IETF Logo Mail Archive

Re: [TLS] Please discuss: draft-housley-evidence-extns-00<

<home_pw@msn.com> Thu, 11 January 2007 17:03 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H53Ky-00038n-6r; Thu, 11 Jan 2007 12:03:36 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H53Kx-00038i-LG for tls@ietf.org; Thu, 11 Jan 2007 12:03:35 -0500
Received: from bay0-omc3-s9.bay0.hotmail.com ([65.54.246.209]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H53Kv-0003Rg-6u for tls@ietf.org; Thu, 11 Jan 2007 12:03:35 -0500
Received: from hotmail.com ([65.55.131.24]) by bay0-omc3-s9.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Thu, 11 Jan 2007 09:03:32 -0800
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 11 Jan 2007 09:03:32 -0800
Message-ID: <BAY126-DAV14932103ED2382A2E149A492B10@phx.gbl>
Received: from 70.142.20.165 by BAY126-DAV14.phx.gbl with DAV; Thu, 11 Jan 2007 17:03:28 +0000
X-Originating-IP: [70.142.20.165]
X-Originating-Email: [home_pw@msn.com]
X-Sender: home_pw@msn.com
From: home_pw@msn.com
To: "Kemp, David P." <DPKemp@missi.ncsc.mil>, tls@ietf.org
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
Date: Thu, 11 Jan 2007 09:03:28 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="response"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail desktop 8.0.1223
X-MimeOLE: Produced By Microsoft MimeOLE V8.0.1223
X-OriginalArrivalTime: 11 Jan 2007 17:03:32.0572 (UTC) FILETIME=[6C9051C0:01C735A2]
X-Spam-Score: 0.2 (/)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org


> In military varieties of this, the sessionid sticky state 
> controls which 803.11q vlan paths trunks that fragment can 
> go over...

Sorry: 802.1Q, above.

I was thinking about 802.11i, EAP-TTLS and then AEAP for 
TLS1.2 fragments going over a connectionless bearer, or TCP 
(with those 2**64 fragments under the AES-CCM "hold 
plaintext till the mac verifies" rule!)

But, its fascinating to watch SSL evolve for different 
embodiments, with distinct tunings to each type of 
engineering. I can finally see what motivates TLS1.2 now. 
And, it is good. I was wrong to argue against TLS1.2 
procedurally, I now see.

But, as Martin hinted: one has to read behind the lines too 
much, to really review the new features of the TLS spec 
these days. Its almost impossible to do a conventional 
requirements trace...so that the crypto feature justifies 
the mechanism, which justifies the service, which responds 
to the use case, which is appropriate for application sphere 
X, and the ciphersuites and their modes are appropriate for 
the implementation assumptions (UNIX thread pools, switched 
ethernets with PVLANs, NIC/port ASICs etc). Thus is getting 
ever harder to (a) understand the (implied) rationales, and 
(b) evaluate the technical proposals 


_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email