[TLS]Re: Adoption Call for draft-davidben-tls-key-share-prediction
Joseph Salowey <joe@salowey.net> Wed, 22 May 2024 02:43 UTC
Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA7D0C18DB8E for <tls@ietfa.amsl.com>; Tue, 21 May 2024 19:43:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 78OdHAs2DJO5 for <tls@ietfa.amsl.com>; Tue, 21 May 2024 19:42:59 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7F97C18DB85 for <tls@ietf.org>; Tue, 21 May 2024 19:42:59 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id 38308e7fff4ca-2e3b1b6e9d1so70564031fa.2 for <tls@ietf.org>; Tue, 21 May 2024 19:42:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20230601.gappssmtp.com; s=20230601; t=1716345777; x=1716950577; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=KUDJptnTufNBfWmkOM2sk/CdvLRmXI+l66ejDPaRqdU=; b=mDhyXZqkMG/SIRda7KIbb2TknvcwwzsPpZWwMRqm+2l7+GAAn9cE8a7wgRLX10rbwK t/xkKsxSVrvWtHqx07sccxXyE1Md4OIy+cEu+DVyE6JwthkVgqkXVmvv0Um9SowVl9pH deKDzOmTzmS92WvL8SnKmHhecH20rP6prHtraQN/NevIVnLV+mDE+yXGCEu57kz6cssG UV/mQVSe5cHvjBBtxb+3En/iNbJC+N/+XDWuP45u26vqGRQ2ko99/X85EVO/jium6DM0 6nKso1+fkz2ycVRVpI5+EiGZaAq2Mg5/yaZkQWc0hg/6Rx4z+DHRKbd4rq1UZV1dh3kD S/KQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716345777; x=1716950577; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KUDJptnTufNBfWmkOM2sk/CdvLRmXI+l66ejDPaRqdU=; b=NJRSvQNlJ9RTuARpw5tkDMINmb0EmeNN5WKSGG7S6v03cQC/4FpPCDtIOwOKQrJFWc zY/CUh2xjeCn76ZrHqE1kxtBMgm2OStHQccWUyzu+bUhhzWoClaoEtcFZc6Bzu7l4fBn ytB/i0y1VdfXDM0taszrAYqjl83VPCBcndmthl7U8DMCsI9qgciX5ePOahqtr0KhXrW+ 4g96AnVQ85AiBGkZYgRvn9s7l4y0vZ+fDFvAM0lSb5kw7u6PQ+y4VOxSrrMFcpa4dHou FO3GV1X6jYeLQcku+bsgQcW2NtyIOKT0bKwCV1J42GscAFj3R2/jVI3S2asiMeo5eOA4 mvkw==
X-Gm-Message-State: AOJu0YwtzIWGs33XNKGgrpQSMIO8tMKP653v0RWs7T0lRByJcnJaly77 D5aTq9imXDy10Jw5KAVUh5Xj+5jAydijzA+EXHuRfTYTUMGeNin9/lN59+ff0xfqfFlgjh0uPjx q3szZhXcmlsLr/mlOSs5ct3A+67s2DGSFuZY6eXshoPfKLl7q
X-Google-Smtp-Source: AGHT+IF6Sp3fAV7CLlnjH2E486mofcGinHMeH8Q44ohtX9ETVWZf23Lu0NcFkUVNjeUQgn1D7V7YTZqJHJJq/yx/raQ=
X-Received: by 2002:a2e:9e96:0:b0:2e2:8409:a157 with SMTP id 38308e7fff4ca-2e949563a9emr2426811fa.49.1716345776944; Tue, 21 May 2024 19:42:56 -0700 (PDT)
MIME-Version: 1.0
References: <CAOgPGoA8-t_x7WLOjZ7kWaoPn9n2m-RM3VGUFaVttBiFrbjZHw@mail.gmail.com> <CABcZeBNwEh7PDC9FC6FXj5tk1=_ULRCdaycYWGWBEE-7iVmq+g@mail.gmail.com> <CAF8qwaC9K8d8aJGaTDLBXxHobCL1y7XrXy_Orzew475sXDxZfg@mail.gmail.com> <CABcZeBMO8NuvtPoZ8cByBxTjYVZ63Q+4akW4wEyVdLRmh9C0dQ@mail.gmail.com>
In-Reply-To: <CABcZeBMO8NuvtPoZ8cByBxTjYVZ63Q+4akW4wEyVdLRmh9C0dQ@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
Date: Tue, 21 May 2024 19:42:45 -0700
Message-ID: <CAOgPGoAgFgam3qHoLLkisuQQZKBwJ=DQXNZxHFDn7T43zucnQA@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000058da11061901e4d9"
Message-ID-Hash: MZR6IBH4A4MHOSK5WTROOBARLX7WBCSQ
X-Message-ID-Hash: MZR6IBH4A4MHOSK5WTROOBARLX7WBCSQ
X-MailFrom: joe@salowey.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Adoption Call for draft-davidben-tls-key-share-prediction
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
There is consensus to adopt this draft as a working group item. I'll work with the authors to migrate to the official repository and submit an updated draft. On Tue, May 21, 2024 at 11:23 AM Eric Rescorla <ekr@rtfm.com> wrote: > These are all fair points, and it's possible we don't need to do anything > with the transcript. > > I don't think we need to resolve this before adoption, I just wanted to > make sure that I said something now to make sure people weren't surprised > later. > > -Ekr > > > On Tue, May 21, 2024 at 6:46 AM David Benjamin <davidben@chromium.org> > wrote: > >> Off the cuff, folding it into the transcript sounds tricky, since >> existing TLS servers won't know to do it, and, as with any other DNS hints, >> we need to accommodate the DNS being out of sync with the server. It'll >> also be more difficult to deploy due to needing changes in the TLS stack >> and generally require much, much tighter coordination between DNS and TLS. >> I'd like for that coordination to be more viable (see my comments on the >> .well-known draft), but I don't think we're there yet. >> >> But I'm certainly open to continue discussing it and this problem space! >> The original version of the draft actually tried a lot harder to handle the >> downgrade story. Rather than mess with the transcript, it defined away all >> the negotiation algorithms where this would be a problem and keyed the >> NamedGroup codepoints to know when you could be guaranteed of the narrower >> server behavior. >> >> My read of the feedback was that people thought this was an unnecessary >> complication and that servers doing a key-share-first selection were doing >> so intentionally because they believed the options roughly equivalent. So I >> took all that out and replaced it with text to that effect. >> >> David >> >> >> On Tue, May 21, 2024, 08:54 Eric Rescorla <ekr@rtfm.com> wrote: >> >>> I agree that it's attractive to be able to hint in the HTTPS RR, but I'm >>> less sure about addressing the basic insecurity of the DNS channel with the >>> approach this draft takes. I don't have a complete thought here, but what >>> if we were to somehow fold the hint into the handshake transcript? I >>> suppose we can sort this out post-adoption, but I'd like the question to be >>> on the table. >>> >>> -Ekr >>> >>> >>> On Fri, May 3, 2024 at 3:05 PM Joseph Salowey <joe@salowey.net> wrote: >>> >>>> This is a working group call for adoption >>>> for draft-davidben-tls-key-share-prediction. This document was presented >>>> at IET 118 and has undergone some revision based on feedback since then. >>>> The current draft is available here: >>>> https://datatracker.ietf.org/doc/draft-davidben-tls-key-share-prediction/. >>>> Please read the document and indicate if and why you support or do not >>>> support adoption as a TLS working group item. If you support adoption >>>> please, state if you will help review and contribute text to the document. >>>> Please respond to this call by May 20, 2024. >>>> >>>> Thanks, >>>> >>>> Joe, Deidre, and Sean >>>> _______________________________________________ >>>> TLS mailing list >>>> TLS@ietf.org >>>> https://www.ietf.org/mailman/listinfo/tls >>>> >>> _______________________________________________ >>> TLS mailing list -- tls@ietf.org >>> To unsubscribe send an email to tls-leave@ietf.org >>> >>
- [TLS] Adoption Call for draft-davidben-tls-key-sh… Joseph Salowey
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… David Benjamin
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… David Benjamin
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Loganaden Velvindron
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Salz, Rich
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Roelof duToit
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Dennis Jackson
- Re: [TLS] [EXTERNAL] Re: Adoption Call for draft-… Andrei Popov
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Dmitry Belyavsky
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Stephen Farrell
- [TLS]Re: Adoption Call for draft-davidben-tls-key… Bas Westerbaan
- [TLS]HTTPS-RR and TLS David Benjamin
- [TLS]Re: HTTPS-RR and TLS David Benjamin
- [TLS]Re: HTTPS-RR and TLS Stephen Farrell
- [TLS]Re: Adoption Call for draft-davidben-tls-key… A A
- [TLS]Re: Adoption Call for draft-davidben-tls-key… David Benjamin
- [TLS]Re: HTTPS-RR and TLS Ilari Liusvaara
- [TLS]Re: HTTPS-RR and TLS Watson Ladd
- [TLS]Re: HTTPS-RR and TLS Ilari Liusvaara
- [TLS]Re: HTTPS-RR and TLS Stephen Farrell
- Re: [TLS] Adoption Call for draft-davidben-tls-ke… Yaakov Stein
- [TLS]Re: Adoption Call for draft-davidben-tls-key… Eric Rescorla
- [TLS]Re: Adoption Call for draft-davidben-tls-key… David Benjamin
- [TLS]Re: Adoption Call for draft-davidben-tls-key… Eric Rescorla
- [TLS]Re: Adoption Call for draft-davidben-tls-key… Joseph Salowey
- [TLS]Re: Adoption Call for draft-davidben-tls-key… David Benjamin