Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF101

Melinda Shore <melinda.shore@nomountain.net> Tue, 13 March 2018 19:08 UTC

Return-Path: <melinda.shore@nomountain.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4351E12D7E5 for <tls@ietfa.amsl.com>; Tue, 13 Mar 2018 12:08:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nomountain-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ez6MfoqZvUcD for <tls@ietfa.amsl.com>; Tue, 13 Mar 2018 12:08:34 -0700 (PDT)
Received: from mail-pl0-x22e.google.com (mail-pl0-x22e.google.com [IPv6:2607:f8b0:400e:c01::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D17D91200F1 for <tls@ietf.org>; Tue, 13 Mar 2018 12:08:34 -0700 (PDT)
Received: by mail-pl0-x22e.google.com with SMTP id w15-v6so352388plq.9 for <tls@ietf.org>; Tue, 13 Mar 2018 12:08:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nomountain-net.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=HC7GmZ8Qlo13CbGLLuM/4VQiSfxdUfolJS0fDeIxCrQ=; b=N78IsmaUZh8vFocLkw0Vvb/X44d107o4jkr22LxKuGIvbUKNI8SbR+2tZIViPkPM+w OTD9iXt6eqUCDSULirRzTpM6Vx7n06CrPx+TmgnySBROD8J3krMvDdMgKdOxXzaMsctq 3FkhauY+bDsLF2tLe8ImQlXRam7ZIM0Ik0upgKjGLNeo77oo3gxpxmMY4swIBvVOsdn0 ihYqbPgau0sbXmOgaRsNrpT/E9Y1HvmJYaU0AC0QLCH2t1AdPOAx9MqbmLU3jXJi8MsM f6TsD8cLO2fxwMOPsGFkmpWIsx+EA5ypFCfxBy5K7JYjZ5Ln0MmMpchKKVnkZieDt9Ln bvzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=HC7GmZ8Qlo13CbGLLuM/4VQiSfxdUfolJS0fDeIxCrQ=; b=R29DQnRgqXG0OOV0c5J0H2CgbCLVbOhsFv2rzEj3k6njXsBu0FyKeAJ/d5Vq7mtz6Q 4V7KgBli5YIC+2jC4+SEWfXxWj8mLVuR5SWoq59uO17edvQxN2LpGcKgm08IgZZeCYq+ L7/legthsur2xDe0HippM9zUAIcIDOEFnyY9Pa0mO6n6IoQBO1IosJfO75mSO+n83q9K ug1POoc7US3uJ9fqC2YqDcEvtcLuJEV07kcUwF/0w6BV/KvpUf6FYjV4kRR7NvEztExH fRdh7l8grJTdzkoeb3yescOC8HP/uYCqkRX8wqWhoYXI0/5SwOYwCqubpGseT5wx0z7g vmvQ==
X-Gm-Message-State: AElRT7Fr7W+MCJqOkLRMzHoVgwak86RAoN4MLo6wg4s2E81/OPLVpedy jH7j03vkKYi89ENRCk2scH1SwvY=
X-Google-Smtp-Source: AG47ELtzmGW58mNtrZe0Q0d2j86x1XUz5UmCys7wNH86LY2GGpa9iIlE2TIOuxhpzhal8bBMs/DugA==
X-Received: by 2002:a17:902:b60f:: with SMTP id b15-v6mr1528595pls.392.1520968113796; Tue, 13 Mar 2018 12:08:33 -0700 (PDT)
Received: from aspen.local (209-112-197-161-radius.dynamic.acsalaska.net. [209.112.197.161]) by smtp.gmail.com with ESMTPSA id q15sm1443048pff.65.2018.03.13.12.08.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Mar 2018 12:08:33 -0700 (PDT)
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
References: <6140B7A6-A1C7-44BC-9C65-9BE0D5E1B580@sn3rd.com> <986797a7-81b0-7874-5f39-afe83c86635b@cs.tcd.ie> <CAOgPGoBYc7O+qmjM-ptkRkE6mRsOYgc5O7Wu9pm3drFp3TVa6Q@mail.gmail.com> <d7dfdc1a-2c96-fd88-df1b-3167fe0f804b@cs.tcd.ie> <CAHbuEH7E8MhFcMt2GSngSrGxN=6bU6LD49foPC-mdoUZboH_0Q@mail.gmail.com> <1a024320-c674-6f75-ccc4-d27b75e3d017@nomountain.net> <2ed0gc.p5dcxd.31eoyz-qmf@mercury.scss.tcd.ie> <d7ec110f-2a0b-cf97-94a3-eeb5594d8c24@cs.tcd.ie> <57A8E13A-AC4D-49F3-A356-4C94AC6ABFCA@rfc1035.com> <757b5c43-e346-47e7-9fc1-c64b901202e2@nomountain.net> <CAHbuEH6jr0OSAt5KAeMytiA6crG15igvuCiW5fGcw26k3LogqA@mail.gmail.com>
From: Melinda Shore <melinda.shore@nomountain.net>
Message-ID: <729d56fe-ebc6-6e70-39fa-1f54c269d5b2@nomountain.net>
Date: Tue, 13 Mar 2018 11:08:30 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CAHbuEH6jr0OSAt5KAeMytiA6crG15igvuCiW5fGcw26k3LogqA@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Ogqcqgx5u5R7jnrc6aUox9oSEh67pChnV"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/U0lNMmvdbtUG8r57E9K4kIM34eo>
Subject: Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF101
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2018 19:08:36 -0000

On 3/13/18 10:44 AM, Kathleen Moriarty wrote:
> And then there are other options too, like another WG.  Even from
> Stephen's list of who is in agreement with him, I've received a few
> messages saying their text wasn't what he thinks it was.  More
> discussion here would be good to figure out a way forward.  The chairs
> have not agreed to allow the work to go forward, but just the
> discussions to determine next steps.

Part of the problem here, I think, is that it's not clear
what's under discussion - the general problem or this
specific draft.  I tend to think that discussions of the
general problem will probably be unproductive and
polarizing, and that if there is a way forward on this
it's to have credible and specific technical proposals.
Remember that in terms of process we don't need to have
unanimity on a decision, but all serious technical
objections need to be addressed and resolved.  So,
if someone has a draft that can eventually clear that
bar, proponents of allowing third parties to decrypt
TLS sessions have a way forward.  (Unfortunately I
don't think this draft can make it through).  At any
rate I would regret (a lot) seeing discussion meander
on over to the broader should-we-or-shouldn't-we question.

Melinda

-- 
Software longa, hardware brevis

PGP fingerprint: 4F68 2D93 2A17 96F8 20F2
                 34C0 DFB8 9172 9A76 DB8F