Re: [TLS] relax certificate_list requirements - opinion call (was Re: [tls13-spec] relax certificate_list ordering requirements to match current practice (#169)) I wonder if anyone is reading the full subject line or does it just get truncated at some poi
Andrei Popov <Andrei.Popov@microsoft.com> Tue, 19 May 2015 16:39 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B2AE1ACC81 for <tls@ietfa.amsl.com>; Tue, 19 May 2015 09:39:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id stAhuW_dUFdF for <tls@ietfa.amsl.com>; Tue, 19 May 2015 09:39:02 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0123.outbound.protection.outlook.com [207.46.100.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9189E1B2FFF for <tls@ietf.org>; Tue, 19 May 2015 09:39:01 -0700 (PDT)
Received: from BLUPR03MB1396.namprd03.prod.outlook.com (10.163.81.142) by BLUPR03MB1394.namprd03.prod.outlook.com (10.163.81.140) with Microsoft SMTP Server (TLS) id 15.1.166.22; Tue, 19 May 2015 16:39:00 +0000
Received: from BLUPR03MB1396.namprd03.prod.outlook.com ([10.163.81.142]) by BLUPR03MB1396.namprd03.prod.outlook.com ([10.163.81.142]) with mapi id 15.01.0166.017; Tue, 19 May 2015 16:39:00 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] relax certificate_list requirements - opinion call (was Re: [tls13-spec] relax certificate_list ordering requirements to match current practice (#169)) I wonder if anyone is reading the full subject line or does it just get truncated at some poi
Thread-Index: AdCSLOLGJVnE1j84SD6Bm7bXqoznGwAJP6uQ
Date: Tue, 19 May 2015 16:38:59 +0000
Message-ID: <BLUPR03MB1396B22C6722C0C9CD9376138CC30@BLUPR03MB1396.namprd03.prod.outlook.com>
References: <9A043F3CF02CD34C8E74AC1594475C73AB02512C@uxcn10-tdc05.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73AB02512C@uxcn10-tdc05.UoA.auckland.ac.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-originating-ip: [2001:4898:80e8:ed31::3]
x-microsoft-exchange-diagnostics: 1; BLUPR03MB1394; 3:kDyCbaVXmWXmQGSI991Ohats0FUdwQKqm53+gSiwS7t06BBFFJuZkt06zcLi103hnBiDRtw3UMIdhF3ICtN5M3liGIR7DafHcV8bqAjsjIU98x6UoCJS+Ac1gvTd+6Z6c9KKt8IRFwIUSAKL7VujPA==; 10:RFnocmthslLy8/RVL+PJ2XZdMw1ITSG32Sit6qVCi19dKql/CYths7Xz1zOKf8JmX7nnk/db4H6b9xkxpeRelI+Jryk1I/fILgTPTFaP82k=; 6:bb5HLb8adhVbVwJPi7I+Qf4cgh7LgBgee5ZXM5+ASYgGMBRpR0cnvxdvVYRehs6v
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR03MB1394;
x-microsoft-antispam-prvs: <BLUPR03MB1394B92B8BB200A76B45BFBC8CC30@BLUPR03MB1394.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:BLUPR03MB1394; BCL:0; PCL:0; RULEID:; SRVR:BLUPR03MB1394;
x-forefront-prvs: 0581B5AB35
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(13464003)(199003)(54094003)(377454003)(189002)(74316001)(87936001)(68736005)(77096005)(15975445007)(2656002)(102836002)(33656002)(54356999)(76176999)(99286002)(189998001)(62966003)(77156002)(105586002)(5001830100001)(5001860100001)(5001770100001)(2950100001)(2900100001)(4001540100001)(81156007)(40100003)(107886002)(76576001)(50986999)(97736004)(122556002)(5001960100002)(86362001)(106356001)(64706001)(101416001)(19580405001)(19580395003)(86612001)(46102003)(92566002)(219693003)(3826002)(491001); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR03MB1394; H:BLUPR03MB1396.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 May 2015 16:38:59.4991 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR03MB1394
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/RzR06gUs7AYuuPwb7mMFfNad1HY>
Subject: Re: [TLS] relax certificate_list requirements - opinion call (was Re: [tls13-spec] relax certificate_list ordering requirements to match current practice (#169)) I wonder if anyone is reading the full subject line or does it just get truncated at some poi
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 May 2015 16:39:03 -0000
+1. Since we're not going to change implementations to conform to the current strict requirements (because it would have been a breaking change), we can as well relax the requirements. Cheers, Andrei -----Original Message----- From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Peter Gutmann Sent: Tuesday, May 19, 2015 5:11 AM To: <tls@ietf.org> Subject: Re: [TLS] relax certificate_list requirements - opinion call (was Re: [tls13-spec] relax certificate_list ordering requirements to match current practice (#169)) I wonder if anyone is reading the full subject line or does it just get truncated at some poi Dave Garrett <davemgarrett@gmail.com> writes: >Who else is in favor or against, at the moment? I'm in favour of relaxing the requirements to match real-world practice. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] relax certificate_list requirements - o… Peter Gutmann
- Re: [TLS] relax certificate_list requirements - o… Andrei Popov
- Re: [TLS] relax certificate_list requirements - o… Martin Rex
- Re: [TLS] relax certificate_list requirements - o… Andrei Popov
- Re: [TLS] relax certificate_list requirements - o… Martin Rex
- Re: [TLS] relax certificate_list requirements - o… Dave Garrett
- Re: [TLS] relax certificate_list requirements - o… Martin Rex
- Re: [TLS] relax certificate_list requirements - o… Dave Garrett
- Re: [TLS] relax certificate_list requirements - o… Peter Gutmann
- Re: [TLS] relax certificate_list requirements - o… Watson Ladd