IETF Logo Mail Archive

Re: [TLS] Call for Consensus on removal of renegotiation

Watson Ladd <watsonbladd@gmail.com> Thu, 26 June 2014 15:49 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6138D1B2904 for <tls@ietfa.amsl.com>; Thu, 26 Jun 2014 08:49:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yh37NOCKxpOn for <tls@ietfa.amsl.com>; Thu, 26 Jun 2014 08:49:07 -0700 (PDT)
Received: from mail-yk0-x22f.google.com (mail-yk0-x22f.google.com [IPv6:2607:f8b0:4002:c07::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7E3D1B31B0 for <tls@ietf.org>; Thu, 26 Jun 2014 07:51:20 -0700 (PDT)
Received: by mail-yk0-f175.google.com with SMTP id 9so2045990ykp.20 for <tls@ietf.org>; Thu, 26 Jun 2014 07:51:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=L1Vzee0M+llQ3v7I/jUxedfxA5PNnaVlB5IYD2JXz9w=; b=rxRzMk85f740U4D7S8QhGopcMks907nlL7wdXLCjQTQmMWJThFvVHt+LnRkW9nHfcm xoecJUhlo2Xw55tgVSEQLyIwtE72Nx+U6qQ8vBG3U0VyWwRlSjGTBes4HhQfJZDxy4GB SMjDPTEC4uWE0DzOFBKiZ4JXSohW9+PNfT4wv0G/HJc2SY+h1v2WHomjTgl29eOy/VP1 bYc3B7TwaCTHNi2SSOBb5xvXpBSq6vis0KQm7WyOjwojLPGV9Z0RYR9TLYlybgp7xePd gSpzSQf6vRnj4ZbUh6Uo5wW2/OWfceCYgpEc6jEdKDVRwCj8j0GlCZFhgnxLsy4Jplf/ zYig==
MIME-Version: 1.0
X-Received: by 10.236.173.71 with SMTP id u47mr22830608yhl.66.1403794280016; Thu, 26 Jun 2014 07:51:20 -0700 (PDT)
Received: by 10.170.39.136 with HTTP; Thu, 26 Jun 2014 07:51:19 -0700 (PDT)
In-Reply-To: <1403766841.4179.3.camel@dhcp-2-127.brq.redhat.com>
References: <44DA5A30-015D-40F3-90CA-F15076891BBC@cisco.com> <1403766841.4179.3.camel@dhcp-2-127.brq.redhat.com>
Date: Thu, 26 Jun 2014 07:51:19 -0700
Message-ID: <CACsn0ckpM90-1g1bxn8kynf=kWPKayk9kxJJnQsDSeNBTMrrkg@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/TavrUADrVavAF_2FhANJPku1-Bk
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Call for Consensus on removal of renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jun 2014 15:49:09 -0000

On Thu, Jun 26, 2014 at 12:14 AM, Nikos Mavrogiannopoulos
<nmav@redhat.com> wrote:
> On Wed, 2014-06-25 at 18:34 +0000, Joseph Salowey (jsalowey) wrote:
>> We would like to see if there is consensus on removing renegotiation in TLS 1.3.  We had rough consensus at the interim to remove renegotiation. Please state your position by indicating preference for one of the following (we will have a separate consensus call to decide on rekey approach).
>>
>> 1. Do you favor removing renegotiation from TLS 1.3 either with or without an additional facility for rekey?
>> 2. Are you in favor of not removing renegotiation regardless of the addition of a separate rekey facility?
>> Please respond to the list by July 1, 2014.
>
> I don't understand how this got into the discussion of TLS 1.3. This was
> never approved as part of the TLS 1.3 charter, so I believe that there
> should be a re-charter to include changes like that. As it is now the
> discussion on TLS 1.3 is moving wherever the wind blows.

The TLS 1.3 charter didn't include security as a charter goal. It was
also very controversial: significant numbers of implementers indicated
that they wished the committee would deal with problems ignored for a
decade or two before trying to make something new.

Sincerely,
Watson Ladd
>
> regards,
> Nikos
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

v2.23.0 | Report a Bug | By Email