IETF Logo Mail Archive

Re: [TLS] RFC8447bis

Martin Thomson <mt@lowentropy.net> Thu, 19 August 2021 14:18 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A7003A1B6C for <tls@ietfa.amsl.com>; Thu, 19 Aug 2021 07:18:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=RggyDC9G; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=KGRp2BFc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v3i5syj61bMd for <tls@ietfa.amsl.com>; Thu, 19 Aug 2021 07:18:11 -0700 (PDT)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88D483A1B68 for <tls@ietf.org>; Thu, 19 Aug 2021 07:18:11 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id 0DFE53200A3B; Thu, 19 Aug 2021 10:18:09 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute5.internal (MEProxy); Thu, 19 Aug 2021 10:18:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm3; bh=kbrBRCO9+PNHdy8ILoMZ8xYBtt3v mk3AZC1yRIh72Uo=; b=RggyDC9Gc/42XdAqQI43htIYh2uLHNW+bc1zUVsMKxNA Djjut1JCPisCrHi2N7SJt48wUv8NRTrcisD3Hb9njQZhaYfRsADKtpa1nQM7sA9s BYmUmOaW7DeiAzYOEfqiPf1GclyIDkZg4XyGVilDCcsYReWjPgOcs4cpMX6lRZvi K4pLaPMOKk4TFfvd3DwZUczlAkOOVb13BDqKeMaAwYcoq+1FgD/APl96da8I5yNW kUMn1hISRa/AZvHSD4hx/CNFKItH7xZIlvfO3edOkK9UGJZmkQ3EbeoZhUCho6gi HUFpRDlB4RBQFbt3fiZ9MDgn0FB8ysyJYyxlUMTLHg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=kbrBRC O9+PNHdy8ILoMZ8xYBtt3vmk3AZC1yRIh72Uo=; b=KGRp2BFcVOALvnFa8c9Euj j+W1KyaZFjugFXCkIqVg3hAfpa9KZF7O5AhXRfdo6oNI+aeOfNGRZeM8UjmQJxaM 4IOUTIcNkf34PppofA26pWnhvtpK+3iV59eehYUd2syszKf11bVmXkwPuG7S5nlF 2o6wQpRDe3d6K5KtvyPHoongwAPUSRczEeGQMb89lb3d5ArBBoy96xdA9LYnddon Ac+9uuWRp+kd/8+4HGGhHCHaSNymJZg77cwSElonq/WNATHkVrHuwGZoZv/Qy0LZ Vvh4wlolYx0w6MGpj7buPaDsISDJgoVYnYt6IVrnpWDlTqZn2cKvHvJ+TUyAQqTw ==
X-ME-Sender: <xms:IWgeYXvzdrEzEGMILAJ78QmuU4HzUwggdDxrWbFD3KU_aeH93Kj1zg> <xme:IWgeYYdJwNW557vu6qF4nOmzSmubYmRE5AOAJH-gJJf8or7TS_u-hvOQoXdmYbGJ5 aGeub2pxuR9afplEWs>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrleejgdejfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvufgtsehttdertderredtnecuhfhrohhmpedfofgrrhht ihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucggtf frrghtthgvrhhnpeekteeuieektdekleefkeevhfekffevvdevgfekgfeluefgvdejjeeg ffeigedtjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhroh hmpehmtheslhhofigvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:IWgeYazwwpY85r7t7jJ4s3FtLu4eodDvVhxMfs0qw6C20bJKTuhn9Q> <xmx:IWgeYWNtrqAWem6HQi04gteB4-FFqTGLZTBDhd-LNEFoP_Czd98ZjQ> <xmx:IWgeYX9JEw6JajshqTHK1MNgiWFceNCZxXYUaQNZ1-yY6QcysX6GJw> <xmx:IWgeYUH3xEf6jrgSi2hkoXzDCjHoiBKvuLL678ht58BKY5eNM0IBYg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 034C53C0F7F; Thu, 19 Aug 2021 10:18:09 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-1118-g75eff666e5-fm-20210816.002-g75eff666
Mime-Version: 1.0
Message-Id: <27e99896-c92e-4364-939a-803327a1f2d4@www.fastmail.com>
In-Reply-To: <49CEC64F-D7E4-4FAD-B1E5-2C7F04381CA0@akamai.com>
References: <b2a65504-4d9b-40bd-b0bb-3b2fa5d37f26@www.fastmail.com> <03560d15-6b48-435b-a509-7cbebce153b9@www.fastmail.com> <2760D629-9990-45F4-A9DE-B41B7698E9CE@sn3rd.com> <d17461d5-9ac6-4f8f-81ed-c65aba6870b1@www.fastmail.com> <49CEC64F-D7E4-4FAD-B1E5-2C7F04381CA0@akamai.com>
Date: Fri, 20 Aug 2021 00:17:47 +1000
From: Martin Thomson <mt@lowentropy.net>
To: "Salz, Rich" <rsalz@akamai.com>, Sean Turner <sean@sn3rd.com>
Cc: TLS List <tls@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jLXscDQqFHuTxPOWQzGV4u0vHS8>
Subject: Re: [TLS] RFC8447bis
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Aug 2021 14:18:17 -0000

On Thu, Aug 19, 2021, at 23:14, Salz, Rich wrote:
> I understand this concern. I am sympathetic to it. But perhaps 
> large-scale experiments on the whole Internet aren't the scope here?  
> Those kinds of things seem to ask for an early allocation. I am 
> thinking, in particular, of some GOST/TLS identifiers that weren't 
> quite right.

Nothing wrong with due diligence before allocation, or even a little reticence.  But I'm also concerned about people putting these ranges in their code and doing something special with them.  Like "this is experimental, so we will ignore these always" or similarly silly things.  You don't need to have a reserved space to say that a particular codepoint is temporary.

v2.23.0 | Report a Bug | By Email