[TLS] Re: Mohamed Boucadair's Discuss on draft-ietf-tls-tls13-pkcs1-06: (with DISCUSS and COMMENT)
mohamed.boucadair@orange.com Thu, 20 November 2025 18:42 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 639738D6A5DA; Thu, 20 Nov 2025 10:42:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.793
X-Spam-Level:
X-Spam-Status: No, score=-2.793 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cIDv8TZPyHxQ; Thu, 20 Nov 2025 10:42:10 -0800 (PST)
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.126.239]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id BA9328D6A5CA; Thu, 20 Nov 2025 10:42:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; i=@orange.com; q=dns/txt; s=orange002; t=1763664130; x=1795200130; h=to:cc:subject:date:message-id:references:in-reply-to: mime-version:from; bh=rv7NJcqk57WOxsucQkFpVzmvGvVAq14xA7RYuN4bUbc=; b=iHa2bI3tt8VABX9vdEooS7xVYo7jqtejMFbYzawPaMh4nMzuoejyPLFZ 21vOYMdm8XljS4F/n+VcNrSKyDMtKI6yvy63z44cKr8devDtSWNwjF9W3 0qUVSpoUKYG34qNIZLiBoMMUy6lfWDMq+dEnN7+UGvH96dBL0tVvOaygt ZdyjuhKzd7TksFHD7lSBzesKMMTEEGt0wKRMsCFLYxlMgqj4eDoiVH1Gf issvYKTCEum/PZN45RPQAh/70mORQVivnUUjUXm6Inb84pRo4GHAsbhU6 9jsU1Rd8u3NXeZzWvEm/VlUy02zlT3MbkX7j7h0nPJ1ygH2HmVrJLYzQo w==;
X-CSE-ConnectionGUID: llRg8RNiTSm9Rh+5t0zeMw==
X-CSE-MsgGUID: erg2MxVDSwmEqEbzBUbpEQ==
Received: from unknown (HELO opfedv3rlp0h.nor.fr.ftgroup) ([x.x.x.x]) by smtp-out.orange.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 20 Nov 2025 19:42:09 +0100
Received: from unknown (HELO opzinddimail2.si.francetelecom.fr) ([x.x.x.x]) by opfedv3rlp0h.nor.fr.ftgroup with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 20 Nov 2025 19:42:09 +0100
Received: from opzinddimail2.si.francetelecom.fr (unknown [127.0.0.1]) by DDEI (Postfix) with SMTP id C07C3D861156; Thu, 20 Nov 2025 19:42:08 +0100 (CET)
Received: from opzinddimail2.si.francetelecom.fr (unknown [127.0.0.1]) by DDEI (Postfix) with ESMTP id 1AA3FD86131D; Thu, 20 Nov 2025 19:41:43 +0100 (CET)
Received: from smtp-out365.orange.com (unknown [x.x.x.x]) by opzinddimail2.si.francetelecom.fr (Postfix) with ESMTPS; Thu, 20 Nov 2025 19:41:43 +0100 (CET)
Received: from mail-francecentralazlp17012048.outbound.protection.outlook.com (HELO PR0P264CU014.outbound.protection.outlook.com) ([40.93.76.48]) by smtp-out365.orange.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 20 Nov 2025 19:41:43 +0100
Received: from MR1P264MB2882.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:37::5) by PR0P264MB2358.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:1e1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9343.10; Thu, 20 Nov 2025 18:41:41 +0000
Received: from MR1P264MB2882.FRAP264.PROD.OUTLOOK.COM ([fe80::f91a:d158:425a:5187]) by MR1P264MB2882.FRAP264.PROD.OUTLOOK.COM ([fe80::f91a:d158:425a:5187%6]) with mapi id 15.20.9343.009; Thu, 20 Nov 2025 18:41:40 +0000
From: mohamed.boucadair@orange.com
X-CSE-ConnectionGUID: RBxoygG0TOSwyV+aoh0W4Q==
X-CSE-MsgGUID: 5A1jZRwhSyqHZMVB+PARpg==
X-TM-AS-ERS: 10.218.35.132-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-DDEI-TLS-USAGE: Used
X-CSE-ConnectionGUID: PIPBeQSTQo+8u1nMdY02AQ==
X-CSE-MsgGUID: myvfoz9QSZq1W2D5QOqTNw==
Authentication-Results: smtp-in365b.orange.com; dkim=none (message not signed) header.i=none
IronPort-Data: A9a23:yYxZlK6UzVNZvXb3RxvPCQxRtN/HchMFZxGqfqrLsTDasY5as4F+v jAYDWvSbPyCNjPwL9x3YNi3pk1QsJbcx4Q2QAFqqiFjEysa+MHIO4+Ufxz6V8+wwmwvb67FA +E2MISowBUcFyeEzvuVGuG/6yE6j+fRH+CU5NfsYkhZXRVjRDoqlSVtkus4hp8AqdWiCmthg /uqyyHkEAHjgWYc3l48sfrZ9Uo25qyq41v0g3RlDRx1lA6H/5UqJMJHTU2BByOQapVZGOe8W 9HCwNmRlkvF/w0gA8+Sib3ydEsHWNb6ZWBiXVIPBsBOKjAbzsAD+v5T2Mg0MC+7uB3Q9zxF8 +ihgLTrIesf0g8gr8xGO/VQO3kW0aSrY9YrK1Dn2SCY5xWun3cBX5yCAWluVbD09NqbDkl21 MQyJQk2UimExLKrmbSeRtg03O0aeZyD0IM34hmMzBnhN64eG86faJiSvIMe2yosjMdTG/qYf 9AedTdkcBXHZVtIJ0sTD5U92uyvgxETcRUE8BTE/uxovS6PnGSd05C1WDbRUtmNRcxQk0rer GXb9G31CxAAHNuFwDyK/zSngeqncSbTAdpMS+HjrqU16LGV7mkCFhMRRwqCmsug03Hkd49mD FUo3DV7+MDe82TwFYOhAHVUukWssx0Gc8BMHeh84waIooLV7h2WLmkJUjAHb8Yp3Oc6XzUky hqIks/nQCBrq/iJTWnErfKMrjipYAAUIHMMIygeQmMt/9345YozhxPVVf5iHbK7yNrvFlnY3 zSRhCkzm7tVitQEv5hX5njCijOo45bTRwg+6w7aWH6/5wdwdoq9PtPwsAKDsaYGK5uFRF6cu nRCg9KZ8O0FEZCKkmqKXfkJG7aqof2CNVUwnGKDAbEZ1gyH9keYQblXo2FjfUFMPvdcIxbQN Rq7VRxq2HNFAJe9RYFNC79d5uwvxKnkUNr/X/bfY9FDZIRrfQuO7iV2PBHIhjq1zBhqlrwjM 5CGd8rqFWwdFals0DuxQaEazKMvwSc9g2jUQPgXLihLM5LBPxZ5qp9cbzNii9zVCovf8W05F P4EZqO3J+13CrGWX8Uu2dd7wao2wYcH6WDe8JcNKrHrzvtOHWAqEfjKxr09M4dihbw9q9okC kqVAxcCoHKm3S2vAVzTNhhLNumzNb4h9ihTFXJ3Yj6VN40LO9/HAFE3LcFvJeFPGS0K5aIcc sTpjO3bWqQeFmubpm5GBXQ/xaQ7HCmWacu1F3LNSFACk1RIHmQlJveMktPTyRQz
IronPort-HdrOrdr: A9a23:VLUbpa7iIQRHlefL3QPXwOHXdLJyesId70hD6qkmc20sTiX4rb HKoBx4vSWftN91YhwdcL+7VJVoLUmyyXcN2/h3AV7AZniFhILLFuFfBNDZskTd8kTFn4Y36U 4HScZD4bbLfDtHZKjBgTVRvLwbsaK6GAzDv5a785/NJzsaDZ1d0w==
X-Talos-CUID: 9a23:zBNil2vB8LuYoGTF3uEJYGjB6IsdU0X3wU7rH3a/SjZ0EbuwRW7Ioopdxp8=
X-Talos-MUID: 9a23:gd5Hmw40dA8nNqYAp+onoPKgxoxt8rqgD1JcqK40opC7bwAtAhCEsBKoF9o=
X-IronPort-AV: E=Sophos;i="6.20,213,1758578400"; d="scan'208,217";a="106743037"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ZpP6JGOx4e+hryLjhF7gbN742sFux/GDMInPcvMe77PLG3A+59WcsgiXWinbODuATuSgrT6D9CxG8OujEQby3dfx/cPMNZzvXqIj/RsvPjAId71+CqnBS9icQ6rK8L/FLxr24Lxitk2zMORXJ8dtXiV4E8KfIeG5R3uiPndAuGCx/bmkHRN8rrywAq5wa/FBpl9TeciJPXCWcsHwYYT1/nxuPDsFdGC8De9K0YS6KoI9d284afugPCSq/rFXoH5/ZQh75KNqowubZsLwWSydlIJIWy4z6oIMB4tiq4UAQHkz/KOA1PTdgvArsH4dWtvYDoS80QLYVGdQw4QRxHgRFQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bsFO8Sxi9ldXiamDpv7vZmpyDxn+ToXPo7r4TI252HQ=; b=lMVpWo9MzGK4tfYuYisRZ6f2Y3PpEBrIpflI6MgXMYgubBQ5TAOQ2IM9QueRrHXSWpdJLZ30cmtX1LHWJVYBydZaz8NrLDDFjHURfqUx878ZP2bS2woe7j1YXV4slAkDiyZX+e7LylCwCRqeadvC7usYvJ1P9CAKYdeoS49yGM2/d+EhKCkGsUa+6eJB9toObELqsA+ydLmRmz9pDObQCafsLlM0Lf/OQPIzUB5tfjD18Nz9USCtJPrzepIh+b2dbptaNh7Zry+TZlntUgBZPN1H9S1QRyEezbI48cpkOFzw3IlMEGUixCXLTF9C0WH5O9/4h19AhMIyJbrUAL0r9w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=orange.com; dmarc=pass action=none header.from=orange.com; dkim=pass header.d=orange.com; arc=none
To: Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [TLS] Mohamed Boucadair's Discuss on draft-ietf-tls-tls13-pkcs1-06: (with DISCUSS and COMMENT)
Thread-Index: AQHcV9VnpnGPgovVaUC3vxmQHaMFRbT76k1w
Date: Thu, 20 Nov 2025 18:41:40 +0000
Message-ID: <MR1P264MB2882C3EFAF10EF82278F4DA988D4A@MR1P264MB2882.FRAP264.PROD.OUTLOOK.COM>
References: <176337010705.746218.8450704875232198278@dt-datatracker-5bd94c585b-wk4l4> <CABcZeBPFXOZVyhqfcF7hxTAQDbBmdfehy_rST878RRAzD_qkGQ@mail.gmail.com> <PR0P264MB28855142BBDC3A7C4BA0E7A888C9A@PR0P264MB2885.FRAP264.PROD.OUTLOOK.COM> <CABcZeBMeaPnGc6RqYOFHppJccXm7rh2TN0OyrrX2YHWp3nxAow@mail.gmail.com> <PR0P264MB28857B1E2CCDA7F95F715F5888C9A@PR0P264MB2885.FRAP264.PROD.OUTLOOK.COM> <CABcZeBMXZJUwmDyaVET_mUh9+noQJ4dRNiuQXr6kje_cP+Rdrw@mail.gmail.com>
In-Reply-To: <CABcZeBMXZJUwmDyaVET_mUh9+noQJ4dRNiuQXr6kje_cP+Rdrw@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=5eb78dbf-e0ca-4f34-a681-473b56c09291;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2025-11-20T18:41:25Z;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Tag=10, 0, 1, 1;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_ContentBits=0;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Enabled=true;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Method=Standard;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MR1P264MB2882:EE_|PR0P264MB2358:EE_
x-ms-office365-filtering-correlation-id: 63392d0a-7522-409b-759b-08de28647200
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|4022899009|376014|13003099007|38070700021|8096899003|7053199007;
x-microsoft-antispam-message-info: efWYPoJcFDA6YbB1P/CNdeRpLFyAdGqP1Uh6DZqs4sKGOa6hKraSTvBVEavJATHmaRZU5Ue2YsZrbjMNwKWqb9k7ZU8mz/5ItXzBOzwiYVtq4UM18wWj3KPi/AnIwtZZfTji8CesJ3ZUVcyTe9jKNt5BS4sX1zwcsENLuD0ThayYgYLDqx+A48nZRueKh3ABDTLOpF0PiQEXGaSUFyPY9aPHf05ZPNqzMtOkXGYwBwV3GnTGO99irSJNPorRYlHQ+p+uGuSWpRA5bac6O9K6epJyAs+Nk9cEOV8SPfyJQNOCZfmHmMHHgZvKnhyKCUyK2RuVmm8/3qshvQMgxRpxErVSqeysY/Qi+eCKh4f1l8tBT3BAUcHmm5RozjRHRY4cOail6pU6Q0EFlS9LmGJ/vZexKs2Ln6mqqh0HCTxJxK9IeirM5mYwvVin7zBIntKWDDvpK+OkLpeHndGMXfk3uSZO74qXCbpWxD6oaZ1kxIO1DfFUlZPvBX6gMA/mAyL6ZROy23yAQ8j6dhyTpOsEp2myN25KOfcGRmUnfqcpoZ6vCpw+tL1rWAVUnuwHk61BhhRolVMQMHUkT77yQgYJG2oy25VLvXkjpgvpwkjrWC3r/sr7nP+SBeLfSW27UzNjnv86WwCuKTtTWXBhNqJ/SgJWXPJyqaEGAOo29wPz+D2HIUpcFW93oW6aBBB5BbJqAlLZ9E24gs4l6VaOfC+nFDB6ZZj/WHfhREFa4Y8phBjtAU6Nw2OHFhcM5oSexXIaTwzNBH2toQZdfC6q6L6LPkbceVR9fH7T1h/05+s6C9xzv5xJ6ilu7K3xo8RACB9pmzh+EmlCStlbUFX3VulxvcbKhYQinu7mS6WWVi/EW3C1SdrlYWxDwu+jfkS6Xn0hdqtJ3oKu6Ir4ChnuCBrlh8fhtMraoq9jFDNGkVSUfj1Hp0wFt2oXWNVC6pr5OLCmJlUl6prxCT0xANyHDcZT5fvt/CvnUyPHgvACaxXHuRCeKkY2dAHhQE4LhN5666wIMIvjCapzEaX6ZUxAKSiYr/myzZK2U5129IHo1taotR1KmXSWljvpNY8WYIlY5qp6rN3RzkzWQKrkSNw/rnR433OOYScvHMQeVukYmFNjRuBDIRchGRNKRUW0x2ycr3XeZcRuZWdodUGp8CdulYnKS0Ts7kGQGo3lPr7u6cktg4SrqyzYS0OBqBMg34/y0CLEN6tciVRZGLlDS/SZ3e89wLXzMrMpJvCQvAEyhgB8y2duFfi1Dl0gmLOJPNMZbQYxLtQx3cQd//dEZ7jiyBQHZru6CJ8BVmsAReMGz/5q1BsajmsE9gi85jAnzsJVda29jQNh7QanlETAc+FJkxf3Z+s8Z1LwyzUnGLC5DANrA5jutTd+199KZBAxMRfp9N4UGCn3+6F6dfb1W7mtc0C0FcuTzk7+kIefsz5ehAeplWvTn2YINDHjele5oz0v2HMV6qGBTHQEhsWSt+jNsFRJNPwvwTKcOy4HFsHLTupsjfsujeeIO6xACl+bmHh2Kk1DVF6dFq2yrA8+jWQY1snHnA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MR1P264MB2882.FRAP264.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(4022899009)(376014)(13003099007)(38070700021)(8096899003)(7053199007);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: fFjqzrP2rf2czOgsDImwy6gfGtc9GKqr3NIjlzQHlSnicrw4onJ4ZbXwBSY60xud9Udqd2i108eElkDCkJEjjhFs/EWBno1CXkQ3DgQ+6A/ztel3/qTwdBnqQl3fLlGhWQtzS+IbeBu6ampXZFUnLUDUEgaemxoedEEwABVa8UzgQFOCuDLc/KE+YWIvnRnYgLfJVFSyK4S7atRmXy6+qubTAk3AqL42iyGkna59fD0TwIXRY7rpSjNvI71MB/eRJyphLXo/5WH2/HmtSkhANPPOUwqXnSeEf9Lm2KG6HAmmFD02MiTus+SHMzYqSz+r4PNLODIN4vlqcFDssIcH9NqSbWMpXdiTVzpKDgKR9k3YuXxUKO7CACrC02g9jSWAsy4ybBan8N6qVcPVlOQy+E2hnUKdwLoZAYimlXbxz7D14OHZWB187S/FF9H1+Z3+Bc0/YKiYK8ZFP/jElSxDRlot32K6ZazMWvk7905o1/CigctWQjd13WmS4Ul8+V8nDwgU3rQFEzhzw/ME7tSZKkdtKJk9J+mflLiC2oq/b6ekPlscpJXpuuX+OFy+ywt5NlK5PI1hoGcVCXI0QwBereCkuqX78owXpL3+m2Uie7FB2ED5Vk2XOh1Lw4U5ssJY2EA5lwObWXOe3TlejBay8Krws/HrJVUoQE+MPg2Ht6t5lWrWMXPiPRRZqEbcKCdr8uNjD60GEjf80uWcEaKvy2zVYayyKvnzzg3qGxR/OBasyCThOCU/vjhXBgfTKRllnbByHs5TuKpeHLeU4wmm5hljdOluIPoQ2JEP4KESdxVyD2TvVNaYGXQkDPY3k4glfzBxuQILMsuEYIqJeHuITHOKXW+63jtxzuTHoGgxCh7yZKAYFN2pC6i6bazVe1gxrZz+y/O1cdvujPI6j6C5/VOhIkL0vAMcYTLo46hoYHLr2RvTqUDtYPj/SHqUtJxN+HgOsDPIArNI711qDxe8lvJTmAiDPpM3OSiJ6GdeiNjjplRTQRO8qttX/9OfPdclmeAjlvfregkx6TjhY1VsYWFMdYjp4GOBjaEKr1Eu2GfKUj8w9vePaWAW5tyU1zBSkRxwl3tXlvTr6swxY8e1sRoN699cHx75JlPZ095V/DA2fQYrvnGmHU9B1pUxsTHwHms7wtr1Crg8PzmikQa/3xQMgJKZ8/Ao5LpX/KXT35jpePBkpai2iqDjWo8vL/TDtaNEABIHL5kEAOeDPk1lBsWN0qtkQwl/Gdce7n+vuUwHVO5et6jdMMyG8R7kMh5FLEuOFF2l0QeJjMrcfG83eL37fmYqpiBav+2AgI8cnQotkBR3oWhJk6r96mlMVZ3nAxaHixgtVM1uxd0s1hds4t6wIUWm5JOCmiZ5umYK9ksBRx7IbjBoITHv6PxuQ8DswBdAkBMVG2zjDFJnipC83Cy5l4uSgW7MvDNWzgsaCoCM3BOshIN7UjhZga6QPkKSJkUon0t06eWT55/LyN4iI/Q+el2Z3h9/GoU/BeheZvqTBZtg5ghnmQTauwJ9LfhSLmMCFyuXsV+iF+I3DSIKdUzmZMYpCzrM+aqI7iy48oTX4fArCbLySAwMY9qTDZIvD58DgTsorwaTDdNsBAAnwg==
Content-Type: multipart/alternative; boundary="_000_MR1P264MB2882C3EFAF10EF82278F4DA988D4AMR1P264MB2882FRAP_"
MIME-Version: 1.0
X-OriginatorOrg: orange.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MR1P264MB2882.FRAP264.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 63392d0a-7522-409b-759b-08de28647200
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Nov 2025 18:41:40.6993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 90c7a20a-f34b-40bf-bc48-b9253b6f5d20
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: eMpuwIR32fy+ztGstng2Fgb0q9y44SzrUV7XFI8z+mGEiUv1vScobzrrLlmKD66gg4jzYp1J/w9BmCs0b6REV4eYWgV0dDPIdiA/ZiASVFw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR0P264MB2358
X-TM-AS-ERS: 10.218.35.132-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-TMASE-Version: DDEI-5.1-9.1.1004-29588.001
X-TMASE-Result: 10--49.645700-10.000000
X-TMASE-MatchedRID: hFbMlnd2lLOSwLtp37ZhGZpiU2kgoGALgvmNrsT46HLLa0eANE7Nz+ch HA04zz3zWuU+F1IO83dL3iG65EPz1Icr1Pluqvvra6oXS5YQlJPfqVBdB7I8UYaJp9G8IFZpVz8 J52OVy+TWlHKq8pYIVLlMXBKuvIsDW7cw+UiW4y5c415zKJPWMMMmd/8j9dbKoa6XGnaf+WRW0O 12W5BtodEnEhyzkLSmmYVJDc7rngrRnd327aTojCGIqlqmIVBSvHKClHGjjr3zZKDA1/pIrgPYD dySm+X3Wu91pOLqCbhG391z8AkhmnKYF+ElYDOVV3KFBhdtw96VOwZbcOalS2UfjhTZG7Xa3tld lMO9nKu3MGS6TxU7QN3kkK8p4dC1NmmUkcjrArXSl1fPYXV7QV/ZJ0h1vLl1GEfoClqBl87RjBm BWsa9RCDv6zn31Uzg6zBPuCbw++kh8PKnSMXzo10ieHN50/kHKwi7MItzaY1WNh52V409tZa5+g ecZQ1+ADS6MMOy8CmOdTVdSqE7EyDJbbuW28JPztDvGPckrkl0+657dxGJGMAYvJUUzMganUevv 3IhmQFdmS9KfMfTZaLGgAL/d+TwR3B6Edw+gpBrNEoFrZ14J+y7jhAGPQakLPSJu5jov2YrXQa6 mSZlS9cOgA4OgUBv/wtg/wnEM99AqqRHFcgzBoCQ47pqdCKvyztPcT3Ax8IPmmallK9vjOtUHh/ UX9O9IUHbivqYqfzMzW5ZWwzwl/B2nXu+GT6n91JFDuf8TN+jWBEL0cqXfiiisLSFmwm2vyzGU6 SQbiXN8kvX+WMBhpgXO4QRFw9PCHFxcdS6PJyvvxILmKK/HBRFJJyf5BJewWulRtvvYxTUHQeTV DUrIjsrIxPW/QrJcHOFyh7O9priRhduhvElsvJT+hf62k2YIbZSWXZZ520=
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
X-TMASE-INERTIA: 0-0;;;;
Message-ID-Hash: 744OGG2C45VNB27MECDSO6YXHYIYX6XS
X-Message-ID-Hash: 744OGG2C45VNB27MECDSO6YXHYIYX6XS
X-MailFrom: mohamed.boucadair@orange.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, "draft-ietf-tls-tls13-pkcs1@ietf.org" <draft-ietf-tls-tls13-pkcs1@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Mohamed Boucadair's Discuss on draft-ietf-tls-tls13-pkcs1-06: (with DISCUSS and COMMENT)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_ruvB8vCH7qn0Lah0fXwOJayhkk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Hi Eric, Thanks for preparing this PR. This fixes my concern. Cheers, Med De : Eric Rescorla <ekr@rtfm.com> Envoyé : lundi 17 novembre 2025 16:17 À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com> Cc : The IESG <iesg@ietf.org>; draft-ietf-tls-tls13-pkcs1@ietf.org; tls-chairs@ietf.org; tls@ietf.org Objet : Re: [TLS] Mohamed Boucadair's Discuss on draft-ietf-tls-tls13-pkcs1-06: (with DISCUSS and COMMENT) On Mon, Nov 17, 2025 at 6:42 AM <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> wrote: Re-, I think there is a disconnect here. My DISCUSS point is clear: how can you make use of draft-ietf-tls-tls13-pkcs without relaxing what is the base spec? And this document does so, regardless of whether 8446 is updated. It permits servers to advertise support and clients to negotiate it. That overrides the text in 8446. Great to hear that you “can clarify this point there in AUTH48”, but that’s not sufficient to clear my DISCUSS. I would appreciate if you can share the proposed change so that we can move on. Thanks. https://github.com/tlswg/tls13-spec/pull/1399/files Please clear your DISCUSS. -Ekr Cheers, Med De : Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> Envoyé : lundi 17 novembre 2025 15:32 À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> Cc : The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; draft-ietf-tls-tls13-pkcs1@ietf.org<mailto:draft-ietf-tls-tls13-pkcs1@ietf.org>; tls-chairs@ietf.org<mailto:tls-chairs@ietf.org>; tls@ietf.org<mailto:tls@ietf.org> Objet : Re: [TLS] Mohamed Boucadair's Discuss on draft-ietf-tls-tls13-pkcs1-06: (with DISCUSS and COMMENT) On Mon, Nov 17, 2025 at 6:13 AM <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> wrote: Eric, Hmm. As you ask, this falls under technical/implementation issue as it relates to how the intended feature can provided given the restriction in the bis. I do not agree with this statement. The document is unambiguous on what itallows, and adding an "Updates" field will not make it anymore clear. Moreover, as we've discussed 8446bis is already *ahead* of this document in the queue,and we can clarify this point there in AUTH48. I appreciate that you would prefer a different resolution, but this seems tome to fall rather under the following non-criteria: "Disagreement with informed WG decisions that do not exhibit problems outlined in Section 3.1 (DISCUSS Criteria). In other words, disagreement in preferences among technically sound approaches." as well as: "Pedantic corrections to non-normative text. Oftentimes, poor phrasing or misunderstandings in descriptive text are corrected during IESG review. However, if these corrections are not essential to the implementation of the specification, these should not be blocking comments." Accordingly, I would ask you to remove your discuss and allow this document to proceed. -Ekr Cheers, Med De : Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> Envoyé : lundi 17 novembre 2025 15:01 À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> Cc : The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; draft-ietf-tls-tls13-pkcs1@ietf.org<mailto:draft-ietf-tls-tls13-pkcs1@ietf.org>; tls-chairs@ietf.org<mailto:tls-chairs@ietf.org>; tls@ietf.org<mailto:tls@ietf.org> Objet : Re: [TLS] Mohamed Boucadair's Discuss on draft-ietf-tls-tls13-pkcs1-06: (with DISCUSS and COMMENT) On Mon, Nov 17, 2025 at 1:02 AM Mohamed Boucadair via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote: Mohamed Boucadair has entered the following ballot position for draft-ietf-tls-tls13-pkcs1-06: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-pkcs1/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Hi David and Andrei, Thank you for the effort put into this specification. Updated the ballot [1] to take into account the feedback received so far (including off-list clarification from Paul; Thanks). The only pending point is: # Update RFC8446/RFC8446bis The provisions in this draft relax what used to be disallowed in 8446/8446bis. This reads like an update. Specifically, this part from RFC8446bis: and In addition, the signature algorithm MUST be compatible with the key in the sender's end-entity certificate. RSA signatures MUST use an RSASSA-PSS algorithm, regardless of whether RSASSA-PKCS1-v1_5 algorithms appear in "signature_algorithms". Can you please identify which DISCUSS criteria item you believe this DISCUSS corresponds to? -Ekr ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # FIPS 186-4 ## Please add a reference ## s/with FIPS 186-4/with US FIPS 186-4 # TLS Registries CURRENT: IANA is requested to create the following entries in the TLS SignatureScheme registry, defined in [RFC8446]. Isn’t draft-ietf-tls-rfc8447bis authoritative here for registry matters? I would replace the 8446 citation with draft-ietf-tls-rfc8447bis. Cheers, Med [1] https://mailarchive.ietf.org/arch/msg/tls/dimNOvXqeIaYflBK7s51J43p80U/ _______________________________________________ TLS mailing list -- tls@ietf.org<mailto:tls@ietf.org> To unsubscribe send an email to tls-leave@ietf.org<mailto:tls-leave@ietf.org> ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [TLS] Mohamed Boucadair's Discuss on draft-ietf-t… Mohamed Boucadair via Datatracker
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… Eric Rescorla
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… mohamed.boucadair
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… Eric Rescorla
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… mohamed.boucadair
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… Salz, Rich
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… Eric Rescorla
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… Paul Wouters
- [TLS] Re: Mohamed Boucadair's Discuss on draft-ie… mohamed.boucadair