Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Ted Lemon <mellon@fugue.com> Wed, 19 July 2017 19:26 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D298D131BA7 for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 12:26:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x_QJdGg0gRrf for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 12:26:16 -0700 (PDT)
Received: from mail-pf0-x230.google.com (mail-pf0-x230.google.com [IPv6:2607:f8b0:400e:c00::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF62C131BB4 for <tls@ietf.org>; Wed, 19 Jul 2017 12:26:15 -0700 (PDT)
Received: by mail-pf0-x230.google.com with SMTP id s70so3611446pfs.0 for <tls@ietf.org>; Wed, 19 Jul 2017 12:26:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=FHiFSATwM6LnND+reBDLuzkgf1TZsGPSbgP7aqgBZ0Y=; b=Ris2CWa6HRA3XfvpTTJZqSdW1NFKXKvjOQnj/VCfUem0dUzyOehYPvQPA1J9QjUC+6 JGbQIg7ZAHd3tDKWAsIbSBWtz94B4FBSzWAdc0EwcUtCoizupJdLig+Q79M2SJ7EyxGt z8VXH/tJF4tF9HaS46Bz5lfa0XVjtU3pBa1VPETXzzFbyNgtKdVx2Kphk6peDrEQQsdA SYHC+qe9alyMXJ4KbbtRMWLhyY3/5kkU1/q9wpClfJkYUDqD31vZFM6dFTjBSnOejuzX A5XdVaRIgU+ioQAzoXWTigO84tQWD/qbxaJOBdDDOdu/qhPhFHRHihSZ7LBm2OsXbYLd 6p5A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=FHiFSATwM6LnND+reBDLuzkgf1TZsGPSbgP7aqgBZ0Y=; b=JHedM+Q9Q1dqs78j3mkwjGjLqrQ1IdymHWsSaWZV6hA3rqfouUS8s3BPOCjCbhAeA/ C5er9rlV2ZwxOeDT28ktq+p9oOdVmoENEJd8pbyXxfZZOKzYAWdUxpasZQboREvyGyUv sBlCz1Hl101+2FJr7ZQq7ufIOPwvdgk0yB9B6pa0WDlv1tNAm8tPd9/RuekIOxHpBN4e qs3BNmd6bnQlqcN2wUTF4NFKunACyxYiGi5jB16Eyr/iQJF1C+D0em0YgNnR7C3AyCWi wuP2bPxLtjFdpNPepRAwwETtfLBBTOTxEMNrmHzilbkeA9eqWKwqHMSKETUTb1ByM9jc 1Yqg==
X-Gm-Message-State: AIVw113oazHvKGIUm8KnHjPJ7BAdb/bYZeaIZF780TtYa7NVmK4RLWcK YuOV1LD00BMixy05iuCpQfd5IIpLsZiP
X-Received: by 10.84.238.204 with SMTP id l12mr1329677pln.300.1500492375426; Wed, 19 Jul 2017 12:26:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.181.42 with HTTP; Wed, 19 Jul 2017 12:26:14 -0700 (PDT)
Received: by 10.100.181.42 with HTTP; Wed, 19 Jul 2017 12:26:14 -0700 (PDT)
In-Reply-To: <0D618507-AE9F-4758-B3A4-646297D4DB96@arbor.net>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <72BACCE6-CCB9-4DE9-84E6-0F942E8C7093@gmail.com> <a0a7b2ed-8017-9a54-fec0-6156c31bbbfa@nomountain.net> <6AF150DF-D3C8-4A4A-9D56-617C56539A6E@arbor.net> <CAN2QdAGRTLyucM1-JPmDU17kQgAv0bPZNASh54v=XoCW+qj48A@mail.gmail.com> <CACsn0cnc0X5++cOvTNsboda8J42qg3VDquZ4Va-X-YDcggnbvA@mail.gmail.com> <7423703D-5277-4F78-A2ED-1B7E152E7B08@arbor.net> <CACsn0cmo0HXBj7MidTTwkgE+Hwed9SrEODSzN8oURzQHJTW1aQ@mail.gmail.com> <E5BF12C2-B79A-444B-B4C2-90D28B40CCAC@arbor.net> <CACsn0c=_OT8R6SSr0P3RvT7Qx+smfz1DAKjH9Gni+jM8Ue4v5A@mail.gmail.com> <CAAF6GDc9e9TGWVaOjdb83AFH=z2kt41Rje+r4Ureoc6KVgEUJg@mail.gmail.com> <B08F0D98-FAE9-494C-AA96-4CE89792B770@ll.mit.edu> <CAAF6GDdSnCggfsrSG68An348ngR+fcb+9nQcKvJJGFtxg8NzJw@mail.gmail.com> <FDC8499C-FA96-4992-B1F2-C90F6154856B@arbor.net> <9A49F3C7-DEC7-4FEA-9017-B48DAC1D1446@ll.mit.edu> <2FAFADF2-F791-406B-9519-EAB266AC2FCD@arbor.net> <1CA52ED8-3119-41CD-AD51-EA5DC7B77ADD@ll.mit.edu> <AF2CD715-DAA8-460D-A448-FB2DFF42096F@arbor.net> <03E785A6-5C65-4DB0-AFD7-65DD7B4C94B1@ll.mit.edu> <0D618507-AE9F-4758-B3A4-646297D4DB96@arbor.net>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 19 Jul 2017 21:26:14 +0200
Message-ID: <CAPt1N1=i6VYXs1LhGqRFXB869+wHd5fg+4cVvtyofOutPakAsg@mail.gmail.com>
To: Roland Dobbins <rdobbins@arbor.net>
Cc: "<tls@ietf.org>" <tls@ietf.org>, "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Content-Type: multipart/alternative; boundary="f403045fdf9c069ae50554b09b29"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/iwTyOvdNmkHHnd03Htq_q7Rej6Y>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 19:26:18 -0000

So is it an accurate assessment that the reason you aren't using ipsec fur
this use case is that the APIs suck and your engines don't support them?

On Jul 19, 2017 8:41 PM, "Roland Dobbins" <rdobbins@arbor.net> wrote:

> On 19 Jul 2017, at 20:37, Blumenthal, Uri - 0553 - MITLL wrote:
>
> I keep telling that this pool is drying up.
>>
>
> The organizations who need this the most are already working in all-crypto
> environments.  Nothing about that pool is going to change.
>
> -----------------------------------
> Roland Dobbins <rdobbins@arbor.net>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>