Re: [TLS] TLS@IETF101 Agenda Posted

nalini elkins <> Thu, 15 March 2018 00:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5F1BB129C6B for <>; Wed, 14 Mar 2018 17:05:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8P_KdK_1IYlD for <>; Wed, 14 Mar 2018 17:05:54 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4001:c0b::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id DF111129C56 for <>; Wed, 14 Mar 2018 17:05:53 -0700 (PDT)
Received: by with SMTP id z7-v6so5118275iti.1 for <>; Wed, 14 Mar 2018 17:05:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=AdxnXeqKcAWmrzk8eLHxgPkybQONteimNR9OtbfDb2c=; b=CzGZ+NMtaoZpLAGfYA0l/y4Ddx3rugormFPBjRyn1GnQj1p5uLkkVvDM3tlISSZTQH 9fHZ81JdLjc7nxPsgVP6Z2OggkmkWAZlmQQ1MvLth7w/Wfw5en3+1pDTx6ov3mUP3uLY DbiNKY8PdhG5uHUr3rseICM0Scz1ztoAElD67PFBYOCayG3bvgCJ64YKHDp1h5WvHe5m 8rXQf3GC4JOIZcTOC1YX6jZn1TjUJ8xAX8VJb3a8iI948ZyUv/t88DGp77xCKFgzf9Yi ghq+UlBFo5AUxktdvHchr3Cf+Coxx3Y/afg8pjMQPVSq6r3Dhciow9YVCVYEVxy2FS7m dVHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=AdxnXeqKcAWmrzk8eLHxgPkybQONteimNR9OtbfDb2c=; b=mCXtAaOnLA55CLmuNhovwf/FuMST1eam3R28LyDf9hLM08KL5cMeOHoMsQcdtZSqar Wl6T6WqYwkDfSZnUO7xaavB/Z4zFlWFEsfzNlACrqYg9V/tAkAidzi3mgfXJDgXoy5k0 2nRIQzHZgV/A96IN+BPHukoN8scP3g/8ra1ClNjZhjlVJGP0bhIdCAZiOq4r6QI1vLDq hmiDLhLzHkiobw6yMyGJguyzvhHjsHNE5tdJeo+W11iqWoVjN2e39wHtAkOZK0gWc1d8 6DfZ+jVjdIO3MyOM4hhXK5LdWoMUfYL9pbFs0gM3xNtqE+rNmb+EGQt4oW53pay52aYO SV5A==
X-Gm-Message-State: AElRT7HEMkg5/MDcIeI5ANxsJrNQhTcAvdhN3P9HnShfOMD3rc9AYDgb yP4QUCzHFzQc3F/5R8uOcvrndsYfWHWHB3tlOMGGgw==
X-Google-Smtp-Source: AG47ELviVRvyDlRiOSbb6p1NBjpHO0WdPd27s4/duTDngbznnX1L07p3V1eZYqYCir/dViK8je6peHiHII1wBzQUqHE=
X-Received: by with SMTP id l66mr3998796ite.19.1521072353227; Wed, 14 Mar 2018 17:05:53 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Wed, 14 Mar 2018 17:05:52 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: nalini elkins <>
Date: Wed, 14 Mar 2018 17:05:52 -0700
Message-ID: <>
To: Stephen Farrell <>
Cc: Artyom Gavrichenkov <>, "<>" <>, Benjamin Kaduk <>
Content-Type: multipart/alternative; boundary="94eb2c1148b64ac7d905676841c8"
Archived-At: <>
Subject: Re: [TLS] TLS@IETF101 Agenda Posted
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 15 Mar 2018 00:05:56 -0000


More on other points later. I am getting pretty tired as am jet lagged.

>I am just fine with talking openly on the mailing list, as
>per IETF processes. I see no benefit in smokey back room
>discussions here at all, and only downsides to such.

You know, this issue of side or quiet conversations keeps coming up.   Let
me try to clarify what I feel is a misunderstanding.

In other WGs, we talk to each other sometimes in small groups, sometimes
one to one to try to clarify things.  The result ends up in the draft or
the public email list, as appropriate.

There is no question of a smokey back room.

I remember a while back when I had a lengthy disagreement with someone
which kept not getting resolved, someone (actually, Al Morton - dear sweet
guy!) took me by the scruff of the neck and made the two of us sit down
together with him.  In half an hour, we resolved the point and were able to
continue with the draft.  If we had kept throwing things at each other, as
it is easy to do via email, who knows how long the conflict would have
lasted.  I learned a valuable lesson that day.

So, I am not trying to subvert the process as some seem to imply.   Talking
to each other f2f actually seems to me to be one of the points of
journeying quite so far and spending so much money to come to an IETF
meeting.  (Having said that, the "journeying so far part" or plane trip is
catching up with me!   More tomorrow.)


On Wed, Mar 14, 2018 at 4:49 PM, Stephen Farrell <>

> On 14/03/18 23:32, nalini elkins wrote:
> > But, it is a very difficult issue.   If I can use a different analogy, if
> > the City of Monterey built a new sewer system and told me that to connect
> > to it, I had to build a new house, I would scream!
> Analogies cannot be used to draw conclusions, merely to illustrate.
> That analogy doesn't help illustrate anything for me fwiw.
> > TLS is used in many, many places.  The Internet is critical to the
> > businesses of the world.
> Yes. Both fine reasons to not mess about with, weaken or
> try break the TLS protocol.
> BTW - while you and others may constantly over-claim and
> say your consortium represents "enterprises," I assume you
> do not claim to represent all "business." ;-)
> >  You can't just say use something other than
> > TLS.
> Yes. I can. Kerberos and IPsec are used within many enterprise
> networks. TLS is not the only tool in the toolbox.
> If your consortium want a multi-party security protocol that
> does not affect other folks' security as you seem to claim,
> then that is the obvious route to explore. And that protocol
> needs to be non-interoperable with TLS (maybe even non-confusable
> in some stronger sense) IMO in order to avoid the risks that
> breaking TLS would result in us all taking.
> > Or don't use the Internet.  It's not so easy.
> I never said that. Why invent something like that?
> > I wish we could actually talk to each other quietly and reasonably.  This
> > is a very, very difficult problem.
> I am just fine with talking openly on the mailing list, as
> per IETF processes. I see no benefit in smokey back room
> discussions here at all, and only downsides to such.
> S.

Nalini Elkins
Enterprise Data Center Operators