IETF Logo Mail Archive

Re: [TLS] EXTERNAL: Re: Authentication Only Ciphersuites RFC

Jack Visoky <jmvisoky@ra.rockwell.com> Wed, 27 February 2019 19:49 UTC

Return-Path: <jmvisoky@ra.rockwell.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7E06127AC2 for <tls@ietfa.amsl.com>; Wed, 27 Feb 2019 11:49:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ra.rockwell.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O8G99SmWCEvz for <tls@ietfa.amsl.com>; Wed, 27 Feb 2019 11:49:35 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on061a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe49::61a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC97F1310D2 for <tls@ietf.org>; Wed, 27 Feb 2019 11:49:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ra.rockwell.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AKEPt3G24h0Pk6Zya2ywPJ0zt9RF2yO/Q4ODermO1qE=; b=d3YrQVag5uf0ub44cXFa4WZJEEqruOCdrZYS6qod+8NKQ8UoK6GUdMEQfapul1TaATRakMIV3PgWNxugllifK8g3mtpM3ppT0v5Ng8xT5xJLxf7KeSYsFrMv2YQkDDofPxHDU2kIwnzSLEBWq4JS84TFxpVF4zTQLibcid2TLOc=
Received: from BN6PR2201MB1092.namprd22.prod.outlook.com (10.174.88.29) by BN6PR2201MB1635.namprd22.prod.outlook.com (10.174.85.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.16; Wed, 27 Feb 2019 19:49:33 +0000
Received: from BN6PR2201MB1092.namprd22.prod.outlook.com ([fe80::dd5e:b340:8fa8:b113]) by BN6PR2201MB1092.namprd22.prod.outlook.com ([fe80::dd5e:b340:8fa8:b113%5]) with mapi id 15.20.1665.015; Wed, 27 Feb 2019 19:49:33 +0000
From: Jack Visoky <jmvisoky@ra.rockwell.com>
To: Eric Rescorla <ekr@rtfm.com>
CC: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: EXTERNAL: Re: [TLS] Authentication Only Ciphersuites RFC
Thread-Index: AdTOFIIaiE+qoBOKQdSotuuQ5A30qAAEXjYAACu+W6A=
Date: Wed, 27 Feb 2019 19:49:33 +0000
Message-ID: <BN6PR2201MB10920B409B6E38A36BB2DDC499740@BN6PR2201MB1092.namprd22.prod.outlook.com>
References: <BN6PR2201MB1092B0FAD8AB0334CF151996997B0@BN6PR2201MB1092.namprd22.prod.outlook.com> <CABcZeBPo3fDbCUoHWG84gnq0_uU5iyRXQgdboCYSeATpYdz=xg@mail.gmail.com>
In-Reply-To: <CABcZeBPo3fDbCUoHWG84gnq0_uU5iyRXQgdboCYSeATpYdz=xg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jmvisoky@ra.rockwell.com;
x-originating-ip: [205.175.250.243]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 734327e3-ae5c-49f7-5440-08d69cecb1ff
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(4618075)(2017052603328)(7153060)(7193020); SRVR:BN6PR2201MB1635;
x-ms-traffictypediagnostic: BN6PR2201MB1635:
x-ms-exchange-purlcount: 2
x-microsoft-exchange-diagnostics: 1;BN6PR2201MB1635;23:bG4DNJRISjS3jqKmUNPEJq0eSeBg3Z15w101JqpKx1ZJWpCpH3egqHTycH/nDFR8nRYcLwJgmyY2XKWTlF/4xA/Y0n4QwaGKjETExFINVtIjfmdSvI+CvDJ5HvQ+zmL8WCc3PElnAeHA97YywXm63XW5+gz+1rDygtWkYvk+nU6DRK7ITJtJmRYM3SMJgvFVp8cdb8zVMSGxUOrJFZwUBJli0Wh9IMcqmI47Ka7CBIy7uU7KlpSZjcLIsyuQ5AmSgMkRRAJV/EnSh/elwBWpmK7MRK5tXpibqJxy8nD424FqXxjRZGsGj8uKCdf7sDLLY7Vd1QpsSWPMc5ErTek21aCAyXbhMCB5s/FkX8vIv6NaKDv+ssnN54OZSSiaK8pA/k1iM2+VPv+LIlupu1YkY9qcpL7Hz1m/3co79uC+1CAh/pxrBhPPLg87vWUb04YXRVp3xoxWVmbhMuOhEuxQgVYW2jY91Nyq5J/87aUqq22AryX0R/awVm7Nz72dbhIz0DfrqktmrEzoMOKZnPpBGibf5ElNXICyXcDjdwbbaUJgLVOxBuCSXQlDDMWdwfoi+88/uzi/o8fJNBvix+n8rsdGWRjMgTpztsVCWk+H6tfvWKM9czRNMDK/ZKO0UB3hxs6ZaUwHRpgFdohQLslsuiuheO6aBnlmF3cKSoLL//xe+DZ/3tWQzCjXsIUaqdirenJOWkt1INEivHOjIkyzOhMApf9iMFecbfBzEta+raFgS+7XlaseJ2u+nhzVcPPkH1KZDWtDSTd1DX0erUBN2UaBfjg8axxPWsl33L3RzVkQykWwnRgu08+VRemMJDPStmdAScuAFV8oMbRQnSq0QRz7iTfiOahYjEGo/NJnssKVl595u6QK5h2Hzq7wHPSOajU77x3TEe6DSQaIJlrKXU1OwV+e1aITQW3kibibxK/oyAaZ4L65bzxpmb3+0zWTG43iH0753NL35T0lPsOW6y0wlTI2yV6XSLEXD2PudLdaOQI2cB5M9cfgFqRtx859/5AuSl8waFXbZh+jO0hfkOI4b5HdNHBewy1JUW+FSdKWELhVcBBJyP/9eN+KQQwo4lq2ZZ5dSVcArmWR7YVJBs1zoul4i48Kaf2l8VsFxP0Ts6DXZsR6JCEQ4mzAEVGz8K5TgT/pauMwMrTINY5jw8o+z7/9Dju93OaT9XBp5F+ouPwPSyvpvIVjQ2rVlpQYvnbbnRzdImiXGqgk6r8iJmMcDvjCfqj2lT5yQUy1JtU2gAHErrQHkZNzMivavbhPHL9JIkBWUJiohlI00KFxnm8fih6pp+uBO8tHQACQbDrGdl8OOS8lWmr3nyUtVbgmwvjmd3zT3u/QArnlGz9w+Q==
x-microsoft-antispam-prvs: <BN6PR2201MB163547CB13D00472330E4F0599740@BN6PR2201MB1635.namprd22.prod.outlook.com>
x-forefront-prvs: 0961DF5286
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(396003)(366004)(136003)(376002)(346002)(199004)(189003)(486006)(25786009)(7736002)(26005)(81166006)(81156014)(66066001)(8676002)(4326008)(76176011)(7696005)(6916009)(106356001)(14444005)(5024004)(71190400001)(256004)(86362001)(71200400001)(316002)(52536013)(14454004)(6246003)(606006)(6506007)(102836004)(478600001)(53546011)(74316002)(966005)(97736004)(6306002)(68736007)(5660300002)(236005)(54896002)(55016002)(33656002)(6436002)(6116002)(105586002)(790700001)(99286004)(3846002)(229853002)(2906002)(53936002)(9326002)(8936002)(186003)(446003)(476003)(9686003)(11346002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR2201MB1635; H:BN6PR2201MB1092.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ra.rockwell.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: n9pLAxyWJkPvUp4Sw6B1oWoRoU28cvtf/TZj8WpkjG8ImO7WFPp029bXxv6QSfWRm9NyNuMhReirnjBN8sto33jAGU/6pznh+rarkvjPeLbnp/mY7D1FLHqjIE/uDFB0yKbuGOUza4WnOF3DmV0L3i6hMZafJqQ+iQK58TPa3Bu2fnmZMnhmKGmXDFYUaKrx8xYr7D0moSMKZqncqPLIXeazlB/yd5x2NXiO7ISpmVvpJWdFSEjNQLcq0lnoNMx/iJUDzH88bGNmozXzlvjYf4EPv3JUrsdS6+ge/cCSQ51KSCX0JAtCfKKeieN9DFpaAO//JzXpO2XJNWFIAV8Jy6BCB4A2u84RTvNUxzpxuTIYWexxYkpVnwWi5N7Pd1bo2koNkm2TrKKz+rWy5c27vGqDPl2ZmJnzTzoyjzjsmjk=
Content-Type: multipart/alternative; boundary="_000_BN6PR2201MB10920B409B6E38A36BB2DDC499740BN6PR2201MB1092_"
MIME-Version: 1.0
X-OriginatorOrg: ra.rockwell.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 734327e3-ae5c-49f7-5440-08d69cecb1ff
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Feb 2019 19:49:33.0628 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 855b093e-7340-45c7-9f0c-96150415893e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR2201MB1635
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/k0mackJsNWowsmt0mmBIA3yrom0>
Subject: Re: [TLS] EXTERNAL: Re: Authentication Only Ciphersuites RFC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 19:49:38 -0000

Hi Eric,

Our goal is to have an RFC published as Informational and with the Not Recommended status.  We felt having this approved through the IETF process vs just ISE would be beneficial to those wishing to adopt, and getting community review is also helpful to us and those we represent.

I suppose one question is whether or not we need this to be a WG item or if we can solicit independent shepherding from a chair or AD to get to the goal of an Information RFC with Not Recommended status.

Also, I apologize if I’ve misunderstood or misstated anything, I’m new to the IETF processes so certainly could have made a mistake.

Thanks,

--Jack

From: Eric Rescorla <ekr@rtfm.com>
Sent: Tuesday, February 26, 2019 5:53 PM
To: Jack Visoky <jmvisoky@ra.rockwell.com>
Cc: tls@ietf.org
Subject: EXTERNAL: Re: [TLS] Authentication Only Ciphersuites RFC


[Use caution with links & attachments]




On Tue, Feb 26, 2019 at 12:54 PM Jack Visoky <jmvisoky@ra.rockwell.com<mailto:jmvisoky@ra.rockwell.com>> wrote:

TLS Colleagues,

If you recall we discussed a draft for authentication only ciphersuites over email back in August of 2018.  We've since made some updates to that draft.  We also have gotten IANA assignments to the authentication only ciphersuites for TLS 1.3 and have updated the draft to reflect the new assignments.

To that extent, as the IoT community is looking to adopt these ciphersuites, we would like to solicit review of the draft:



    https://tools.ietf.org/html/draft-camwinget-tls-ts13-macciphersuites-02



and request that it be published as informational draft given that the IoT forums are looking to adopt its use and the draft can serve as the guide for use and interoperability.

It seems to me that there four somewhat distinct questions:

1. Code points
2. Document level (Info, Exp, PS, etc.)
3. Recommended status
4. WG status

From my perspective, you have code points and you've asked for an Informational document, but than can only get you Not Recommended, so what's the value of having this be a WG document? Why can't you submit it to the ISE or alternately just have people reference the draft?

-Ekr


Thanks and Best Regards,

--Jack (and Nancy)


_______________________________________________
TLS mailing list
TLS@ietf.org<mailto:TLS@ietf.org>
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email