[TLS] Re: Extended Last Call: <draft-ietf-tls-keylogfile-04.txt> (The SSLKEYLOGFILE Format for TLS) to Informational RFC
Eric Rescorla <ekr@rtfm.com> Tue, 15 April 2025 17:27 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B30D61C644FC for <tls@mail2.ietf.org>; Tue, 15 Apr 2025 10:27:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D17ef1uvlaVH for <tls@mail2.ietf.org>; Tue, 15 Apr 2025 10:27:34 -0700 (PDT)
Received: from mail-yb1-xb31.google.com (mail-yb1-xb31.google.com [IPv6:2607:f8b0:4864:20::b31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B00011C644A9 for <tls@ietf.org>; Tue, 15 Apr 2025 10:27:34 -0700 (PDT)
Received: by mail-yb1-xb31.google.com with SMTP id 3f1490d57ef6-e6e50418da6so5512265276.3 for <tls@ietf.org>; Tue, 15 Apr 2025 10:27:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1744738054; x=1745342854; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3dI/NBneVtL5p0Aopw4yTSo5dKcNkt1ekxhSnfwGA7s=; b=tvNdmn+/jMQGLN7IJ5PRDh0aR6Fyzs0dXYDx5GP7tkZlEnnymFFVkzxzRil80j+Wv0 vGgFnG3djLql3l/qq4a4VUVAVE8a3QRNQS75kSBDfvu9BYMfM8kRG6prK+SNlQotl0Uv a44i5c9cREq1RajPO2o4QKjuV/1BeRbWhDTeXoLdOvy7dz+dARxSH0kdsSNQQm9fMi4/ hQ1fGP84ZN1Kj3NmtVzqo3Heev8NiaZindrLe0e972E/uE2tWT9KLx3BbgEhCHn7i31p iqcKwHj9JXiWyy/oRB/CasFZiySrdQ9jc345FqvksU83Y0gfsgl+vtmm9gjnihfuvtGN 86SA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744738054; x=1745342854; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3dI/NBneVtL5p0Aopw4yTSo5dKcNkt1ekxhSnfwGA7s=; b=rzGo8GK7fKTPFIFg++T7u1y6iAYiwvLeoKayfnMYZYbKCIN9DCcQz5zTo9ZjvHnaZJ ZH+j3dVS4Z+fjhRR2c326B74/LBzm2p+ZVVpywaMiM6fESwDA9ca/gawfvR94bFkJdLA m5i4uAIpx9uFCH1gt4l6mCchYFQ75Ys14JL+fGdj960LwHRv/dDYEQphxsyRR+zBb5b+ 62+es5UElAwfUwNGxoBFE3fnXc+e+NmIYxkTDkpwUuxLOMmZ3gU2TbIfYyTXOlHjSY01 Yefc7TTcOeYSZcZsZq6PPauDKsowKQer3Q/FxWV+HTM6u91gz+cMzuWGO9jMT1shI4TE WNyA==
X-Forwarded-Encrypted: i=1; AJvYcCV7lS3TO0lBKaXI9Jz6N59hbn+25/KDFXo0uiX5io670HynNAq70KCXtCAh9jMGZq/S50o=@ietf.org
X-Gm-Message-State: AOJu0YzHs7mV+dNQy4Weq0hwRZMyvUsfHqZrHfcxOrgAm0qk24Xf+Jca PEgIeQ1pBJJ1r9GQjXjJ2OuugzXXsN0JSSyvT8q53bxUQcoHzi+r/P9/1TwhHWrmCvt4IEGoyGE o00lnY9xPinl9alkBDcOmmWF2AYafUQLbqINwXUzJq+j+srMT
X-Gm-Gg: ASbGncteyCiKrm8mYETmZjgaq5bKNBCUwifX/DenwYM2fqXtJT4ARUD1yxrvmxS98hs RkfiF4ohtQMVji6UMmdMGI9tMRCjeUsc99eCwwmQnhn7hHMVIwdRvTUvl3vlYqi7Pye5fBHpw+m Gzj9/pkS8QUBKBnaGllSHCY6Sw
X-Google-Smtp-Source: AGHT+IG1/pga+MdXddEHCFyyvrgA7xfsLzfYtG+AfbAbSFcTbu0oCCfqi1xqvOa/CFMaRnIyDe0EdEx9s/3e1DWgHI4=
X-Received: by 2002:a05:6902:4907:b0:e6d:e693:4110 with SMTP id 3f1490d57ef6-e726e2c2ab5mr284108276.0.1744738054145; Tue, 15 Apr 2025 10:27:34 -0700 (PDT)
MIME-Version: 1.0
References: <174473408535.1280309.1037570843535690852@dt-datatracker-64c5c9b5f9-hz6qg> <CAPWOt+WH9-Np1ew1+LZM5V9AewcMb=fhuXHYvW5HUiGbn_r57A@mail.gmail.com>
In-Reply-To: <CAPWOt+WH9-Np1ew1+LZM5V9AewcMb=fhuXHYvW5HUiGbn_r57A@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 15 Apr 2025 10:26:58 -0700
X-Gm-Features: ATxdqUElYfVx31zqAulpx8i_oO1VjzNQUQ1byL6WKMA09ZuA2Yvmh-s246b40Mo
Message-ID: <CABcZeBO+Dd3fiFWAo0ysAcz_yO0bCX9_LhT20FP6hfwh+wvWfA@mail.gmail.com>
To: Sajeev S <sajualways@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000f1aa870632d47b17"
Message-ID-Hash: 6EFCIT3PXU4UP7OMS4QVCH3N3XWSKGLK
X-Message-ID-Hash: 6EFCIT3PXU4UP7OMS4QVCH3N3XWSKGLK
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: last-call@ietf.org, IETF-Announce <ietf-announce@ietf.org>, draft-ietf-tls-keylogfile@ietf.org, paul.wouters@aiven.io, tls-chairs@ietf.org, tls@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Extended Last Call: <draft-ietf-tls-keylogfile-04.txt> (The SSLKEYLOGFILE Format for TLS) to Informational RFC
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_PsA36THwOC2Gf6hm9TqHIlgQQ4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
SSLKEYLOGFILE doesn't contain any of the asymmetric keys, but just the computed symmetric keys. However, because ML-KEM acts like ECDHE as far as TLS 1.3 is concerned, connections protected with ML-KEM or hybrid will also be decryptable via SSLKEYLOGFILE. -Ekr -Ekr On Tue, Apr 15, 2025 at 10:00 AM Sajeev S <sajualways@gmail.com> wrote: > Hi All, > > What about new PQC algorithms ML-KEM decryption keys ? > > Regards, > Sajeev > > On Tue, Apr 15, 2025 at 9:51 PM The IESG <iesg-secretary@ietf.org> wrote: > >> >> The IESG has received a request from the Transport Layer Security WG >> (tls) to >> consider the following document: - 'The SSLKEYLOGFILE Format for TLS' >> <draft-ietf-tls-keylogfile-04.txt> as Informational RFC >> >> The IESG plans to make a decision in the next few weeks, and solicits >> final >> comments on this action. Please send substantive comments to the >> last-call@ietf.org mailing lists by 2025-05-07. Exceptionally, comments >> may >> be sent to iesg@ietf.org instead. In either case, please retain the >> beginning >> of the Subject line to allow automated sorting. >> >> Abstract >> >> >> A format that supports the logging information about the secrets used >> in a TLS connection is described. Recording secrets to a file in >> SSLKEYLOGFILE format allows diagnostic and logging tools that use >> this file to decrypt messages exchanged by TLS endpoints. >> >> >> >> >> The file can be obtained via >> https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/ >> >> >> >> No IPR declarations have been submitted directly on this I-D. >> >> >> >> >> >> _______________________________________________ >> TLS mailing list -- tls@ietf.org >> To unsubscribe send an email to tls-leave@ietf.org >> > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-leave@ietf.org >