Re: [TLS] Industry Concerns about TLS 1.3
Andrei Popov <Andrei.Popov@microsoft.com> Mon, 26 September 2016 20:51 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C58D012B2B6 for <tls@ietfa.amsl.com>; Mon, 26 Sep 2016 13:51:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S_u2XMqfJeNQ for <tls@ietfa.amsl.com>; Mon, 26 Sep 2016 13:51:56 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0127.outbound.protection.outlook.com [104.47.34.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EBA612B2AE for <tls@ietf.org>; Mon, 26 Sep 2016 13:51:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=BdNhz0MEk3YY+fq4S8p+rDHEoEdSyJAHhM5brFm6+4M=; b=HaDnqkdDJSChoHXBchS3yTmTlQq8X1H/1b6Lw0iQ7fRyQHAk83FnMPVqwnvaVKZPy9rUYYtIsTLe2rYVIue+8b2kK00Few1gQW3oDcWfJu/XnYK+MZD9P8JoGQdKroekBXl4y5nyHZjjVU6hAjASR8C3UpyevR57EFKAlf9gdIo=
Received: from CY1PR0301MB0842.namprd03.prod.outlook.com (10.160.163.148) by CY1PR0301MB0841.namprd03.prod.outlook.com (10.160.163.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.8; Mon, 26 Sep 2016 20:51:53 +0000
Received: from CY1PR0301MB0842.namprd03.prod.outlook.com ([10.160.163.148]) by CY1PR0301MB0842.namprd03.prod.outlook.com ([10.160.163.148]) with mapi id 15.01.0629.018; Mon, 26 Sep 2016 20:51:53 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Xiaoyin Liu <xiaoyin.l@outlook.com>, BITS Security <BITSSecurity@fsroundtable.org>, Peter Bowen <pzbowen@gmail.com>
Thread-Topic: [TLS] Industry Concerns about TLS 1.3
Thread-Index: AdIU8WqWM9WBapZoQzyfqxiOaK25fQADrwVgABxJhIAADgIdgAAAS/+AAAFEjIAAAGtwAAAHxtLQAADiU4AAAeJj0AAFTeiAAI3SNcAAApKuswABKeXA
Date: Mon, 26 Sep 2016 20:51:53 +0000
Message-ID: <CY1PR0301MB0842D6846E280D155833F20E8CCD0@CY1PR0301MB0842.namprd03.prod.outlook.com>
References: <DM5PR11MB1419B782D2BEF0E0A35E420DF4C90@DM5PR11MB1419.namprd11.prod.outlook.com> <CO1PR07MB283F2C414B6478E993675DEC3C90@CO1PR07MB283.namprd07.prod.outlook.com> <394611bf-208f-03d3-620c-79aaf169645b@cs.tcd.ie> <4FC37E442D05A748896589E468752CAA0DBC66AE@PWN401EA120.ent.corp.bcbsm.com> <CAH8yC8kgYzYXwJ01NkK7WYxD-diponWEQOd+MNHssm+bLHE54w@mail.gmail.com> <4FC37E442D05A748896589E468752CAA0DBC699B@PWN401EA120.ent.corp.bcbsm.com> <CACsn0c=5vjzQmr=ah6sH1JzTj3peaKad7aCPertcqD4B2DLKiA@mail.gmail.com> <DM5PR11MB141941D8E156245A1CF6C911F4C80@DM5PR11MB1419.namprd11.prod.outlook.com> <126ee1b6-fc88-bf4e-c366-60d59a9b3350@gmail.com> <DM5PR11MB1419F8F0D0C80835C1DB49F2F4C80@DM5PR11MB1419.namprd11.prod.outlook.com> <CAK6vND_S-YRfY5mpvt_v_srNhdvYJkM8pVV84bywr9zMaYoE6A@mail.gmail.com>, <DM5PR11MB1419620B8BA15C7780F60669F4CD0@DM5PR11MB1419.namprd11.prod.outlook.com> <CY1PR15MB0778F7828DF1BB92D27E3C85FFCD0@CY1PR15MB0778.namprd15.prod.outlook.com>
In-Reply-To: <CY1PR15MB0778F7828DF1BB92D27E3C85FFCD0@CY1PR15MB0778.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-originating-ip: [2001:4898:80e8:a::1d2]
x-ms-office365-filtering-correlation-id: 809130ba-7c6a-48ed-f595-08d3e64ef23a
x-microsoft-exchange-diagnostics: 1; CY1PR0301MB0841; 6:UTNEBFgcsrcExkuyUJcs0/RIz4k712/5otHXW9DbGunShnd/sFVe/+2TqQhGZCSApR0UKpW8LNlyO7g2Dm5CFhpGquHCHHdEohyhWY/AtkULnh8UhP2dMegPFDc9CoLiRxM3cuLZdDemhLUtThatvbnHUQNXztwNTXW2feTcVPgRGgZ42E1bLuaYYIcnt+Kcw02oqHi68g7rhrEQPzHDOm6QYUouXiFm2oyW1aha5z1a7ia0YNTC/73/jAh7qIrnnH/O2lYc3VgpbiSd0jmMN9QhHmGKzehxhdwpSdbBnfcSBb6SfIHWJI1jLaNtUNrwbLEG40jl1+qFE1vUNgJ5Zw==; 5:6A9j/XLKSslobjI1WoH0pcvbnQPQAGUNm/M7oVTHQMOE8Cl2bTqyNY9YRizM4fjZg9Zzs16yDhzb5TJg5+sTLGg8w9dy+eHKdapa7gYf+e78gJNXD9yI7wlKh3PgGtmJzAdnbp4h22K8y9AA83xmCA==; 24:1EsTCu27aij5Ceh/ALOq8xO/DP9nS75DMwQID2wukNQImGUDMLRKAfy0Z8QF5qqcuW8wCOk7qaQ0k3MBZH9VQI9yyQyQVoEgm1NixyuAN4A=; 7:revC8RH7TeSzZjNJ5cOqjczohO49mjw6be6RMADv8XbygQ0qWb1ufFYIO+6WgsjMxc81hgIZRyn2S4/WzYcxEXErobvVRf4k14ps1qjE4kAMnr8bqVgfZrLEEKD02JlW1E2qt9wmTIgvvKbX+x8W4ZsSGSGrGc16padG4kvVP07xyWPXTghPv3mRx0fWJd9fUb4SPe76AcBLiOElU6DvXpEaIlQOi5mUacCnYx0TKRMKnQEOFP3ySaA8OQOIMsnnzzwua4Ef4qqLSZkw6BMGhGdaTIxjPQT0EhoqGWh0GpDjFek3D7WyMVO503A9xHRD
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB0841;
x-microsoft-antispam-prvs: <CY1PR0301MB08419BDFD891EB9E31CD95EE8CCD0@CY1PR0301MB0841.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(72170088055959)(192374486261705)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(61426038)(61427038); SRVR:CY1PR0301MB0841; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0301MB0841;
x-forefront-prvs: 00770C4423
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(24454002)(199003)(189002)(377454003)(13464003)(790700001)(93886004)(6116002)(122556002)(2950100002)(586003)(81166006)(81156014)(5002640100001)(102836003)(7846002)(8676002)(7906003)(10090500001)(15975445007)(19617315012)(77096005)(8936002)(7736002)(4326007)(11100500001)(19580395003)(74316002)(19580405001)(87936001)(2906002)(92566002)(3280700002)(86362001)(5660300001)(9686002)(54356999)(10400500002)(19625215002)(33656002)(97736004)(5001770100001)(76576001)(76176999)(5005710100001)(86612001)(10290500002)(19300405004)(3900700001)(50986999)(99286002)(189998001)(106356001)(2900100001)(16236675004)(68736007)(8990500004)(101416001)(3660700001)(105586002)(7696004)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB0841; H:CY1PR0301MB0842.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY1PR0301MB0842D6846E280D155833F20E8CCD0CY1PR0301MB0842_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Sep 2016 20:51:53.2729 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB0841
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gr4GXc30oUcfR5PaEQVM2QQf54Q>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Industry Concerns about TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Sep 2016 20:52:00 -0000
? Then I think your option is to persuade the regulators not to require TLS 1.3 for internal networks. ? So in my opinion, it makes sense to keep using TLS 1.2 internally. Won't the TLS WG stop addressing newly found protocol-level security issues in TLS 1.2 at some point in the future? I don't think financial institutions' internal networks can stay on TLS 1.2 indefinitely. Cheers, Andrei From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Xiaoyin Liu Sent: Monday, September 26, 2016 1:12 PM To: BITS Security <BITSSecurity@fsroundtable.org>; Peter Bowen <pzbowen@gmail.com> Cc: tls@ietf.org Subject: Re: [TLS] Industry Concerns about TLS 1.3 Andrew, Then I think your option is to persuade the regulators not to require TLS 1.3 for internal networks. Also, unlike SSL 3.0 - TLS 1.1, TLS 1.2 is not currently known to be weak or insecure, if properly implemented and not using insecure cipher suites. So in my opinion, it makes sense to keep using TLS 1.2 internally. Best, Xiaoyin From: BITS Security<mailto:BITSSecurity@fsroundtable.org> Sent: Monday, September 26, 2016 3:02 PM To: Peter Bowen<mailto:pzbowen@gmail.com> Cc: tls@ietf.org<mailto:tls@ietf.org> Subject: Re: [TLS] Industry Concerns about TLS 1.3 Peter- Outbound TLS connections require MITM for decryption. Inbound or internal TLS connections can be decrypted with an RSA private key under TLS 1.2. The PCI DSS is already requiring TLS 1.2 for financial institutions that participate in the Payment Card Industry. .BANK (exclusive top level banking domain) is also planning to require TLS 1.2. We're anticipating that a regulatory body like these will require TLS 1.3 at some point in the future. Financial institutions then have to comply if they want to continue to do business with the companies represented by the regulatory body (like large credit card companies in the case of PCI). -Andrew -----Original Message----- From: Peter Bowen [mailto:pzbowen@gmail.com] Sent: Friday, September 23, 2016 7:18 PM To: BITS Security <BITSSecurity@fsroundtable.org<mailto:BITSSecurity@fsroundtable.org>> Cc: Yaron Sheffer <yaronf.ietf@gmail.com<mailto:yaronf.ietf@gmail.com>>; tls@ietf.org<mailto:tls@ietf.org> Subject: Re: [TLS] Industry Concerns about TLS 1.3 On Fri, Sep 23, 2016 at 2:10 PM, BITS Security <BITSSecurity@fsroundtable.org<mailto:BITSSecurity@fsroundtable.org>> wrote: > we need a better option than TLS 1.2 that will, perhaps sooner than we might expect, be deprecated. I'm somewhat confused here. The concern over RSA for key exchange versus DH for key exchange would only seem to apply when the network tapping system has access to the RSA key, right? So the part of this about monitoring the network for external chat and such doesn't really change if the client is using TLS 1.1 or 1.3, as you still can't decrypt the connection just from monitoring, right? If that is true, then it implies that the server is at least somewhat under control of the monitor, so it can support TLS 1.2 as long as needed. TLS 1.0 came out in 1999 and is still now (in 2016) widely deployed. While I hope TLS 1.3 deployment is speedy, I don't forsee browsers dropping TLS 1.2 and earlier support any time soon. Thanks, Peter _______________________________________________ TLS mailing list TLS@ietf.org<mailto:TLS@ietf.org> https://www.ietf.org/mailman/listinfo/tls
- [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Yuhong Bao
- Re: [TLS] Industry Concerns about TLS 1.3 Watson Ladd
- Re: [TLS] Industry Concerns about TLS 1.3 Paterson, Kenny
- Re: [TLS] Industry Concerns about TLS 1.3 Kyle Rose
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 Dave Garrett
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Yoav Nir
- Re: [TLS] Industry Concerns about TLS 1.3 Yuhong Bao
- Re: [TLS] Industry Concerns about TLS 1.3 Andrei Popov
- Re: [TLS] Industry Concerns about TLS 1.3 Xiaoyin Liu
- Re: [TLS] Industry Concerns about TLS 1.3 Hugo Krawczyk
- Re: [TLS] Industry Concerns about TLS 1.3 Colm MacCárthaigh
- Re: [TLS] Industry Concerns about TLS 1.3 Hugo Krawczyk
- Re: [TLS] Industry Concerns about TLS 1.3 Ryan Carboni
- Re: [TLS] Industry Concerns about TLS 1.3 Colm MacCárthaigh
- Re: [TLS] Industry Concerns about TLS 1.3 Geoffrey Keating
- Re: [TLS] Industry Concerns about TLS 1.3 Eric Rescorla
- Re: [TLS] Industry Concerns about TLS 1.3 Thijs van Dijk
- Re: [TLS] Industry Concerns about TLS 1.3 Stephen Farrell
- [TLS] debugging tools [was: Industry Concerns abo… Nikos Mavrogiannopoulos
- Re: [TLS] debugging tools [was: Industry Concerns… Stephen Farrell
- Re: [TLS] debugging tools [was: Industry Concerns… Hubert Kario
- Re: [TLS] Industry Concerns about TLS 1.3 nalini.elkins
- Re: [TLS] Industry Concerns about TLS 1.3 Ackermann, Michael
- Re: [TLS] Industry Concerns about TLS 1.3 Jeffrey Walton
- Re: [TLS] Industry Concerns about TLS 1.3 Dan Brown
- Re: [TLS] Industry Concerns about TLS 1.3 Ackermann, Michael
- Re: [TLS] Industry Concerns about TLS 1.3 Watson Ladd
- Re: [TLS] Industry Concerns about TLS 1.3 Ackermann, Michael
- Re: [TLS] Industry Concerns about TLS 1.3 nalini.elkins
- Re: [TLS] Industry Concerns about TLS 1.3 Eric Rescorla
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Jeffrey Walton
- Re: [TLS] Industry Concerns about TLS 1.3 Yaron Sheffer
- Re: [TLS] Industry Concerns about TLS 1.3 Tony Arcieri
- Re: [TLS] Industry Concerns about TLS 1.3 Ilari Liusvaara
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Yoav Nir
- Re: [TLS] Industry Concerns about TLS 1.3 Eric Rescorla
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 Xiaoyin Liu
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Stephen Farrell
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Watson Ladd
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Jeffrey Walton
- Re: [TLS] Industry Concerns about TLS 1.3 Adam Caudill
- Re: [TLS] Industry Concerns about TLS 1.3 Peter Bowen
- Re: [TLS] Industry Concerns about TLS 1.3 Bill Frantz
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 Pawel Jakub Dawidek
- Re: [TLS] Industry Concerns about TLS 1.3 Ackermann, Michael
- Re: [TLS] Industry Concerns about TLS 1.3 Ilari Liusvaara
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 Brian Sniffen
- Re: [TLS] Industry Concerns about TLS 1.3 Ackermann, Michael
- Re: [TLS] Industry Concerns about TLS 1.3 Watson Ladd
- Re: [TLS] Industry Concerns about TLS 1.3 Hovav Shacham
- Re: [TLS] Industry Concerns about TLS 1.3 Martin Rex
- Re: [TLS] Industry Concerns about TLS 1.3 Pascal Urien
- Re: [TLS] Industry Concerns about TLS 1.3 Salz, Rich
- Re: [TLS] Industry Concerns about TLS 1.3 Martin Rex
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Xiaoyin Liu
- Re: [TLS] Industry Concerns about TLS 1.3 Andrei Popov
- Re: [TLS] Industry Concerns about TLS 1.3 Geoffrey Keating
- Re: [TLS] Industry Concerns about TLS 1.3 Viktor Dukhovni
- Re: [TLS] Industry Concerns about TLS 1.3 Eric Rescorla
- Re: [TLS] Industry Concerns about TLS 1.3 Viktor Dukhovni
- Re: [TLS] Industry Concerns about TLS 1.3 Judson Wilson
- Re: [TLS] Industry Concerns about TLS 1.3 Peter Gutmann
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Seth David Schoen
- Re: [TLS] Industry Concerns about TLS 1.3 Ilari Liusvaara
- Re: [TLS] Industry Concerns about TLS 1.3 Yoav Nir
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Michał Staruch
- Re: [TLS] Industry Concerns about TLS 1.3 Watson Ladd
- Re: [TLS] Industry Concerns about TLS 1.3 Tony Arcieri
- Re: [TLS] Industry Concerns about TLS 1.3 Ronald del Rosario
- Re: [TLS] Industry Concerns about TLS 1.3 Seth David Schoen
- Re: [TLS] Industry Concerns about TLS 1.3 Stephen Farrell
- Re: [TLS] Industry Concerns about TLS 1.3 Hannes Tschofenig
- Re: [TLS] Industry Concerns about TLS 1.3 Martin Rex
- Re: [TLS] Industry Concerns about TLS 1.3 Joachim Strömbergson
- Re: [TLS] Industry Concerns about TLS 1.3 Martin Rex
- Re: [TLS] Industry Concerns about TLS 1.3 Martin Rex
- Re: [TLS] Industry Concerns about TLS 1.3 Dan Brown
- Re: [TLS] Industry Concerns about TLS 1.3 Jeffrey Walton
- Re: [TLS] Industry Concerns about TLS 1.3 Yoav Nir
- Re: [TLS] Industry Concerns about TLS 1.3 Dan Brown
- Re: [TLS] Industry Concerns about TLS 1.3 Bill Frantz
- Re: [TLS] Industry Concerns about TLS 1.3 Melinda Shore
- Re: [TLS] Industry Concerns about TLS 1.3 Tony Arcieri
- Re: [TLS] Industry Concerns about TLS 1.3 Melinda Shore
- Re: [TLS] Industry Concerns about TLS 1.3 Tony Arcieri
- Re: [TLS] Industry Concerns about TLS 1.3 Bill Frantz
- Re: [TLS] Industry Concerns about TLS 1.3 Ryan Carboni
- Re: [TLS] Industry Concerns about TLS 1.3 Hannes Tschofenig
- Re: [TLS] Industry Concerns about TLS 1.3 Hubert Kario
- Re: [TLS] Industry Concerns about TLS 1.3 Peter Gutmann
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Jeffrey Walton
- Re: [TLS] Industry Concerns about TLS 1.3 Watson Ladd
- Re: [TLS] Industry Concerns about TLS 1.3 Tony Arcieri
- Re: [TLS] debugging tools [was: Industry Concerns… Florian Weimer
- Re: [TLS] Industry Concerns about TLS 1.3 Florian Weimer
- Re: [TLS] Industry Concerns about TLS 1.3 BITS Security
- Re: [TLS] Industry Concerns about TLS 1.3 Sean Turner
- Re: [TLS] Industry Concerns about TLS 1.3 Ryan Carboni