IETF Logo Mail Archive

Re: [TLS] Protocol Action: 'IANA Registry Updates for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)' to Proposed Standard (draft-ietf-tls-iana-registry-updates-05.txt)

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 27 May 2018 12:50 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7991312EB31; Sun, 27 May 2018 05:50:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R_rrEO2tf4a4; Sun, 27 May 2018 05:49:59 -0700 (PDT)
Received: from mx4-int.auckland.ac.nz (mx4-int.auckland.ac.nz [130.216.125.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 824B812EB33; Sun, 27 May 2018 05:49:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1527425398; x=1558961398; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=crYXoNEIrhvzijp80q15mI7qyEVV3UeXHBYJIrM3Y6Y=; b=WKvBSXcu2yhaQ7fUBvEIb89mndjVMzL1710o5YZvR6u+STbKdcSasF3G wTkpzRodcnWEHHTIO2EVTJqx/hUr4lTP5MtWmI8auORzCswEqJnW91d0w CR/tA9EzWwhv3E+o5s+iPcL9o8lSIEeEV2PpZ5F0IkYOKneMcqzFFoL0J PMIgkBgdXW+s8tl8VvHFEBXhvVK07iJ1gRHk574CsSdWq3G6w30er7tmg 5nzJtCzccRcbhJ9FrW1B8N+TXJtWfkDt8c/DxMP7SDYpkfObmgGuUpSco 9T7I4QvZ4aihwXa/uVcUHHXyOx2n5DCvTW0MlXNY6JfFkqYXMmaGaeSiV A==;
X-IronPort-AV: E=Sophos;i="5.49,448,1520852400"; d="scan'208";a="13274346"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.3 - Outgoing - Outgoing
Received: from uxcn13-tdc-b.uoa.auckland.ac.nz ([10.6.3.3]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 28 May 2018 00:49:52 +1200
Received: from uxcn13-tdc-d.UoA.auckland.ac.nz (10.6.3.5) by uxcn13-tdc-b.UoA.auckland.ac.nz (10.6.3.23) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Mon, 28 May 2018 00:49:52 +1200
Received: from uxcn13-tdc-d.UoA.auckland.ac.nz ([fe80::b0d7:2dae:1a32:6ff4]) by uxcn13-tdc-d.UoA.auckland.ac.nz ([fe80::b0d7:2dae:1a32:6ff4%14]) with mapi id 15.00.1263.000; Mon, 28 May 2018 00:49:52 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "tls@ietf.org" <tls@ietf.org>
CC: "tls-chairs@ietf.org" <tls-chairs@ietf.org>
Thread-Topic: [TLS] Protocol Action: 'IANA Registry Updates for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)' to Proposed Standard (draft-ietf-tls-iana-registry-updates-05.txt)
Thread-Index: AQHT9GMg6inI/yD6CECnWE0tqGUgU6RDiQxq
Date: Sun, 27 May 2018 12:49:51 +0000
Message-ID: <1527425365931.63162@cs.auckland.ac.nz>
References: <152727817174.12617.11617762950737426284.idtracker@ietfa.amsl.com>
In-Reply-To: <152727817174.12617.11617762950737426284.idtracker@ietfa.amsl.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gdHIGouywyIydD4vtlZDk9LVTMs>
Subject: Re: [TLS] Protocol Action: 'IANA Registry Updates for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)' to Proposed Standard (draft-ietf-tls-iana-registry-updates-05.txt)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 May 2018 12:50:02 -0000

The IESG <iesg-secretary@ietf.org> writes:

>The IESG has approved the following document:
>- 'IANA Registry Updates for Transport Layer Security (TLS) and Datagram
>   Transport Layer Security (DTLS)'
>  (draft-ietf-tls-iana-registry-updates-05.txt) as Proposed Standard

Now that it's been published, I'd like to request assignment of an extension
ID for tls_lts under the Specification Required terms.

In terms of the conflict between the existing use of 26 = tls_lts and the new
26 = compress_certificate, this can probably be managed by noting that
compress_certificate will only be sent by TLS 1.3 implementations and tls_lts
will only be sent by TLS 1.0-1.2 implementations.  In addition
compress_certificate has a nonzero size (a list of algorithms is sent) while
tls_lts has a zero size (it's an indicator flag).  This means that the two
different uses are unlikely to occur in the same implementation, and even if
they do can be distinguished by looking at the extension data size.

Having compress_certificate moved to 27 would be a better solution in terms of
existing use, but I can add a note to the LTS draft mentioning the change. The
certificate compression draft should probably also be updated to indicate that
a zero-size compress_certificate, if encountered, isn't a compress_certificate
but a tls_lts.

Peter.

v2.23.0 | Report a Bug | By Email