmcsISBXOs24w9McU+IIpnk99QOOZwkl3A+Ll+Tyvqzd03J2yUAoyHibERVeoZ20q/ABwicNEW38cHqhH78IH+SYDSRRi9P+6vOrvrdmyOY/jI2kYjFokyJcSjND1ZWr+m6y7LsvMviviEQfnqnfZRIy1zrVjO1X9d80cynJ+3WbmqIZei98AQSyw6RaW4Lw64upjYRdA1+8EY2kIAoF1yS8KI7Usjy+UgvoFOMVH92VvE562G188xyO5BOOyE+fXGzXrQ8Coz/+TDKDRgs7A7sYWXGXb1qVugLZ11DqKCOv2pumNvYr2UyijlkjvU6NQX58EZYuC9+q6j/EIVeeaYyQTmvw6pR0Wk3sNi85OlXXLIb68ZC4pJdpKu/MEWwEePp5RMsYN4877fuR7NqJV36NgPtFxYMrDcvra2oH8zJLvW7rhBRgK7Bq6j6Fjbn
x-ms-office365-filtering-correlation-id: 0654266d-b569-4843-5c27-08d4c55c6206
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM2PR21MB0011;
x-ms-traffictypediagnostic: DM2PR21MB0011:
x-microsoft-antispam-prvs: <DM2PR21MB001104A5EE932281C8E221018CAA0@DM2PR21MB0011.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(151999592597050)(26388249023172)(236129657087228)(148574349560750)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(5005006)(2017060910066)(8121501046)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123558100)(20161123560025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR21MB0011; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR21MB0011;
x-forefront-prvs: 0361212EA8
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39400400002)(39450400003)(39410400002)(39860400002)(39850400002)(39840400002)(377454003)(81166006)(53936002)(33656002)(25786009)(478600001)(93886004)(72206003)(5660300001)(6246003)(38730400002)(2950100002)(4326008)(230783001)(14454004)(8676002)(54356999)(50986999)(76176999)(2900100001)(10090500001)(2906002)(39060400002)(3660700001)(19609705001)(189998001)(10290500003)(3280700002)(74316002)(5005710100001)(229853002)(7736002)(54906002)(6306002)(7696004)(9686003)(8936002)(6436002)(99286003)(55016002)(6116002)(6506006)(5250100002)(102836003)(54896002)(790700001)(8990500004)(86612001)(53546010)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR21MB0011; H:DM2PR21MB0091.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM2PR21MB0091CF646D313D120FA0A00A8CAA0DM2PR21MB0091namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jul 2017 17:19:53.6923 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR21MB0011
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Pqu8qUV973ujxM63B06JcGD1hJ0>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 17:19:58 -0000

Would the Informational track be an acceptable compromise? This does not have to be a product of the TLS working group.

Cheers,

Andrei

From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Salz, Rich
Sent: Friday, July 7, 2017 10:17 AM
To: Russ Housley <housley@vigilsec.com>;; Richard Barnes <rlb@ipv.sx>;
Cc: IETF TLS <tls@ietf.org>;; Matthew Green <matthewdgreen@gmail.com>;
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01

I think there is little doubt that the draft is technically sound.

The question is, should the IETF "endorse" this by saying it is a product of the TLS working group?  That will certainly send a mixed message to some.  As we heard around around Seoul, not adopting might send a message to some industries that we are not interested in helping to solve their problems.

It is a fraught issue.