IETF Logo Mail Archive

Re: [TLS] call for consensus: changes to IANA registry rules for cipher suites

Benjamin Kaduk <bkaduk@akamai.com> Thu, 31 March 2016 16:03 UTC

Return-Path: <bkaduk@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3975112D565 for <tls@ietfa.amsl.com>; Thu, 31 Mar 2016 09:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.731
X-Spam-Level:
X-Spam-Status: No, score=-2.731 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YQg3p6P124cZ for <tls@ietfa.amsl.com>; Thu, 31 Mar 2016 09:03:16 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [23.79.238.175]) by ietfa.amsl.com (Postfix) with ESMTP id 491EB12D553 for <tls@ietf.org>; Thu, 31 Mar 2016 09:03:16 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 6B4584334DB; Thu, 31 Mar 2016 16:03:15 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 54C264334D7; Thu, 31 Mar 2016 16:03:15 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1459440195; bh=OUToVs5b7j+9+9PwjsRWwoIQAc6FjPelCMmb13CGBmk=; l=2247; h=To:References:From:Date:In-Reply-To:From; b=CdKiMVfD39Wk2ThOJZ1WcbWVv8fi6j+E7WEwVJOPtgUQua2y0YxREBcdeh8tKaqkb vKYYQAKAJQ/iSEuZuWOJg48HBR3KQta8VmFm47s6bIVd89QbU+Oad7GRJgs+nPgwci w7EqCpuMU+/FdS6IQ3qyRy3DJNN2Wy7JwyItecCo=
Received: from [172.19.0.25] (bos-lpczi.kendall.corp.akamai.com [172.19.0.25]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id 1C35D1FC8D; Thu, 31 Mar 2016 16:03:15 +0000 (GMT)
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "<tls@ietf.org>" <tls@ietf.org>
References: <20DDE657-E1A9-4705-936D-40673294C4EB@sn3rd.com> <56FD2A0A.1050607@gmx.net>
From: Benjamin Kaduk <bkaduk@akamai.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <56FD4A42.2080100@akamai.com>
Date: Thu, 31 Mar 2016 11:03:14 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <56FD2A0A.1050607@gmx.net>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/gCWriJiIsznfwKB144eyqf6quB0>
Subject: Re: [TLS] call for consensus: changes to IANA registry rules for cipher suites
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2016 16:03:18 -0000

On 03/31/2016 08:45 AM, Hannes Tschofenig wrote:
> Hi Sean,
>
> What is the requirement for adding a spec to the list with the value
> IETF Recommended = "Y" (or to change an entry from "Y" to "N")?
>
> You mention two conditions:
>
>  * IETF has consensus
>  * Are reasonably expected to be supported by widely used
> implementations such as open-source libraries
>
> Of course, with all our work we expect them to be supported by widely
> used implementations. The future is unpredicable and therefore not a

I don't think it's universally true that we expect all our work to be
supported by widely used implementations.  Sometimes we standardize
things that are kind of niche cases and not expected to be widely used. 
(This also somewhat relates to the question, already raised, of how to
turn a 'Y' back to a 'N' for things we decide we don't like any more.)

> good item for making a judgement. I realy find document authors who have
> less interest to get their stuff deployed.

...but I do agree that predictions of the future do not make good
criteria here.

> Getting IETF consensus on specifications has turned to be easier than
> most people expect and the IETF published RFCs that have not received a
> lot of review. Large amount of review is not a pre-condition for consensus.

I think that documents introducing things that get a 'Y' should
explicitly say that in the IANA considerations, so the IETF consensus
explicitly includes support for the 'Y', and not all documents published
with IETF consensus need to go for the 'Y'.  Which is not to say that
putting in such an IANA considerations section will magically cause
people to read the document at IETF last call, of course, but I do have
confidence that the IESG (if no one else) will ask whether the TLS
working group has been consulted for something trying to set the 'Y' column.

> While your idea sounds good it suffers from practical issues. I am
> worried that the process will not be too fair and may favor a certain
> type of community.
>

At the risk of making predictions of the future, it's not clear to me
that the proposal will be any less fair than the current state of
affairs (which is not perfect, either).

-Ben

v2.23.0 | Report a Bug | By Email