Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF101

Melinda Shore <> Tue, 13 March 2018 19:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4351E12D7E5 for <>; Tue, 13 Mar 2018 12:08:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Ez6MfoqZvUcD for <>; Tue, 13 Mar 2018 12:08:34 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c01::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D17D91200F1 for <>; Tue, 13 Mar 2018 12:08:34 -0700 (PDT)
Received: by with SMTP id w15-v6so352388plq.9 for <>; Tue, 13 Mar 2018 12:08:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=HC7GmZ8Qlo13CbGLLuM/4VQiSfxdUfolJS0fDeIxCrQ=; b=N78IsmaUZh8vFocLkw0Vvb/X44d107o4jkr22LxKuGIvbUKNI8SbR+2tZIViPkPM+w OTD9iXt6eqUCDSULirRzTpM6Vx7n06CrPx+TmgnySBROD8J3krMvDdMgKdOxXzaMsctq 3FkhauY+bDsLF2tLe8ImQlXRam7ZIM0Ik0upgKjGLNeo77oo3gxpxmMY4swIBvVOsdn0 ihYqbPgau0sbXmOgaRsNrpT/E9Y1HvmJYaU0AC0QLCH2t1AdPOAx9MqbmLU3jXJi8MsM f6TsD8cLO2fxwMOPsGFkmpWIsx+EA5ypFCfxBy5K7JYjZ5Ln0MmMpchKKVnkZieDt9Ln bvzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=HC7GmZ8Qlo13CbGLLuM/4VQiSfxdUfolJS0fDeIxCrQ=; b=R29DQnRgqXG0OOV0c5J0H2CgbCLVbOhsFv2rzEj3k6njXsBu0FyKeAJ/d5Vq7mtz6Q 4V7KgBli5YIC+2jC4+SEWfXxWj8mLVuR5SWoq59uO17edvQxN2LpGcKgm08IgZZeCYq+ L7/legthsur2xDe0HippM9zUAIcIDOEFnyY9Pa0mO6n6IoQBO1IosJfO75mSO+n83q9K ug1POoc7US3uJ9fqC2YqDcEvtcLuJEV07kcUwF/0w6BV/KvpUf6FYjV4kRR7NvEztExH fRdh7l8grJTdzkoeb3yescOC8HP/uYCqkRX8wqWhoYXI0/5SwOYwCqubpGseT5wx0z7g vmvQ==
X-Gm-Message-State: AElRT7Fr7W+MCJqOkLRMzHoVgwak86RAoN4MLo6wg4s2E81/OPLVpedy jH7j03vkKYi89ENRCk2scH1SwvY=
X-Google-Smtp-Source: AG47ELtzmGW58mNtrZe0Q0d2j86x1XUz5UmCys7wNH86LY2GGpa9iIlE2TIOuxhpzhal8bBMs/DugA==
X-Received: by 2002:a17:902:b60f:: with SMTP id b15-v6mr1528595pls.392.1520968113796; Tue, 13 Mar 2018 12:08:33 -0700 (PDT)
Received: from aspen.local ( []) by with ESMTPSA id q15sm1443048pff.65.2018. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Mar 2018 12:08:33 -0700 (PDT)
To: Kathleen Moriarty <>
Cc: "<>" <>
References: <> <> <> <> <> <> <> <> <> <> <>
From: Melinda Shore <>
Message-ID: <>
Date: Tue, 13 Mar 2018 11:08:30 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Ogqcqgx5u5R7jnrc6aUox9oSEh67pChnV"
Archived-At: <>
Subject: Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF101
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 13 Mar 2018 19:08:36 -0000

On 3/13/18 10:44 AM, Kathleen Moriarty wrote:
> And then there are other options too, like another WG.  Even from
> Stephen's list of who is in agreement with him, I've received a few
> messages saying their text wasn't what he thinks it was.  More
> discussion here would be good to figure out a way forward.  The chairs
> have not agreed to allow the work to go forward, but just the
> discussions to determine next steps.

Part of the problem here, I think, is that it's not clear
what's under discussion - the general problem or this
specific draft.  I tend to think that discussions of the
general problem will probably be unproductive and
polarizing, and that if there is a way forward on this
it's to have credible and specific technical proposals.
Remember that in terms of process we don't need to have
unanimity on a decision, but all serious technical
objections need to be addressed and resolved.  So,
if someone has a draft that can eventually clear that
bar, proponents of allowing third parties to decrypt
TLS sessions have a way forward.  (Unfortunately I
don't think this draft can make it through).  At any
rate I would regret (a lot) seeing discussion meander
on over to the broader should-we-or-shouldn't-we question.


Software longa, hardware brevis

PGP fingerprint: 4F68 2D93 2A17 96F8 20F2
                 34C0 DFB8 9172 9A76 DB8F