Re: [TLS] TLS@IETF101 Agenda Posted
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 13 March 2018 14:21 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B086812D868 for <tls@ietfa.amsl.com>; Tue, 13 Mar 2018 07:21:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oefvsnz-q1Rm for <tls@ietfa.amsl.com>; Tue, 13 Mar 2018 07:21:33 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B05DA1200B9 for <tls@ietf.org>; Tue, 13 Mar 2018 07:21:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id EE354BE56 for <tls@ietf.org>; Tue, 13 Mar 2018 14:21:29 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5QBxOcakEo6V for <tls@ietf.org>; Tue, 13 Mar 2018 14:21:29 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id A0FF1BE2F for <tls@ietf.org>; Tue, 13 Mar 2018 14:21:29 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1520950889; bh=Z5MgQIKI7mFT8kdt8MYJifziIaLEqoCXfXMqHwer0O8=; h=Subject:References:To:From:Date:In-Reply-To:From; b=xhUWgpIKvuEO197n0ryvuLmtwGjI6vTU7Z2fA5DtFBAMTvjOwzdbJl6kDj1QNJXo6 BTXBEsqGRdO6tQ8ytVfG7sdg5lpLTEsdEXSBmBH4rUFWz1CqtMhO02OD2O7rloK6wO GUuu/uC/9SY5gavB/VQtvo9757B9bF+JYd73QX7M=
References: <6140B7A6-A1C7-44BC-9C65-9BE0D5E1B580@sn3rd.com> <986797a7-81b0-7874-5f39-afe83c86635b@cs.tcd.ie> <CAOgPGoBYc7O+qmjM-ptkRkE6mRsOYgc5O7Wu9pm3drFp3TVa6Q@mail.gmail.com> <d7dfdc1a-2c96-fd88-df1b-3167fe0f804b@cs.tcd.ie> <CAHbuEH7E8MhFcMt2GSngSrGxN=6bU6LD49foPC-mdoUZboH_0Q@mail.gmail.com> <1a024320-c674-6f75-ccc4-d27b75e3d017@nomountain.net> <2ed0gc.p5dcxd.31eoyz-qmf@mercury.scss.tcd.ie>
To: tls@ietf.org
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Message-ID: <d7ec110f-2a0b-cf97-94a3-eeb5594d8c24@cs.tcd.ie>
Date: Tue, 13 Mar 2018 14:21:28 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <2ed0gc.p5dcxd.31eoyz-qmf@mercury.scss.tcd.ie>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="YzXrs6zrKvKaBpu0tOOkqPj9zKigw2TJf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fiu9KBbmBB3r2cLEPl5UVvAOZ1M>
Subject: Re: [TLS] TLS@IETF101 Agenda Posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2018 14:21:36 -0000
Hiya, Just to be clear: I'm still waiting for the chairs and/or AD to explain how the proposed discussion of this draft is consistent with IETF processes, given the results of the discussion in Prague (a very clear lack of consensus to even work on this topic), and the discussion of the -00 version of this late last year. IOW, I don't consider my objection has been answered. In case people haven't got all the mails from last year at the front of their minds, I went through them for you and have provided links and selected quotes below. Yes, the quotes are selected but I think do indicate that the opposition to these ideas is as before. And there were also the usual voices in support of weakening TLS in this manner as well - a read of the thread clearly indicates to me that discussion of this draft in London will, as before, be a divisive waste of time and energy. Chairs: Please drop the agenda item, or explain how any of this fits our process, because I'm just not getting it. Thanks, Stephen. me, "IMO the WG shouldn't touch this terrible proposal with a bargepole." https://www.ietf.org/mail-archive/web/tls/current/msg24493.html Randy Bush: "there are a lot of us lurkers out here a bit horrified watching this wg go off the rails." (Different thread, but same topic) https://www.ietf.org/mail-archive/web/tls/current/msg24539.html Uri Blumenthal: "+1 to Stephen" https://www.ietf.org/mail-archive/web/tls/current/msg24542.html Rich Salz: "put this on hold for a year or two after TLS 1.3 is done" https://www.ietf.org/mail-archive/web/tls/current/msg24544.html Ion Larranaga Azcue, "I really don't feel confortable with the approach taken in this draft." https://www.ietf.org/mail-archive/web/tls/current/msg24562.html Hubert Kario: "to be clear: me too" (replying about hating the idea) https://www.ietf.org/mail-archive/web/tls/current/msg24578.html Rich Salz: "I am opposed to the basic concept of injecting a third-party into the E2E TLS process." https://www.ietf.org/mail-archive/web/tls/current/msg24585.html Florian Weimer: "I don't understand why this complicated approach is needed." https://www.ietf.org/mail-archive/web/tls/current/msg24607.html Ben Kaduk: "I do not see any potential for a workable solution." https://www.ietf.org/mail-archive/web/tls/current/msg24620.html Uri Blumenthal: "why do we spend time discussing this draft?" https://www.ietf.org/mail-archive/web/tls/current/msg24639.html Christian Huitema: "Maybe they have found ways to manage their applications and servers without breaking TLS..." https://www.ietf.org/mail-archive/web/tls/current/msg24643.html Ted Lemon: "I think we should stop." https://www.ietf.org/mail-archive/web/tls/current/msg24649.html Andrei Popov: "deploying a weakened configuration of TLS 1.3 (without PFS) would not meet the intent of those future mandates/requirements." (On "industry need") https://www.ietf.org/mail-archive/web/tls/current/msg24656.html Ben Kaduk: "The time I am spending on this thread is time that I am not able to spend improving the TLS 1.3 document." https://www.ietf.org/mail-archive/web/tls/current/msg24660.html Dave Garrett: "Please, let's just let this mess die. " https://www.ietf.org/mail-archive/web/tls/current/msg24667.html Uri Blumenthal "I'm against weakening the protocol, since there are other ways to accomplish the perlustrator's mission" https://www.ietf.org/mail-archive/web/tls/current/msg24670.html Yeah, I had to look it up too:-) https://en.oxforddictionaries.com/definition/us/perlustrator Adam Caudill: "To be honest, I’m rather surprised that this group continues to spend time on this." https://www.ietf.org/mail-archive/web/tls/current/msg24712.html Tony Arcieri, "Having worked (and presently working) for more than one company of this nature, in the payments business no less, I would like to restate that it's incredibly disingenuous to cite the need for self-MitM capability as an "industry" concern." https://www.ietf.org/mail-archive/web/tls/current/msg24715.html Colm MacCárthaigh: "I don't have too strong an interest in this thread, it's not going anywhere, and I don't mind that." https://www.ietf.org/mail-archive/web/tls/current/msg24720.html Peter Saint-Andre: "+1 to Stephen's request." (for chairs to close down the discussion) https://www.ietf.org/mail-archive/web/tls/current/msg24734.html Cas Cremers: " I think such a mechanism should not be part of the TLS 1.3 standard." https://www.ietf.org/mail-archive/web/tls/current/msg24885.html Karthikeyan Bhargavan: "I really don’t recommend any change to the TLS 1.3 design to accomplish any of this" https://www.ietf.org/mail-archive/web/tls/current/msg24903.html
- [TLS] TLS@IETF101 Agenda Posted Sean Turner
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted Darin Pettis
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted stephen.farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- [TLS] draft-rhrd-tls-tls13-visibility at IETF101 Jim Reid
- Re: [TLS] TLS@IETF101 Agenda Posted Colm MacCárthaigh
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Richard Barnes
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted Eric Rescorla
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted George Palmer
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Sean Turner
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Kathleen Moriarty
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] TLS@IETF101 Agenda Posted Darin Pettis
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stan Kalisch
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stephen Farrell
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Hubert Kario
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Hubert Kario
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Peter Bowen
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ryan Sleevi
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ryan Sleevi
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Ralph Droms
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Ralph Droms
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell