Re: [TLS] Publication of draft-rhrd-tls-tls13-visibility-00

Colm MacCárthaigh <> Mon, 23 October 2017 22:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4E76F13AAFF for <>; Mon, 23 Oct 2017 15:40:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id g6DdyO9qGQBU for <>; Mon, 23 Oct 2017 15:40:46 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4002:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E50D713A902 for <>; Mon, 23 Oct 2017 15:40:45 -0700 (PDT)
Received: by with SMTP id j4so13494269ywb.2 for <>; Mon, 23 Oct 2017 15:40:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=nrwhtimb+y/KpHxNAe5ox7Hq4luIA5EKmg2w6vRnru0=; b=klCb7HLuj4Vv45tqzCkBAK71uWBEvPCY1MyIEKnaQv9iO73/WpCXJ3QdrRyhyV3jt0 MS6e0fqouqSIDEQbtxVcO3H6IH0PXQ2QQ9p5Sqqsmv4XijDsCE5pZ2tF0isU5fkhVM71 Curc1sJQhx0tDjjamfW4my/3xUTQiUw+bWFwbAXAHe1mpypyRU23lrpYqP/alKAYOYVp zq1qIZdsFPxvMxvNcX8pGc5T10lN/KnCFiJaNTZtbvowA60lB5l1po2AxqAeUORFHw+5 KeLPtbJ0sMzJY6CWmE+c1yYxZen2xnz2dxaKoX7ZubP1gam0cWBoK/yJZ0G7LAfWUKac NcxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=nrwhtimb+y/KpHxNAe5ox7Hq4luIA5EKmg2w6vRnru0=; b=cqa2+qXGCLZAMAC1RUQFcGyds9wU9IB4XYiAp1qlWgxtdabbfX6qPJ7pwCyqiwqRmZ wvtxrhgggPp7b3WCMfiNbOo4i4gWhmmXyPitvcl0SFkWmyjJxH290M/eRMxLoCc695uF 0SQmNtxJGGO4oHQuQM//+PwnBPpRAn+TUoA1xytYYynzFw5X2W304aE7X8JC+9jhIQhh 0oAJ22KdL0KJxv7kZSlx2SWuRlyKJQ1Mr1K7bNxwshnKD1ygGAnPFhIbmJCqza1OfTUw DftFnKpgT1a/NPZWxgMv7g4HS5L39Ptlrts54XhsBPDpzoyXzGVknftKPDiTcvGjQhwI BkJw==
X-Gm-Message-State: AMCzsaU/PFhsRuXwpNsH0dZbvOo1ojWi2cu5KGEf3uXYjYrLOjjDTSSH LyM2J+ZEvlaba6tnoMkKO0OpAR76IqrLz8GXSeVX2A==
X-Google-Smtp-Source: ABhQp+SUJEV9Mq88/oPvD2GqUaATjhKIZWz3/2ZrRqxukfQGaBEvfPz25I19e5lkt5mFnokOTOeVl1j6n8H6BH/3NhM=
X-Received: by with SMTP id b184mr9851435ywc.364.1508798445106; Mon, 23 Oct 2017 15:40:45 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Mon, 23 Oct 2017 15:40:44 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: =?UTF-8?Q?Colm_MacC=C3=A1rthaigh?= <>
Date: Mon, 23 Oct 2017 15:40:44 -0700
Message-ID: <>
To: Benjamin Kaduk <>
Cc: "Ackermann, Michael" <>, "Salz, Rich" <>, Stephen Farrell <>, Darin Pettis <>, "" <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [TLS] Publication of draft-rhrd-tls-tls13-visibility-00
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 23 Oct 2017 22:40:47 -0000

On Mon, Oct 23, 2017 at 3:30 PM, Benjamin Kaduk <>; wrote:
>  There are no doubt folks here would claim that the writing has been on the wall for
> five years or more that static RSA was out and forward secrecy was on
> the way in, and that now is the right time to draw the line and drop the
> backwards compatibility.    In fact, there is already presumed WG
> consensus for that position, so a strong argument indeed would be needed
> to shift the boundary from now.  I won't say that no such argument can
> exist, but I don't think we've seen it yet.

I don't have too strong an interest in this thread, it's not going
anywhere, and I don't mind that. But I do want to chime in and point
out that forward secrecy is not completely on the way in. With STEK
based 0-RTT, it sounds like many implementors are happy to see user's
requests, cookies, passwords and other secret tokens protected only by
symmetric keys that are widely shared across many machines and
geographic boundaries, with no defined key schedule, usage
requirements or forward secrecy. Clearly, the consensus has been
willing to accept that trade-off, and there is definite wiggle room.