Re: [TLS] TLS Charter Revision

Eric Rescorla <ekr@rtfm.com> Fri, 13 December 2013 01:24 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12B291AE167 for <tls@ietfa.amsl.com>; Thu, 12 Dec 2013 17:24:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Ypkwis6lL9D for <tls@ietfa.amsl.com>; Thu, 12 Dec 2013 17:24:38 -0800 (PST)
Received: from mail-wi0-f174.google.com (mail-wi0-f174.google.com [209.85.212.174]) by ietfa.amsl.com (Postfix) with ESMTP id B42D31AE166 for <tls@ietf.org>; Thu, 12 Dec 2013 17:24:36 -0800 (PST)
Received: by mail-wi0-f174.google.com with SMTP id z2so425893wiv.1 for <tls@ietf.org>; Thu, 12 Dec 2013 17:24:30 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=Wfg63fSZUz0cufWt7uddygjMJfskTcg2C0n5gGXYdlw=; b=dNn1MMjCEq3SCsQgL9CIlccbGdT/jD7162o+U2qvx4X62kcm3a4hRuvy8oy/Z9FbK4 AM98HzzrJ/JuulUEgcCWrSr7wf50ZFAocXjsMfL2AvHZ1jef8LlIiP6Z5WRnKbrx1CVe BxTrazXlg+a0dq9R1JJB9Wdi0AX+bQNJA8+xTL12NWlTb8pAKFbIvsuVqOkgDqxmfnbZ uj8GvhZtG9OV8iM0uUvXC4mmpG8bk3NMPxGI5nh+SrSFBoz5sjvLME3T4RRRhLdSAVT+ wVPj+ZWdHw7ejyNw0boix50oStUGTFaafGjy8SselITsSLQPUCzC+j2Frv1yX1AVleIY tvWA==
X-Gm-Message-State: ALoCoQnjln1ZRRtznTVmshylqIgmzPi2HAYyaW6p/RLnQd299nmVdlAWtkA90dBhU7OV5r5vSD8r
X-Received: by 10.194.60.103 with SMTP id g7mr8966378wjr.37.1386897870156; Thu, 12 Dec 2013 17:24:30 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.54.194 with HTTP; Thu, 12 Dec 2013 17:23:49 -0800 (PST)
X-Originating-IP: [118.163.10.190]
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C711E42D63D8@USMBX1.msg.corp.akamai.com>
References: <2F2286E3-7717-4E8F-B1EA-B2E4155F7C17@cisco.com> <CACsn0ckzA9hd3+zTH5FNNBbPAQqUqaXD8_Z35a8vKEG6WjXbTg@mail.gmail.com> <53edda7bf2804289817f54a8c2ecce33@BY2PR03MB074.namprd03.prod.outlook.com> <2A0EFB9C05D0164E98F19BB0AF3708C711E42D63D8@USMBX1.msg.corp.akamai.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 13 Dec 2013 09:23:49 +0800
Message-ID: <CABcZeBNPWZfnO4vdB9gbpf8nU9E5R=PO+gcsY9Vy6qxFukYPBg@mail.gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] TLS Charter Revision
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Dec 2013 01:24:40 -0000

On Thu, Dec 12, 2013 at 11:22 PM, Salz, Rich <rsalz@akamai.com> wrote:
> I agree with Marsh that PFS should be included.

Can you elaborate more on this? TLS already supports PFS, so are you
arguing we should maintain that support or that we should strip out
all non-PFS cipher suites (see the thread on static RSA...)


> I am concerned about the 'political' emphasis on reducing round trips. One of the arguments heard I hear against 'https everywhere' is that the extra round-trips' cause too much latency and impact customer's web experience. If we can work to reduce RTT without sacrificing security, then that's great and I would like to see "while maintaining security features" or some such added.

I have no problem with that. I would have thought it went without saying
but I'm more than happy to have us say it.


> I would like to add a bullet that says backward compatibility with previous  versions is not a requirement. Given all that downgrade fallback issues that continually arise here, we should strongly consider if the right thing to do is just break the chain.

I think this is actually backwards: it's precisely having some sort of secure
backward negotiation that allows for clean deployment. The problem is
that people have screwed up those mechanisms. If we just do a clean
break there is no chance that secure version detection will work.

-Ekr

>         /r$
>
> --
> Principal Security Engineer
> Akamai Technology
> Cambridge, MA
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls