IETF Logo Mail Archive

Re: [TLS] New draft: draft-rescorla-tls13-new-flows-01

Nikos Mavrogiannopoulos <nmav@redhat.com> Fri, 21 February 2014 14:46 UTC

Return-Path: <nmav@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03A701A0316 for <tls@ietfa.amsl.com>; Fri, 21 Feb 2014 06:46:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.45
X-Spam-Level:
X-Spam-Status: No, score=-7.45 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.548, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KLrzOYakgyPr for <tls@ietfa.amsl.com>; Fri, 21 Feb 2014 06:46:35 -0800 (PST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by ietfa.amsl.com (Postfix) with ESMTP id 25C111A03E8 for <tls@ietf.org>; Fri, 21 Feb 2014 06:46:35 -0800 (PST)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s1LEkUlt029471 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 21 Feb 2014 09:46:30 -0500
Received: from [10.34.2.127] (dhcp-2-127.brq.redhat.com [10.34.2.127]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s1LEkSRW016041 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Fri, 21 Feb 2014 09:46:29 -0500
Message-ID: <1392993987.4494.46.camel@dhcp-2-127.brq.redhat.com>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 21 Feb 2014 15:46:27 +0100
In-Reply-To: <CABcZeBNUjg_Y3MKtRrAMmYAeYFLM1QyHvr1DCbOfA6MB2tJOYQ@mail.gmail.com>
References: <CABcZeBNUjg_Y3MKtRrAMmYAeYFLM1QyHvr1DCbOfA6MB2tJOYQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/PzRMBqY8IbCqXNEB0o-fMJ-jZZY
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] New draft: draft-rescorla-tls13-new-flows-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Feb 2014 14:46:37 -0000

On Wed, 2014-02-19 at 12:40 -0800, Eric Rescorla wrote:
> Folks,
> I have prepared a new version of the TLS 1.3 flows document which
> should appear in the repository shortly and in the meantime can be
> found at:

Hello,
 I haven't read it yet to comment, but may I suggest something
procedural? I think it would be better to first agree on the list of
issues that TLS 1.3 will fix, and the list of features it will bring, 
and the security requirements for this protocol; as the charter is very
high level for that.

I believe you have already done that as part of your presentation in
IETF 88, and there was some discussions on the list some time ago, but I
don't know what was considered or discarded. It would be nice to have a
draft that sets the desired requirements for TLS 1.3. (I'd volunteer
maintain one if that is the issue)

Then it will be much more easy to check whether a proposed solution
satisfies the requirements, and input from other unrelated groups such
as CFRG would be more easy to get.

regards,
Nikos

PS. As I believe that security protocol design is part of cryptography, 
I'm still of the opinion that we should more actively seek for external
expertise (e.g., by a competition or other appropriate methods).

v2.23.0 | Report a Bug | By Email