IETF Logo Mail Archive

[TLS] TLS Cached Info Status

"Hannes Tschofenig" <Hannes.Tschofenig@gmx.net> Tue, 14 May 2013 11:18 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D24A21F8DD5 for <tls@ietfa.amsl.com>; Tue, 14 May 2013 04:18:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.676
X-Spam-Level:
X-Spam-Status: No, score=-100.676 tagged_above=-999 required=5 tests=[AWL=0.465, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jTo7oGf8+fnO for <tls@ietfa.amsl.com>; Tue, 14 May 2013 04:18:10 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ietfa.amsl.com (Postfix) with ESMTP id F17B421F8FDB for <tls@ietf.org>; Tue, 14 May 2013 04:18:06 -0700 (PDT)
Received: from 3capp-gmx-bs48.server.lan ([172.19.170.101]) by mrigmx.server.lan (mrigmx001) with ESMTP (Nemesis) id 0Llby5-1U3yUE3jWh-00bHEH for <tls@ietf.org>; Tue, 14 May 2013 13:18:05 +0200
Received: from [194.251.119.198] by 3capp-gmx-bs48.server.lan with HTTP; Tue May 14 13:18:05 CEST 2013
MIME-Version: 1.0
Message-ID: <trinity-fa871610-7909-4057-89c1-4fb67302e61a-1368530285754@3capp-gmx-bs48>
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: text/html; charset="UTF-8"
Date: Tue, 14 May 2013 13:18:05 +0200
Importance: normal
Sensitivity: Normal
X-Priority: 3
X-Provags-ID: V03:K0:MbUcUI09+IhvjOJLTEE+4qYD0PEtrmerlioHyoTraGP JWzpDhN88WfmlxYptfbunoqgmEpPHs/GC5YgkzERd38L2Ga/vU zV9rWs4PtgPP2mjxwnT4ibWoDzimjbOEyBkunDfA4E5zdLPRGf dAz4dJyFd0ctB9R2EzYk7T006UYOLwIVfYXuLKhquOd/X/1fpl iFxJNlhTzxxdM5r/EdSzgFj/R4gnFHIngX8KOeEOQ9qwS/A0ne rkJxHjpne+rocKZuk+VjHGvXnvrVpBmfAlJi31dyI1FxbiRgIr tlJmio=
Subject: [TLS] TLS Cached Info Status
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2013 11:18:15 -0000

Hi all, 
 
I thought it would be a good idea to let the group know what the status of the TLS Cached Info draft is (since Rob just asked me a few minutes ago). 
 
You may recall that we had a discussion about the ability to not only cache a single OCSP response (as defined with RFC 6066) but also OCSP responses of intermediate CA certs, which is functionality http://datatracker.ietf.org/doc/draft-ietf-tls-multiple-cert-status-extension/" rel="nofollow">http://datatracker.ietf.org/doc/draft-ietf-tls-multiple-cert-status-extension/ provides. Rob raised this issue in his review, see http://www.ietf.org/mail-archive/web/tls/current/msg09352.html" rel="nofollow">http://www.ietf.org/mail-archive/web/tls/current/msg09352.html
 
To me it sounds reasonable to add the requested functionality and the pros & cons had been discussed on the list. 
 
When I met Ekr at the recent NIST workshop we briefly spoke about the TLS Cached Info document and how to progress it. He came up with the idea to use the Firefox telemetry feature to gather some data so that we can estimage the cache hit/miss ratio. With data we would obviously be in a much better position to make an informed decision. 
 
I hope that we get that data soon. If we cannot get it then we have to switch to plan B. 
 
Ciao
Hannes
 
 

v2.23.0 | Report a Bug | By Email