[TLS] ECH & HPKE versions as an example of too much githubbery
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 27 October 2020 20:31 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C5A33A159C for <tls@ietfa.amsl.com>; Tue, 27 Oct 2020 13:31:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sODKqP71AyTe for <tls@ietfa.amsl.com>; Tue, 27 Oct 2020 13:31:20 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 985063A159A for <tls@ietf.org>; Tue, 27 Oct 2020 13:31:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 959C3BE50 for <tls@ietf.org>; Tue, 27 Oct 2020 20:31:18 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UoiuutntxXNr for <tls@ietf.org>; Tue, 27 Oct 2020 20:31:17 +0000 (GMT)
Received: from [10.244.2.119] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 0E296BE4D for <tls@ietf.org>; Tue, 27 Oct 2020 20:31:17 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1603830677; bh=b+1ahx+DUiwhk0Q2XDWm2AvevtkO1gKpPnluLPbzQj0=; h=From:Subject:To:Date:From; b=pEG+uGF4mVM9z3WMsgvFWae1vA+OXUg6Mlr74noaFPJqqRCo71L9T9vp16tjvhooe 2jCOziXCHGCWIhf7Qs3NTT50587vSzfd1lmgF8Vbz1zRQFgj0NCpXVFU4ljLQIt4ir ZTJeOB+M181CA5kMu6whV75dUCvwLsjdMRSufIig=
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: "tls@ietf.org" <tls@ietf.org>
Message-ID: <06eebcd3-1532-1df4-cd4b-c92110bbf010@cs.tcd.ie>
Date: Tue, 27 Oct 2020 20:31:16 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.2
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/URWgTS5Es8rgJkERbLZlPoY_PW4>
Subject: [TLS] ECH & HPKE versions as an example of too much githubbery
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Oct 2020 20:31:22 -0000
Hiya, The latest ECH draft from Oct 16 says "ECH uses draft-05 of HPKE for public key encryption." The latest HPKE draft (-06) from Oct 23 has a few minor incompatible changes (for good but relatively trivial reasons). So for interop ECH apparently requires use of an outdated I-D, despite the one week difference in publishing and a common co-author. It seems a bit mad that all that githubbery results in such a lack of co-ordination in two closely related specs. Anyway, I can manage to handle both HPKE-05 and HPKE-06 but this seems like yet another case where there is too much githubbery going on with the result that two closely linked drafts with a common co-author end up out of whack despite being issued within a week of one another. That and the velocity of discussion and changes on github are a major disincentive (for me) for implementing ECH. I simply do not have the cycles to keep up with it as it has been happening these last months. If that were the goal of the authors and those endlessly commenting on github (and I do not believe it is), then they would be close to reaching that goal. Can we not please freeze this stuff for at least long enough to get implementations done and somewhat tested? Frankly, I expect my plea here to be more or less ignored just as my previous entreaties were. I decided to send it anyway on the basis that the perhaps what seems like an obvious failure of the current approach (ECH can't interop unless you use an outdated I-D for HPKE) might show that all this apparent high velocity discussion on github is not as effetcive as claimed (in at least this case). Thanks, Stephen.
- [TLS] ECH & HPKE versions as an example of too mu… Stephen Farrell
- Re: [TLS] ECH & HPKE versions as an example of to… Mark Nottingham
- Re: [TLS] ECH & HPKE versions as an example of to… Stephen Farrell
- Re: [TLS] ECH & HPKE versions as an example of to… Eric Rescorla
- Re: [TLS] ECH & HPKE versions as an example of to… Stephen Farrell
- Re: [TLS] ECH & HPKE versions as an example of to… Eric Rescorla
- Re: [TLS] ECH & HPKE versions as an example of to… Salz, Rich
- Re: [TLS] ECH & HPKE versions as an example of to… Stephen Farrell
- Re: [TLS] ECH & HPKE versions as an example of to… Sean Turner
- Re: [TLS] ECH & HPKE versions as an example of to… Stephen Farrell
- Re: [TLS] ECH & HPKE versions as an example of to… Rob Sayre