IETF Logo Mail Archive

Re: [TLS] Bakeoffs

Eric Rescorla <ekr@rtfm.com> Wed, 16 April 2014 14:28 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 982911A01D6 for <tls@ietfa.amsl.com>; Wed, 16 Apr 2014 07:28:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXpHW_OLKjbd for <tls@ietfa.amsl.com>; Wed, 16 Apr 2014 07:28:27 -0700 (PDT)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) by ietfa.amsl.com (Postfix) with ESMTP id 246A21A01CF for <tls@ietf.org>; Wed, 16 Apr 2014 07:28:27 -0700 (PDT)
Received: by mail-wi0-f177.google.com with SMTP id cc10so1469857wib.16 for <tls@ietf.org>; Wed, 16 Apr 2014 07:28:23 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=xCB0d55mQC2/mnFbqOeDO6tAOBAvMxUrjpnoQIPXHbs=; b=ipKir9W2FG6Jcu+//pPgXmO9MBow87K3aYGpTRng6g0vATNdJeRXRn6E7LtIOaM5nn Y8pc8JoilDwkJgXIhPxAjMCSxtneic/LrglR6aE0iGbqO1YEDcQMiP4WLP10sSMp0/1z YQWvEmPZZiJXLtOcpriJ4Gv8XpvSEGnURLq1hw2oLFWPuhn7gzOdJGOEno/8EKSpn7SM YKz2xK8MlhqH9sCxqXg7gpnlBXDCwjuXNh/0vtPBLqm1yBa9sqEqgAsrzfGz8pHI/4v1 xYOmCmHsMntK+VSnAVfv+H1LsY/MJJxXacs+6mbhUB7u+xfk0BIV+rjZq1yFGAe6lI/A 7X/w==
X-Gm-Message-State: ALoCoQlbUgILxpY3E/qm7KKWIjLCKwpeHc2hhHQ/6rBqcW2s7CBrpIGJSkx2/5h7eNK4106X7qSC
X-Received: by 10.180.212.76 with SMTP id ni12mr7773558wic.49.1397658503449; Wed, 16 Apr 2014 07:28:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.218.198 with HTTP; Wed, 16 Apr 2014 07:27:43 -0700 (PDT)
X-Originating-IP: [74.95.2.168]
In-Reply-To: <CABkgnnUmfmq-tL34eATTs4vVnxtqh+muYYoT+Y17RWFgm9=j6Q@mail.gmail.com>
References: <FAD11A6F-DB65-4797-89C2-022DCDED266F@iii.ca> <CACsn0ck5u_Sy7tvAbiT0mwRz0rkw4ZBW23F3R8qBV0urFEq21w@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7120B4905A5@USMBX1.msg.corp.akamai.com> <CAGZ8ZG1C8L1LW=H__FCiuK-Ywq_c63-pxW39QoCR6f0k1wd2Xg@mail.gmail.com> <CABkgnnUmfmq-tL34eATTs4vVnxtqh+muYYoT+Y17RWFgm9=j6Q@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 16 Apr 2014 07:27:43 -0700
Message-ID: <CABcZeBPzTaLRJ1irFKwZRB84yTMY7LyhVBTMRKH-p4nnnCf_YA@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c351a49da56a04f729baa5"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/SQZQ4z6VCoV1RAx7aGM9nU3o6p4
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Bakeoffs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Apr 2014 14:28:31 -0000

On Tue, Apr 15, 2014 at 10:32 PM, Martin Thomson
<martin.thomson@gmail.com>wrote:

> On 15 April 2014 17:46, Trevor Perrin <trevp@trevp.net> wrote:
> >
> > So Cullen, Russ, Martin, and Rich all expressed interest in a TLS 1.3
> > that completes quickly and with small changes to TLS 1.2.
>
> That's a not quite accurate reinterpretation of my statements.
>
> My position is that TLS 1.3 should meet its chartered goals as
> expediently as possible.  Depending on the answers to certain
> questions (like the SNI question), that might involve small changes to
> 1.2 or it might be big.  Arguably, completely changing the record
> layer as we've essentially agreed is a big change, so we're already
> there.


Just as a clarifying point, I believe that what we've agreed isn't to
completely change the record layer, but rather we've agreed
(assuming there is consensus to do so) to deprecate two
of the record variants (StreamCipher and BlockCipher) in favor
of the third, AEAD, which shouldn't be changing significantly.

-Ekr

v2.23.0 | Report a Bug | By Email