IETF Logo Mail Archive

[TLS] Re: WG Consensus Call: Prohibit Key Share Reuse Between Connections

Nico Williams <nico@cryptonector.com> Thu, 26 March 2026 20:21 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 30B69D205F56 for <tls@mail2.ietf.org>; Thu, 26 Mar 2026 13:21:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1774556511; bh=AYkYYFldxsfja2Q9Y6mY0dvQ9YrHPI7zZ3kro4RzeRw=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=nZL+CUVRcWMDI3aAsJyX7/2oMtbzqZyL2ndknZlSfnw3JHchKYWYUm994Wqc8LR8t XLG5Lj3RM4wTj5m+u0vPX0Q8wKa1NUNqCzsPenYovBtePMp+r5uzV/bBNYCWgpMn6y 5DSFiKlIBBFm6FUj4ceQQPSNQ0wFKIMB7Qosinyo=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cryptonector.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ffiyVeTQteh for <tls@mail2.ietf.org>; Thu, 26 Mar 2026 13:21:50 -0700 (PDT)
Received: from cross.elm.relay.mailchannels.net (cross.elm.relay.mailchannels.net [23.83.212.46]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 13BECD205F4D for <tls@ietf.org>; Thu, 26 Mar 2026 13:21:49 -0700 (PDT)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 514F3784070; Thu, 26 Mar 2026 20:21:43 +0000 (UTC)
Received: from pdx1-sub0-mail-a254.dreamhost.com (100-115-97-34.trex-nlb.outbound.svc.cluster.local [100.115.97.34]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id F2508783C68; Thu, 26 Mar 2026 20:21:42 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; d=mailchannels.net; s=arc-2022; cv=none; t=1774556503; b=Km9HVO3KUIAvizulbaOTXQH3cFTMdT/C3PKrdwrP0IgnR34jO82UfuxqHa7FDA1Ongu4dz 9Td2CZ/ElwE5CDpYp0mud9tTuqukubDF4Ua9nkE9QUlP3kHjWjdeqoXCMemOtUo2WMZP3j 3yV6IOlHxf6QEzLTpuU/wPDUntNknl9pMn5szNl9agCSFIkQBEaBxbL61Ck2PoQ/5AeL5k ihf7H30iEh/58KCyPmwwWL6zNW8pM9Sv9D7hpEAlaQfDVv9D7Y9ybIzOF4ykWrxmKfbeyy th7yj7LAwkZhk9w+mPm5quRVhpyiq06LBUbLU1L8q1m+HyhFGFE2sV/EbIjlXQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1774556503; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=nxQqpDplS8MHplg7ycAsg6Xk/ix7WGc8UkKWxiXlmGU=; b=DLJzl73DCY4FELOuICvHDVl5z66Z8ooS4knkqXdf9sjYGDddFGKGJHUN3CjDB+b+MrrdiH HqCvnlNJeHs53bzGQjr/ZG1snbc0Oi8GnpHIc+S6AHUNmRfjcrew3c7FnzOCHYoe17tcWT 2PeeSXkus6pO2oAOz3vilWH8mJf/Kl6COGV80ShmLK9kB7kNyLkplJCv3LnhjCYL+c/gsd SfjvQGXZ9V9XqrQSmmzSGu3aI/7fsqGLDdMbGo++M0dj77pxHNqklCIuQb3r1BlMW47Uy4 7ob+l2Evq5hsOwBT7/J9JIPZmbN6ODRstFmjot6gXGxE1B+G9VI2XCgsZb+GQQ==
ARC-Authentication-Results: i=1; rspamd-7f98bb5847-4lctd; auth=pass smtp.auth=dreamhost smtp.mailfrom=nico@cryptonector.com
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Rock-Continue: 479342b55761f1c4_1774556503206_3318388255
X-MC-Loop-Signature: 1774556503206:1774575574
X-MC-Ingress-Time: 1774556503206
Received: from pdx1-sub0-mail-a254.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.115.97.34 (trex/7.1.5); Thu, 26 Mar 2026 20:21:43 +0000
Received: from ubby (unknown [75.81.95.64]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a254.dreamhost.com (Postfix) with ESMTPSA id 4fhZtZ2Djfz107F; Thu, 26 Mar 2026 13:21:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cryptonector.com; s=dreamhost; t=1774556502; bh=nxQqpDplS8MHplg7ycAsg6Xk/ix7WGc8UkKWxiXlmGU=; h=Date:From:To:Cc:Subject:Content-Type:Content-Transfer-Encoding; b=c7+ymDahBn44y0mIObBD4x0OyiV+tcpiGb1ZREfzlPYQZhK3loZ0ixQfujoqYzvus bZ1KXdpwGAGba6NAAqHfDEKcBavubEFASoIRIfc+8HQD4GTLDzl9BPGB9RuDUxbANQ vpbKPxeyYRxbDRCxA8bZskYTTM5j9WPdtwK1s7r8Ai/78KWZycl8Q2LN99WpIF9T6Q 7jkXT93P0PECqiwAvr/RvvWnbgLbgw9n4Xw1tBuJ/ExqULcKrbBX5k/CuI4ltlm9yx GKtrdnp2JsVv39SG/+rMkU4KfgiTUBoYv/ErGcsjKUEpdj+TRo5aRsn8603RrGV+EO FSnzzJI06owYg==
Date: Thu, 26 Mar 2026 15:21:40 -0500
From: Nico Williams <nico@cryptonector.com>
To: Eric Rescorla <ekr@rtfm.com>
Message-ID: <acWVVIlaUEBCHMyL@ubby>
References: <92B7449C-F212-4A14-8852-58F8432FF131@sn3rd.com> <acIN2kRWLRSH_X_7@chardros.imrryr.org> <87bjgdy1fd.fsf@josefsson.org> <CABcZeBO8y39r3GcdTg166RMk46xm56cU1ovcUuv8_US9y+s+Pw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CABcZeBO8y39r3GcdTg166RMk46xm56cU1ovcUuv8_US9y+s+Pw@mail.gmail.com>
Message-ID-Hash: PM3Z4UGLD5776IQXT2J55SLBOV7IOMD4
X-Message-ID-Hash: PM3Z4UGLD5776IQXT2J55SLBOV7IOMD4
X-MailFrom: nico@cryptonector.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, tls@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Consensus Call: Prohibit Key Share Reuse Between Connections
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/afK8y82bQBdEdrMR6irqs-7Ahag>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Tue, Mar 24, 2026 at 09:42:23AM -0700, Eric Rescorla wrote:
> On Tue, Mar 24, 2026 at 3:20 AM Simon Josefsson <simon=
> 40josefsson.org@dmarc.ietf.org> wrote:
> > This all seems motivated by insuring against the ML-KEM patent license
> > that limits for what ML-KEM can be used for, to allow the IETF to say
> > "oh but TLS does not allow ephemeral key shared so we don't care about
> > that use-case".
> 
> No. That's not correct, at least not for me.
> 
> Separately, I've noticed you have a tendency to attribute motives to
> others that aren't really accurate and often seem designed to reflect
> badly on them.  I would ask you to stop.

Simon's guess at motivation above was a bit awkward, but I don't think
it was "designed to reflect badly" on anyone -- certainly I don't see it
as reflecting badly on anyone.  You yourself appear to ascribe motive to
Simon's ascribing motive, which is awkward when you're complaing about
the very same behavior.

We should not ascribe motives because it's impolite, bothersome, and
counter-productive (and distracting and often the suspicions are flat
out wrong).  But we also should not use instances of that in ways that
can suck the oxygen out of the room and shut down debate.  Rather IMO
one should limit oneself to expressing a complaint about that and move
on.

If need be we can each resort to the new modpod processes to obtain
relief when someone engages in such behavior to the point of being
disruptive.

Nico
--

v2.46.0 | Report a Bug | By Email | System Status