[TLS] Mirja Kühlewind's No Objection on draft-ietf-tls-tls13-26: (with COMMENT)
Mirja Kühlewind <ietf@kuehlewind.net> Wed, 07 March 2018 16:38 UTC
Return-Path: <ietf@kuehlewind.net>
X-Original-To: tls@ietf.org
Delivered-To: tls@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B53C12D574; Wed, 7 Mar 2018 08:38:40 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Mirja Kühlewind <ietf@kuehlewind.net>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-tls-tls13@ietf.org, Sean Turner <sean@sn3rd.com>, tls-chairs@ietf.org, sean@sn3rd.com, tls@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.74.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152044072045.17779.18123788753031746068.idtracker@ietfa.amsl.com>
Date: Wed, 07 Mar 2018 08:38:40 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/geiOTCOPW8gvKwge1eDz5Q8Uzio>
Subject: [TLS] Mirja Kühlewind's No Objection on draft-ietf-tls-tls13-26: (with COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 16:38:41 -0000
Mirja Kühlewind has entered the following ballot position for draft-ietf-tls-tls13-26: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- 1) I'm a bit uncertain if obsoleting is the right approach as many other protocols usually do not obsolete older versions. However, I understand that this has been the approach TLS has previously taken and is supported by the way the document is written. Still, I find it especially confusing that also two TLS1.2 extensions are deprecated which are not needed with TLS1.3 anymore but still probably valid to be used with TLS1.2, right? I would recommend for this version to at least already note in the abstract or very early in the intro that it changes the versioning mechanism itself, and thereby basically declares the TLS handshake as an invariant for all future versions and extensibility is only provided using extensions anymore. 2) Can you provide further explanation (potentially in the draft) why the Pre-Shared Key Exchange Modes are provided in an extra/separate extension? 3) I know previous versions of TLS didn't say that much either, but I find it a bit wired that there are NO requirements for the underlaying transport in this document. Previous version this at least said in the intro that a reliable transport (like TCP) is assumed, but even this minimal information seems to have gotten lost in this document. However, I would usually also expect to seen some minimal text about connection handling, e.g. is it okay to transparently try to reestablish the connection by the underlying transport protocol if it broke for some reason? Or it is okay to use the same TCP connection to first send other data and then start the TLS handshake? 4) Regarding the registration policies: I assume the intend of changing them is to make it easier to specify and use new extensions/mechanism. However, I am wondering why the policies have been changed to "Specification Required" and not "IETF consensus" or RFC Required"? 5) I find it a bit strange that basically the whole working group is listed as contributors. My understanding was that Contributors are people that have contributed a "significant" amount of text, while everybody else who e.g. brought ideas in during mailing list discussion would be acknowledged only.
- [TLS] Mirja Kühlewind's No Objection on draft-iet… Mirja Kühlewind
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Eric Rescorla
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Kathleen Moriarty
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Mirja Kuehlewind (IETF)
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Eric Rescorla
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Kathleen Moriarty
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Mirja Kuehlewind (IETF)
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Martin Thomson
- Re: [TLS] Mirja Kühlewind's No Objection on draft… Mirja Kuehlewind (IETF)