[TLS] Re: Adoption call for TLS 1.2 Update for Long-term Support

Sean Turner <sean@sn3rd.com> Mon, 02 December 2024 21:05 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ADF4C16941B for <tls@ietfa.amsl.com>; Mon, 2 Dec 2024 13:05:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aadft16FCR9h for <tls@ietfa.amsl.com>; Mon, 2 Dec 2024 13:04:57 -0800 (PST)
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07C5AC16940C for <tls@ietf.org>; Mon, 2 Dec 2024 13:04:56 -0800 (PST)
Received: by mail-qk1-x730.google.com with SMTP id af79cd13be357-7b66a740de4so337459885a.3 for <tls@ietf.org>; Mon, 02 Dec 2024 13:04:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1733173495; x=1733778295; darn=ietf.org; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=iLBU+QpFDY+IQA8ls2sbmghAzqbM/KrjJ+rVgNBSqZ0=; b=M9QyQjWjOvz7MaYXCJwe5KqLs6icKBOJA4wBdS6khKI9h1JiGnjtS9YeF9eF6i5nsV PjsJEflVOLNgE189/cZu5clpXDmqRpo38vtnIhPrF+AioC313BgaRQ/MOdzFN9eoVo2X hefcntcY+mf8CnVis5Q+3eA+jqbKIRP7gKd98=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733173495; x=1733778295; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iLBU+QpFDY+IQA8ls2sbmghAzqbM/KrjJ+rVgNBSqZ0=; b=bVJQVmrGMKc8j7P8BNbP3FaLPS8nLfqcy4JdzXcp+5EH8yCU6iX+1ckmj1dp675nph MdBUUI+k5wLIQEeLQqZm4avcbNXXKs/lAj1/APLPz//baCYUgT4UC8RVaqmYafqFvKxr /jTyB5YabsYdbjDdwAOfzZlxm6j6QkBLERaj6RBj9H7XU9pCz34ghupNGiBN0/+wkKtl lO8DpIWkanvFKpdK8BowG1vzXKvbfHD9zZ1kW3R/bAhYPtxH6BxHndSqAKRvj2a74g4V CjpJtoEyLUN1WBzf2UabCZSESgiPRPWtONSHuDRmvc5g4wcF0KxLaBt0driEEebhUaUS qhNw==
X-Gm-Message-State: AOJu0YyLmGbG3gtVxJu3RhhXetgYuThXBO9GVs+QOuh1hgfvxeNT/xbV 2idIbGZHVS1x744C2CCmWx0N2ZbRc/C6x6D5DecgeupqHGZn66JfGN5V+1vz12WvEE/Sg0OUXqm NVxM=
X-Gm-Gg: ASbGncsevSr3Dsct9MvHP9AG5XywP5kjMTFr6zKuDiLLb7uhy2JYAQS4m+rgKi6JEjB IOu4F8XSDqk6TJjzWmW++xZjFaYwYQB6gRWtDmprMxARpCC6uThQXre4DvvxSOV8fv6HYmdDf27 Z+FRil30AYgumcsmeeUZph9Z7JTCNwXS8w5UzXgdqy/XqXzVhPAcLe3/mujJEdIMYetUUhlc58u qVVAb/BiseH0C59TucmJhE8cw1PNW/mqJB6auLUPY3jWnm106Qzd8e/ZQwmJxQTMvlfXg==
X-Google-Smtp-Source: AGHT+IG/cstRyRSRp2VZO3uy1HihBnLGMFyQtWGXJNNwpQ3J3oZB5wmMLR/WU0ika4JlWrn4LMv7NA==
X-Received: by 2002:a05:620a:6508:b0:7b1:516c:8601 with SMTP id af79cd13be357-7b67c286d81mr4182105385a.20.1733173495052; Mon, 02 Dec 2024 13:04:55 -0800 (PST)
Received: from smtpclient.apple ([2600:4040:252a:8d00:950f:9e1f:530:9eab]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7b684d10f73sm443239385a.2.2024.12.02.13.04.53 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Dec 2024 13:04:54 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Date: Mon, 02 Dec 2024 16:04:53 -0500
References: <278163DF-0CB8-472F-84CB-0B8236FEC7C1@sn3rd.com>
To: TLS List <tls@ietf.org>
In-Reply-To: <278163DF-0CB8-472F-84CB-0B8236FEC7C1@sn3rd.com>
Message-Id: <3A1CBDF0-5C80-419A-8D25-A8CBA9010635@sn3rd.com>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Message-ID-Hash: PPS4GTOWI3P4JL2UYQLKPVAIJJIIEJDE
X-Message-ID-Hash: PPS4GTOWI3P4JL2UYQLKPVAIJJIIEJDE
X-MailFrom: sean@sn3rd.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Adoption call for TLS 1.2 Update for Long-term Support
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_U8-rGKfHh6oGPavjmbbibXpXXw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

This chairs discussed this and we agree that there does not appear that we have consensus to adopt the TLS 1.2 Update for Long-term Support I-D.

The chairs would like to note that the WGLC for TLS 1.2 is in Feature Freeze (draft-ietf-tls-tls12-frozen) is about to happen shortly. We do not believe that progressing TLS 1.2 is in Feature Freeze should affect efforts by Peter, if he so chooses, to publish TLS 1.2 Update for Long-term Support I-D either by AD sponsor or through the ISE; we will note that the code point is already assigned (and has been for years).

spt

> On Nov 5, 2024, at 11:25, Sean Turner <sean@sn3rd.com> wrote:
> 
> REQUEST: Let’s not rehash all the context.  It is provided for those who might not remember or those that were not around for the duration.
> 
> CONTEXT: Way back in 2016 after the WG had embarked on developing TLS 1.3, Peter Gutmann suggested that another way to “fix” TLS was to specify a version of TLS that indicates a “known-good config drawn from the maybe 10 extension-RFCs”; see [0].  Peter submitted his “TLS 1.2 Update for Long-term Support”; see [1]. There was some list discussion; see [2]. Peter asked us about adopting the I-D; see [3]. He made changes based on that feedback; see [4]. At IETF 98, the WG discussed adopting this I-D and the sense of the room was to not adopt the I-D; see [5]. Progress on this document was paused while the WG worked on TLS 1.3. Once RFC 8447 was published, a code point was assigned for the “tls-lts” extensions; see [6] and [7]. Now that we are looking to publish Feature Freeze for TLS 1.2 [8][9] we want to make sure that the working group sentiment has not changed over time so we are running an adoption call for TLS-LTS. 
> 
> MESSAGE: This message is to judge consensus on whether there is support to adopt TLS 1.2 Update for Long-term Support; see [1].  If you support adoption and are willing to review and contribute text, please send a message to the list.  If you do not support adoption of this draft, please send a message to the list and indicate why.  This call will close on November X, 2024. 
> 
> Thanks,
> spt
> 
> [0] https://mailarchive.ietf.org/arch/msg/tls/Lr7VwcPCjzDJelUTRTIUJf_8-ww/ 
> [1] https://datatracker.ietf.org/doc/draft-gutmann-tls-lts/ 
> [2] https://mailarchive.ietf.org/arch/msg/tls/r4w75rooy-r8Ky-xXAUoslYTL_U/ 
> [3] https://mailarchive.ietf.org/arch/msg/tls/6tBftKBmxYz_wUcq79_zH8yDTQk/ 
> [4] https://mailarchive.ietf.org/arch/msg/tls/aw9BOS4HJ9uum0snEZqSuKA4BYw/
> [5] https://datatracker.ietf.org/meeting/98/materials/minutes-98-tls-00 
> [6] https://mailarchive.ietf.org/arch/msg/tls-reg-review/bP84S3tHSG9gAmc45CLTjpiA0z8/
> [7] https://mailarchive.ietf.org/arch/msg/tls/xmhnVQTckDmUkoxhx4wx1bfpYXM/ 
>   Thanks to Peter because he helped us iron out the
>   wrinkles in the tls-reg-review process.
> [8] https://datatracker.ietf.org/doc/draft-ietf-tls-tls12-frozen/ 
> [9] https://mailarchive.ietf.org/arch/msg/tls/f62yvLL_4mDEsRzAY46L4QLjakU/