Re: [TLS] Publication of draft-rhrd-tls-tls13-visibility-00

Christian Huitema <huitema@huitema.net> Thu, 19 October 2017 22:37 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34216132F69 for <tls@ietfa.amsl.com>; Thu, 19 Oct 2017 15:37:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.401
X-Spam-Level:
X-Spam-Status: No, score=-5.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fEHBuHHlAzPL for <tls@ietfa.amsl.com>; Thu, 19 Oct 2017 15:37:56 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9306132355 for <tls@ietf.org>; Thu, 19 Oct 2017 15:37:56 -0700 (PDT)
Received: from xsmtp24.mail2web.com ([168.144.250.190] helo=xsmtp04.mail2web.com) by mx1.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1e5JRp-0000G5-J4 for tls@ietf.org; Fri, 20 Oct 2017 00:37:54 +0200
Received: from [10.5.2.13] (helo=xmail03.myhosting.com) by xsmtp04.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1e5JRm-0007rt-S0 for tls@ietf.org; Thu, 19 Oct 2017 18:37:51 -0400
Received: (qmail 3476 invoked from network); 19 Oct 2017 22:37:23 -0000
Received: from unknown (HELO [192.168.1.103]) (Authenticated-user:_huitema@huitema.net@[172.56.42.162]) (envelope-sender <huitema@huitema.net>) by xmail03.myhosting.com (qmail-ldap-1.03) with ESMTPA for <tls@ietf.org>; 19 Oct 2017 22:37:23 -0000
To: Darin Pettis <dpp.edco@gmail.com>, Paul Turner <PAUL.TURNER@venafi.com>, "Salz, Rich" <rsalz@akamai.com>, "tls@ietf.org" <tls@ietf.org>
References: <7E6C8F1F-D341-456B-9A48-79FA7FEC0BC1@gmail.com> <a599d6ad-54db-e525-17d6-6ea882880021@akamai.com> <71e75d23f4544735a9731c4ec3dc7048@venafi.com> <3D2E3E26-B2B9-4B04-9704-0BBEE2E2A8F7@akamai.com> <000501d348e5$1f273450$5d759cf0$@equio.com> <70837127-37AB-4132-9535-4A0EB072BA41@akamai.com> <e8417cc424fe4bf3b240416dfffd807a@venafi.com> <B11A4F30-2F87-4310-A2F0-397582E78E1D@akamai.com> <fd12a8a8c29e4c7f9e9192e1a1d972d6@venafi.com> <D2CAAA44-339E-4B41-BCE0-865C76B50E2F@akamai.com> <d76828f02fc34287a961eba21901247b@venafi.com> <56687FEC-508F-4457-83CC-7C379387240D@akamai.com> <c1c0d010293c449481f8751c3b85d6ae@venafi.com> <4167392E-07FB-46D5-9FBC-4773881BFD2C@akamai.com> <3d5a0c1aab3e4ceb85ff631f8365618f@venafi.com> <E84889BB-08B3-4A3A-AE3A-687874B16440@akamai.com> <CAPBBiVQvtQbD4j3ofpCmG63MEyRWF15VL90NOTjeNqUOiyo6xg@mail.gmail.com>
From: Christian Huitema <huitema@huitema.net>
Message-ID: <7ed40a30-196f-d280-59a5-814a5ea4676e@huitema.net>
Date: Thu, 19 Oct 2017 15:37:19 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CAPBBiVQvtQbD4j3ofpCmG63MEyRWF15VL90NOTjeNqUOiyo6xg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Originating-IP: 168.144.250.190
X-SpamExperts-Domain: xsmtpout.mail2web.com
X-SpamExperts-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-SpamExperts-Outgoing-Class: unsure
X-SpamExperts-Outgoing-Evidence: Combined (0.33)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5rLsKwGac6/FNS+KtrtQHdkXv9krsgRhBn0ayn6qsUc7RO6saVKtiei5 uUZjs8uJrOfHzJ6mVE7ewsipSVIfs4ZMcQwIvNF9SiIUaOZIhBBxLB67TLnlh9i6Dr2tTQ7u+uL8 X9+LB/dn5OT5EkgkGCohEWyJzIkwSFAW0Pw8uiKe2NqE3QwrymzzH8LWqGR1m7I2v6y+lYBzzWMa L0utsL7rCEQHM1+f3IUKUB9wWYovzx6vjqN+txcrZT5UQnqhoJ5wbg2Zp4DEfSsPKFbX0jWPj+FO ubXhT3IXOeSutdn/GgSV6Ni8cJcVFhcEOifEfOMrNv4muc5NuXwVinsIhaOgGU9UYQoAp/lNIqn2 okjxMFhQHK3JmZta3vargAm/1F2Qrqc5dpeAqckdrLFU+rptrXEpYYIuwf4B2A6gOnpwQp8yzyqN Ah52fPHg5t2q2BqZR3KVQgqF/fPYYAfEfsgGn8xxA/cQHZ75h70fe1rxVWnoUFT0/jbbUc8lhTC+ 5gthGLX+Mh4z5LJgrhCgWoz+T9qKOv0z7nCHc/5d+MbcfJlbZZh01urflxdd2g4lVOY9YUFS+gfc BkEmyHl54sn3Y80OmAux3oN13+ztUznecq8lqz6CZtC5A+RtDANVNbrGhxr0ZQNhHrBZkFm8VpZG JoR9vVlRQtWdOm/uebtwKdtfHlXpAwYSpgNf0YJ1jVFfEoXm0/FPF8PR0w363lm8+fahbqhPQ5lN 0y21zh9T32tqm2wGhHAo712k9GZBAu8VjNzz0BoRxXlr+NDM3A9YO8GG407i2mdz3zQGDuet3jR5 NeVaJQBh0uawl0Cg8rdbWpE2ux+VrvYecZwKGQXQngcHaWeBIrVwdQfI6RxMYKPh1lHgUEF4t8hJ zRZ/yYkd2x35zAiBFPp64JaIysAhPltDTcKNRvi2K+1UJ6NK
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Vxfi68AIsunyDTeCuKzm8ngwdOo>
Subject: Re: [TLS] Publication of draft-rhrd-tls-tls13-visibility-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Oct 2017 22:37:58 -0000

On 10/19/2017 3:30 PM, Darin Pettis wrote:

> The amount of people currently voicing concern is likely small for two
> reasons.  One is that everything is public and many of the "lurkers"
> are hesitant to voice their concerns.  The second reason is that so
> many don't know that visibility will be an issue.  They will either
> discover this as they migrate to TLS 1.3 or as they start to encrypt
> within their data center.  There is work to rapidly raise that
> awareness through roundtables, conferences and other venues.

Might it be because many of these enterprises and data centers do not in
fact see encryption as a problem? Maybe they have found ways to manage
their applications and servers without breaking TLS...

-- 
Christian Huitema