Re: [TLS] TLS Charter Revision

"Salz, Rich" <> Fri, 13 December 2013 14:06 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id DEC091AE285 for <>; Fri, 13 Dec 2013 06:06:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mp4sp8sl4kM5 for <>; Fri, 13 Dec 2013 06:06:10 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id A9B371AD6BF for <>; Fri, 13 Dec 2013 06:06:08 -0800 (PST)
Received: from (localhost.localdomain []) by postfix.imss70 (Postfix) with ESMTP id F1C63482C0; Fri, 13 Dec 2013 14:06:01 +0000 (GMT)
Received: from ( []) by (Postfix) with ESMTP id E5232482BC; Fri, 13 Dec 2013 14:06:01 +0000 (GMT)
Received: from ( []) by (Postfix) with ESMTP id C65FE2FD51; Fri, 13 Dec 2013 14:06:01 +0000 (GMT)
Received: from ([]) by ([]) with mapi; Fri, 13 Dec 2013 09:06:01 -0500
From: "Salz, Rich" <>
To: Eric Rescorla <>
Date: Fri, 13 Dec 2013 09:06:00 -0500
Thread-Topic: [TLS] TLS Charter Revision
Thread-Index: Ac73ohcPHm+8nAS4TCKUmzXBUPZLqwAag0Gw
Message-ID: <>
References: <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "<>" <>
Subject: Re: [TLS] TLS Charter Revision
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 13 Dec 2013 14:06:15 -0000

On Thu, Dec 12, 2013 at 11:22 PM, Salz, Rich <> wrote:
> I agree with Marsh that PFS should be included.

> Can you elaborate more on this? TLS already supports PFS, so are you arguing we should maintain that support or that we should strip out all non-PFS cipher suites (see the thread on static RSA...)

I think we should have an explicit discussion point if PFS is a MUST or a SHOULD.

>> I would like to add a bullet that says backward compatibility with previous  versions is not a requirement. Given all that downgrade fallback issues that continually arise here, we should strongly consider if the right thing to do is just break the chain.

> I think this is actually backwards: it's precisely having some sort of secure backward negotiation that allows for clean deployment. The problem is that people have screwed up those mechanisms. If we just do a clean break there is no chance that secure version detection will work.

So do we think the problem will be solved this time around?  I don't know, so I guess it goes into the discussion threads.


Principal Security Engineer
Akamai Technology
Cambridge, MA