IETF Logo Mail Archive

[TLS] Re: [IANA #1419884] expert review for draft-ietf-tls-dtls-rrc (tls-extensiontype-values)

Eric Rescorla <ekr@rtfm.com> Thu, 29 May 2025 17:12 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 9B95D2E644B9 for <tls@mail2.ietf.org>; Thu, 29 May 2025 10:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QlP5PtAYT9zN for <tls@mail2.ietf.org>; Thu, 29 May 2025 10:12:20 -0700 (PDT)
Received: from mail-yw1-x1134.google.com (mail-yw1-x1134.google.com [IPv6:2607:f8b0:4864:20::1134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id DA7D22E644A8 for <tls@ietf.org>; Thu, 29 May 2025 10:12:20 -0700 (PDT)
Received: by mail-yw1-x1134.google.com with SMTP id 00721157ae682-70e3e0415a7so11718377b3.0 for <tls@ietf.org>; Thu, 29 May 2025 10:12:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1748538740; x=1749143540; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=A6boIoNj2w0bObcpYpU0rNMCNoHwmJRz4R+jnPaTFuE=; b=VZG4SkD+DKgDfDYklZH/P5GwOROKdzPwfbWHdEJo6KoiPl/X4aVi8Pg8XppqoBGtGS Z2LGBQeacSjFvUxSIxJCcIzUhChGX0SixHRT8pLb+HyHL0YwHL2lTcu0pN6G8qZBbT1g WHQOr2Ld8AnGwzc/fRO7w8gRPvvIhkbjOrg1rAp1qWQNuWiJErXMtdvupxqQifM/Dfgn RkSLXcFInFgBWU+mWSuCWLnVKyKJUD2iUE2FCqHixYUThfRSKr+nkI855HbkB3EeGp7C sNeMV4flCK5WroZY9VWpmvq+PvgeaCay0+N5+5vBGUhvRK3mH03S5FZk9xNfSgWvAzrC loAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748538740; x=1749143540; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=A6boIoNj2w0bObcpYpU0rNMCNoHwmJRz4R+jnPaTFuE=; b=UCoiFbi83eoKZGjAl6Rr/84rG/TF412pCEwyj1/ZLvgxoZdk8BL6fd6aEtTY0plgXV BBv0+XcU7yEfbPMHHanFA22YO9xLlyd/JOHYGgBTTwuB71HG29D9IHsCv1bg1FtUS6yC G4Ao2i0PfhFc4fO9y2vZ10Gd9pi6d/X6D0bFg+VjjNc7ShkPRmWBgiKB7/6oH97ii3vB wk+vniusr/3eszZ6cX6njigPVt71zAITwmQY4OCfFYdfEvwW1qOOx3EilHBzGaLfe7+i dhTdSFhJRiQBrsklSwGqGo6uImH461YLwHbF1k+TUtqr8oqHdR0kNQcHsa0wiEVBQ/qH 58hw==
X-Forwarded-Encrypted: i=1; AJvYcCUjYxPKWS8ZGNrXt5WfiAgMx36PpP+F2V18h/oBngllktVEZTqOJspBc6bCjMxnijpqipo=@ietf.org
X-Gm-Message-State: AOJu0YyIudKujKw5lguRGtJoSxuY5SoppLCbByzNTugEniT4p6rBlpbS T4d7NT94YJSwdF8UUFC9Q8Yt15iiReAskaA1bOfz0HlIKMlZ46PGwasMDX0fMIoEy5bXYz5t9F+ FbOWw/8px5oaDtBPN338XfFyAegzxB9rHzGUcd9d33A==
X-Gm-Gg: ASbGnctDmJrDQ7ZWzWC1wDiePxQ0gZR+69GaF2dbgKJPQ0bqSuyB0tsu/lVscuyZypk YucyB5Z5NhVZdQvTE7S7S1if3ETiYcq12UXeKvAaSbLvsMvcAdikVsT0gkbG6s+6J+zgkZ4J7MX e37XbU5S/mXth8cyNrzL70PGvuXu7rZrTdmVM=
X-Google-Smtp-Source: AGHT+IFomeURVQZkl8OjpLdARZBI0qgacQQMNaKY9HDf1LXLQhWmJDibAZ8jOudIAnobZ90f81ECid5MPrWkwo0V8UQ=
X-Received: by 2002:a05:690c:d:b0:70c:ceba:16 with SMTP id 00721157ae682-70f87858334mr65926927b3.17.1748538740114; Thu, 29 May 2025 10:12:20 -0700 (PDT)
MIME-Version: 1.0
References: <RT-Ticket-1419884@icann.org> <rt-5.0.3-771993-1748389585-210.1419884-9-0@icann.org> <rt-5.0.3-776217-1748394957-1627.1419884-9-0@icann.org> <IA1PR17MB642175ACD5AEA66CB57271DBCD67A@IA1PR17MB6421.namprd17.prod.outlook.com> <m6b3v4ogzomyvplgn7fj6aa33ecj7qwhbr3ixqfexdjhaoumkk@pt5ktqrjmqx3> <v52rp7vxxkjaymwb6mzgh274mvplsm5ouasfjuqeycblmaihs7@si3lsihcjkxy> <gavxagncdjhcxcl56u4kvyjbjcqzdapy2nabyq2b5xbk3cee7v@tnramx3zqpkk> <IA1PR17MB6421A0CB65C558C527761025CD66A@IA1PR17MB6421.namprd17.prod.outlook.com>
In-Reply-To: <IA1PR17MB6421A0CB65C558C527761025CD66A@IA1PR17MB6421.namprd17.prod.outlook.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 29 May 2025 10:11:43 -0700
X-Gm-Features: AX0GCFtrY65mwWOW3zr825crIRIxdt3PMzEJ3yrHrQ64jRzo3d3zCjcizAutet0
Message-ID: <CABcZeBPjurrxDn-VF0ZgwnAe=MnjXDOaRxjtxq8BLPKDCrcLKw@mail.gmail.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007b234f06364966c0"
Message-ID-Hash: DAG5BC7TNTLZO3J3M22Q7JXFVT5TQRKB
X-Message-ID-Hash: DAG5BC7TNTLZO3J3M22Q7JXFVT5TQRKB
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "drafts-expert-review-comment@iana.org" <drafts-expert-review-comment@iana.org>, "tls@ietf.org" <tls@ietf.org>, "nicholas.sullivan+ietf@gmail.com" <nicholas.sullivan+ietf@gmail.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [IANA #1419884] expert review for draft-ietf-tls-dtls-rrc (tls-extensiontype-values)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ZSIN3eR8AYlOaoHf-f9tTufNHGg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Thu, May 29, 2025 at 8:16 AM Salz, Rich <rsalz=
40akamai.com@dmarc.ietf.org> wrote:

> The downside of Standards Action is that it makes experimentation much
> more difficult. (Yes, you could address that by setting aside a range for
> experimentation.) But is the concern really all that great? In order for it
> to materially affect the operation of the Internet, multiple parties would
> have to implement and enable it.
>
>
>
> What is the real concern about someone defining a whole new sub-protocol
> for DTLS?  My view is “so what” If it works, and it’s better (by some
> metric(s)), great. If it fails, it’s only a subset of users of one
> implementation that will feel the affects, until it’s disabled.
>
>
>
> Note that expert review requires an available specification, and all other
> TLS registries are expert review. Is this one really all that special?
> Perhaps it’s worth having an explicit consensus call around this issue, as
> opposed to a change made in response to a WGLC review.
>

I agree with Thomas that adding new mechanisms to RRC without careful
review is probably a bad idea, but I concur with Rich that the right way to
enforce this is not with restricting access to the code point space. Let's
do what we've done elsewhere and mark these RECOMMEND=N

-Ekr


> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>

v2.35.0 | Report a Bug | By Email | System Status