IETF Logo Mail Archive

[TLS] Re: draft-ietf-tls-keylogfile-04 ietf last call Opsdir review

"Salz, Rich" <rsalz@akamai.com> Tue, 20 May 2025 14:12 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E7D652AB3248; Tue, 20 May 2025 07:12:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.794
X-Spam-Level:
X-Spam-Status: No, score=-2.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com header.b="FkBWsMqi"; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=akamai365.onmicrosoft.com header.b="H/20rqKb"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q6DYXW25VrnM; Tue, 20 May 2025 07:12:42 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [67.231.157.127]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 4FD932AB3240; Tue, 20 May 2025 07:12:42 -0700 (PDT)
Received: from pps.filterd (m0409411.ppops.net [127.0.0.1]) by m0409411.ppops.net-00190b01. (8.18.1.2/8.18.1.2) with ESMTP id 54K9VTd9023426; Tue, 20 May 2025 15:12:41 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=jan2016.eng; bh=8LZyxXYBmQWSMNvpFgWiCY mVtBAEAaUCmesllJzP2+s=; b=FkBWsMqiikgKZ6uvaydgRel4AE3k5WDk1A/igM 0FQU8vrn0wzujL5bFnh/uJfHKvaLeRXZ8MqMKGMBLXSy8/BqTKYXSYS0ftpupccv g87Evhe2qPFEC6LCCdNn4GwOZVfd5nRF+D5u1hD8c1l6oe4ihm1rBRyAgvxgyemt rLzWNByq9RydxPTz3NODAF/73o10tZq01Z/khL6cOrO0kM1uIKy5DLjDMsdk1gLf VWKRBqgutC3Ws7zewSF7kQOt7FWSepwKmd6EKh7FSAXCmmCuDJNfgurhXf5KZIco cFd8RMefnpD6QzOF9FhFRayCaka36klgFUj7swoZLVpQDtug==
Received: from prod-mail-ppoint6 (prod-mail-ppoint6.akamai.com [184.51.33.61] (may be forged)) by m0409411.ppops.net-00190b01. (PPS) with ESMTPS id 46q3t3eh4u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 20 May 2025 15:12:40 +0100 (BST)
Received: from pps.filterd (prod-mail-ppoint6.akamai.com [127.0.0.1]) by prod-mail-ppoint6.akamai.com (8.18.1.2/8.18.1.2) with ESMTP id 54KBP0j4015348; Tue, 20 May 2025 10:12:40 -0400
Received: from email.msg.corp.akamai.com ([172.27.50.204]) by prod-mail-ppoint6.akamai.com (PPS) with ESMTPS id 46pnswupfd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 20 May 2025 10:12:39 -0400
Received: from ustx2ex-exedge4.msg.corp.akamai.com (172.27.50.215) by ustx2ex-dag4mb5.msg.corp.akamai.com (172.27.50.204) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Tue, 20 May 2025 07:12:38 -0700
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (72.247.45.132) by ustx2ex-exedge4.msg.corp.akamai.com (172.27.50.215) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Tue, 20 May 2025 07:12:38 -0700
Received: from IA1PR17MB6421.namprd17.prod.outlook.com (2603:10b6:208:3fb::14) by PH0PR17MB4847.namprd17.prod.outlook.com (2603:10b6:510:8c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8746.32; Tue, 20 May 2025 14:12:37 +0000
Received: from IA1PR17MB6421.namprd17.prod.outlook.com ([fe80::895c:51c5:a4ee:93d0]) by IA1PR17MB6421.namprd17.prod.outlook.com ([fe80::895c:51c5:a4ee:93d0%4]) with mapi id 15.20.8746.030; Tue, 20 May 2025 14:12:36 +0000
From: "Salz, Rich" <rsalz@akamai.com>
To: Martin Thomson <mt@lowentropy.net>, Jean-Michel Combes <jeanmichel.combes@gmail.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
Thread-Topic: [TLS] Re: draft-ietf-tls-keylogfile-04 ietf last call Opsdir review
Thread-Index: AQHbyRgfrtzT2yGH/EuMxkPTv3jO8bPbjnGA
Date: Tue, 20 May 2025 14:12:36 +0000
Message-ID: <IA1PR17MB64213F508BC59C164EE7A15ECD9FA@IA1PR17MB6421.namprd17.prod.outlook.com>
References: <174654656075.678918.2290707879730922068@dt-datatracker-58d4498dbd-6gzjf> <a11bc391-9f0c-4efa-a290-d853ff01d223@betaapp.fastmail.com>
In-Reply-To: <a11bc391-9f0c-4efa-a290-d853ff01d223@betaapp.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: IA1PR17MB6421:EE_|PH0PR17MB4847:EE_
x-ms-office365-filtering-correlation-id: 901926e0-8d64-4a22-dea7-08dd97a85f75
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|10070799003|366016|1800799024|376014|8096899003|38070700018;
x-microsoft-antispam-message-info: v20ozCjYz4EcGyWS5mtIVKB/4apnYWrSMddObyK76HQ6WT7ygufxlKibnlDDn9IaXwknq7vSajKZTp7JF5CAYbBmwPo9I2e2n1O6oWoPKTfYhithVtA+r6JpzMWXV50Qc+Tyr0OP8qGdMRnnitglOzQtN2PNFPNkIHCexwN70MfhRggVWq/pJT5C2ujZEu83Nayc7cFuLhGzCvFsWShkmytK+2ogfUED3aAZNZ3Cmwd/zZDVeyVjfuV41HPEHqD8LgHLrSj37tmyY46yvfYYzpaQZYAhzJg8NOnCRhNfwLw4Ad5vYp0S2ugz8qZXaVL+s3zOGZQWAf2whXYiaPgCdFG/gZbSeV880nM0mC5mp3/Cnmp0DiKwHWVyb6X/TCCELDmiG8dTWJrg0k/TS154j9/qzmIfUvPp8+DzlazsjNG2YDPYm4OoPsSBWVq5fT9NcT0DAbZhFFI5wjhRQizoz3UL/k2r8PBXDJRm9MdozasQRGnAgCRcqNJE6Dj6oXOOm07vS3Lhb1ql5Z6tgGOJcOl/3eDS7q0CFSc4GiMbKqnGyxCrb9+1X5tH83sdk9Ftmzx6Gy2Xf5xjbA7zynT4ehQWgZ4+JuSTFd1me22EhS10lDyxWREkzZj5BpyELngIOynkXEVN5z5hnz5gpfZRXiggPKGqyNdZ2lKLn57IPL5gt4xsjlj8zHqVxhN6eMFHQIweB8U4MnN20OwQJce6GBfbykyCgrcdO4MogN9zHQPZ4NtaMOzmAk6UC5kuawSIX3L61l+Kt7LI4z2z7RXh9lkLZIyk+MNw0xeBn3l79/++y6OfDoohJ4JCPi66WhGI64PIsc5BTIaXzeB42CeMLuycnTkdPqVPnlaVYiLECFp6u7iyclWm1RlB05ka+xaQMzfUehxjrFy49HVqykPnreyJN7QP2AkmK2wjPHBteVgdif0nDXkpIkElESxTnmuYRmmNpBU02uuwo9eYH22xRpU2OeZ7leqHSjcS/S7iYJQgJ0PU4fHoyK5QMK7jNPIDTV2b0K3NzPkYQDA0EMdZn7R0V7VcvVsBe37d/6VoPMh3qaOYuHg/LU6urdQFxeIGNIQroM1KiJYeTjUFM9tsTYjZtqbzzuRHx+5qrPX4VEVGU3CpclxuhbXAxMeEdsyjLHlX0M42Kch9LIT59W/KXn00aw35TE8EE3s4Un7s6PcCsg5huhjSPlk7dx9sQfWjqqr1XFyyMXTmfCFGxOtF3N+FOkRjKnxgO2fgsklLoJrolBiNQ/uINvQg5EdwJzxT6PPCSvvgxtTxehbyd7DVq3NsvJUjZLtbQu/MJrxQ0+A24jNH2NGo7G/N6YUyRjrD5mcYrDR/R+AQuuV8vCwlrofR9Rt0wNTNcmitUUUQVUvehkHQxHal9uyZVtS0ChqBeLeZ9GJeIaXWxQf6N+k2qDdRddBjLsRIx6kJj5la3IK8wHVZUK9cP2NhGtYzcH2euvIoy9UEcEErUPo4qewc3g==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:IA1PR17MB6421.namprd17.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(366016)(1800799024)(376014)(8096899003)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 3kESikaedukAzNGsA5YSxKr2KG7nRHx5GweTZz7kEm93O5OWoDTfO0Qpi2y7XKuD3xHZigNUiDgvPtHjOenC0iyZHVYf/xxY8V/VgOMTptupJYk2dkDN8RKcHvhwBYTXCZQWue+LyL4ajm1vVXN82LxPZm8ouA2PE/c2I4eOk+opW/AQpamQg0sPvwrazRcbuWWeiBk1EEDYRnQ7WlWk0ekFcEmXnoi3/Y3c+GCbUU22ne8wQWQGEpR0IKUqQBL/HgYIGtpl/MbQBCS/s0NRlHQpbiRl81ntWybi83meUnm/07AE0ho1O52dLhzSStq/nUEoIjpJRNqFd83kywypr9HHlC4JigV5wC224lAsFh0b/yhljAZx7Yjr3Nze4NiKsbzEe+DvBpGambdhINNbeV1ZqvhGHIdC5CFiEOLgpWhk/BFXs/vB+yBMPMie2AQSaJc3fHSSI0/tFZeBl6SFQgfGQNBOZtOQnQZX2v0ykRQ+RlyM+ixPUD/4eLeADTJTRgPnhxGSikfTXUq6kkiGcRzENDQpD4lAg9zm8IRj2w8r2+W/ClNf9LQULUyJc5ddMf8+fzQHtNrbm6b8saPoehfUIAKdJz8R714fxtfZu5+J51ynxnm+RnjN5060+RsTAnaSKT/+vBbJ2t1pmeMMtLz5/Bfk70mErN+nbnUe4MnuPiISKBEjpH4aMISJyJ5yFamDcpmk2Sd2jGP2t83IBTLAWeD8esRdc4XUV7RNqUybn2I3xDH7Q/4KmJdylBpOEw11OLq/E8y813f24MFwIFbFZqn0ddJxr0KMLpL0uvXHxY4JdWOrd17hYvE7NnVpJITBI7FafaQWPLRRIp5MVhU/4d/Sr1bODp697kAudRO/fDGxl0xROPqRRwEe2DqNDmwGMgpldTAX2vnaP3SL8QSGdng1HvzG02G/xTq05r2XhlSywnNs2dnIXzsD/Lxe9UlzqG0bwb5jU5rElRaAowRz/aFKJtFwlS14f8/TvTsJbMdYHFy6UNs3Vya93e8W/e9XCWMGGYWDsD6BOQvoZdZBlVk6hOECNLhC7XCJ2CgbrlGqzxs52z2wbMuWgmFub+TJJbUAeujDAkE7mu1YMysA1QuyBKdrEIVv53M75+9QcY8VHo6yT7+vkmGX1j0R3JXh+9hRB67+tq+z0OohwUUE2KamcuCGEEAIHre9Sgw4829iSbD/6mKwhuE3XjzyJIerGXdwqs7Kq/unLPnIhkA8/n+pCuO4OjCmg7iMAU8ddwtKIlocFz5zwjaCqf7YsRcVjQiC3UZ3Mt8+WohuPJVEcyuemt7sIKgJnTCLqFQLsw5IGuWmDuf4bdO/JjOeIr4sEZyISgb33JMny6CvK8sRlIPgzYVfgVtg0k/DNV83ZZ2d5inT51sU7Gn0/Iv/9Y3eFSqceJOHjRvJpx9Kmzy+dq4oauraf9BECcGWNjAJH9GPA2+bLTH0XTKiWvLLGHCk+P16uKfddF6c0TEj+sl0ECICr8P7ovbo2tj54QEpbgyWA8SoqxrV0aHGDerUVMxmEFzLdYI+c3GYzYot3WUbdzf+GqQAVO9zrBQqORbJXqNUgVZd5I6m0NHSDHl37zOwtqPLsDjdY2T4wZr2lrdUgXvFmwSXqBJRMGg1Y59H6ZdxQtBRtDnI1zmqKFcD
arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=j7F6HuTG92JfxHnfUXz68rudj74YVMO6pd9grwqs6bD++MrrPQ3vPrYhm/Z/St2vsSdwv9Lpwz72TXyMDioF09wcw346slFTBkfvo0iW7kCijIrId2TNuln6GaXf8fSiJtKUNZ3TsdkZtvpMBVANUHA3iYrEeN7ZgkRjlEpuWDvlu/e60dH84rHuJ8HjZH9Qq5tpHoq+YLtmtF7uxOUWy/kj7eAF5qIkFCJ6bPurKSgljzSLlVZhsQdk/KXmOHBfl62NRf3XI8xzKu62gMirqwPqJFhlugpD2OwVtaJ1MOj1nxFQYR2nCMyiupBeGBNCVsg91iDJt+hf7+DDH8oKRw==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=L3HvjIZmFvKn3Y+hTfEEINVwrpYTOZf+5btr3Of3Szo=; b=wu+ffUNJ32mJBy7hc6Mp/DtQRWvEcVz1vIOyhe+M76YM/9bwbYJO6t5PrhFgtgYMZrVd5/skokeWG5vhpD9pCuNDr81qtIBIbx5+PTxxR1fawL/+nvFU7eDO1mbFj1YcOri+XfaGctgA9zPAsdMHxoN8rdXQmcjbF7ZWviAtZX08M62efaivYIOkvnSewbXm60by7Xzfj+NObr3nw2qwkF53w8Ku/b63GDib2OCIyRHbb7F2yu/rXv/5QMYc61iI24M1yqbFGdv6xp7T11mm1PBGSmWJob+9F7Ce/W/qdWrzYb0nmGgMqXPdVMM3EiX6/b0AZTqEJkRDJQ6haLWxPQ==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=akamai.com; dmarc=pass action=none header.from=akamai.com; dkim=pass header.d=akamai.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai365.onmicrosoft.com; s=selector1-akamai365-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=L3HvjIZmFvKn3Y+hTfEEINVwrpYTOZf+5btr3Of3Szo=; b=H/20rqKbTn8F+LgW8it4GLEBJgmwjnUoygxbxwCydc1ZS2LPutPkDJrUNC7mdPL/Rt0QsDBLYfcKkdhit+XshqsE1+rtxM8k6FCZWsi7h0ITR86apcYJiM1lNkzsYi9wRX7twX195Y0xcIeIF9oKSYkKgzPy0D5tbhCerclh4QQ=
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: IA1PR17MB6421.namprd17.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 901926e0-8d64-4a22-dea7-08dd97a85f75
x-ms-exchange-crosstenant-originalarrivaltime: 20 May 2025 14:12:36.7772 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 514876bd-5965-4b40-b0c8-e336cf72c743
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: 6wiVkrJ1CGLGnHLqp96AwEBC0H+CPpK44z3mN+xBXYlWbJJXq2ytlkUX21+KrQWFVAZ0WKLYo/bW4LZrLv77lw==
x-ms-exchange-transport-crosstenantheadersstamped: PH0PR17MB4847
x-originatororg: akamai.com
Content-Type: multipart/alternative; boundary="_000_IA1PR17MB64213F508BC59C164EE7A15ECD9FAIA1PR17MB6421namp_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-05-20_06,2025-05-16_03,2025-03-28_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 mlxlogscore=704 suspectscore=0 adultscore=0 bulkscore=0 malwarescore=0 mlxscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2505070000 definitions=main-2505200113
X-Authority-Analysis: v=2.4 cv=CvO/cm4D c=1 sm=1 tr=0 ts=682c8dd8 cx=c_pps a=WPLAOKU3JHlOa4eSsQmUFQ==:117 a=WPLAOKU3JHlOa4eSsQmUFQ==:17 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=wKuvFiaSGQ0qltdbU6+NXLB8nM8=:19 a=Ol13hO9ccFRV9qXi2t6ftBPywas=:19 a=xqWC_Br6kY4A:10 a=dt9VzEwgFbYA:10 a=g1y_e2JewP0A:10 a=xASCH00wzqdIpZ6hXYUA:9 a=CjuIK1q_8ugA:10 a=ZXulRonScM0A:10 a=zZCYzV9kfG8A:10 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=BqHu06zSdFTnzAdfzvMA:9 a=qm73_t-AbQ_osE_5:21 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=frz4AuCg-hUA:10
X-Proofpoint-ORIG-GUID: 7d7CvihKQxmjHKHprcxRRYpZha6OwCUc
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNTIwMDExNCBTYWx0ZWRfX4GxUAKbeFgRe msLYQi5PH+kcOESrNThgXYJa019ubekBtEYUmkac9wmW13N41EC9F9BDLNng5hK2ihZ4828caLV zunGBe9aj2ai4cN9XoXcC/X1Dw1JPewdllCivOOyC3rkBJVsgKPi6sI4RTAyfBxeJe5efCNlew3 T/3fmUO0fXoULqQ4tf/X5rejUwzGI87550keaphU1F40URfm9fWgjNRvd3bQ8Hq04E3jsU1+0XS GzGIKb5NaqtLToWoaZFjR0q88nIeYuM/sCLIFv7xR47QoI04usxuijx9rFIM22IRguiuWswmNAk YDor3As/bcFNXq8/v4/tKEWs6gnZRQkmnvzpijs1wEkxNYt/7TkIQVRYvfo/0y2J8EVH8L90SB2 LAaegWHNEimuokVkaEr2Qs0qAWQyjLdQz58o7OmUTf9+W4jC2MujU07vj0lUTCbMIzIGSlJR
X-Proofpoint-GUID: 7d7CvihKQxmjHKHprcxRRYpZha6OwCUc
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-05-20_06,2025-05-16_03,2025-03-28_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 bulkscore=0 impostorscore=0 mlxscore=0 phishscore=0 clxscore=1011 priorityscore=1501 lowpriorityscore=0 adultscore=0 mlxlogscore=524 malwarescore=0 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2505070000 definitions=main-2505200114
Message-ID-Hash: 7OO4TBRSMCN57QW3WEXS7PGCDSNYDFBM
X-Message-ID-Hash: 7OO4TBRSMCN57QW3WEXS7PGCDSNYDFBM
X-MailFrom: rsalz@akamai.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-tls-keylogfile.all@ietf.org" <draft-ietf-tls-keylogfile.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: draft-ietf-tls-keylogfile-04 ietf last call Opsdir review
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lLIL3RHFrXZfdTriTrIhVclZMrY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Recall that you need both the key log AND access to the TLS connection itself.  That needs to be in real-time if you are mounting an attack that involves modifying stuff; or packet captures if you just want to look at the content (like with Wireshark).

This is an important point.  In the security area, dividing things into *two* parts is a very good thing.

Either way, I can't see how NULL encryption is ever better.

Strongly agree.

My networking colleagues tell me that routers generally store certs and private keys in plaintext and you have to upload them that way.

v2.41.0 | Report a Bug | By Email | System Status