IETF Logo Mail Archive

Re: [TLS] Call to Move RFC 8773 from Experimental to Standards Track

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 06 December 2023 21:00 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F21CC403995 for <tls@ietfa.amsl.com>; Wed, 6 Dec 2023 13:00:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s5D4X-DVg_-r for <tls@ietfa.amsl.com>; Wed, 6 Dec 2023 13:00:52 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on2117.outbound.protection.outlook.com [40.107.8.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2955C403993 for <tls@ietf.org>; Wed, 6 Dec 2023 13:00:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AiuUzZAWa46w4vtVho//9JLzUKseT5TJtTYlOv04fr51rEOiXVVw4b8xFvnKdcdlNPiLegV6czSv+IMJr0PD3G4mmhAfJ2KNWXngg/74PrLHFN7BWi4eUZRJyBE6sUureoY7E4TW+rh3MvoAVTLvvEKXG4FswFy7QasEFsrGNzq8Osog5eQqwzImTKAjaHPspdUqGbeX+lKyIU7/k3kPxcHqgQFSj/kWRLj13GoqRhQFRtqc8zWINoN06054NEALPU4hn176uLfqLHMD4m+Ulb5x/DL2+xm3fGQfMjOeRvYbmzPFIqqTKtbWbEjuUw1MLYvQWuOT+s1xlcB3V7EeTg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vKqlFNL9xD0QCwX0k18yKMM+XNz211Rybjnd2PL4lhM=; b=UFU0QaAMTiih06kvTZPfPZrtZ+BhtmkYO9UYIYEeGn0nmdgNv6uYNrvyFmVSmruFn8f6skIwCa+sAN+yu/qJiHLy9IHFYcORx681p3/ISkBUgfg/w6T/hxq+t4Amff3D/dhyXSk3XdwgwnB6ofbrvQQHXiLKdkRrxOb+BAgV9rcB6FkD8yZnd/2hFMUuqu99QBTHldD3Lb7tLkPoDK2St7i7yAURqKR2Z8B+/+h5p3x7/0VR7lKGY9xHh1jLn66INwJa8i7hggKRZRQL/2eXtAYXt5dKN6/ZVjfXF26jMkiQiNaYPh08NMCRslXzVQN2APkbD0Hi6SI6fwpxnZSGOQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vKqlFNL9xD0QCwX0k18yKMM+XNz211Rybjnd2PL4lhM=; b=KDYVAoFnIj4KlrhBQhhfR3Qj4J7PHZ08p5sge6GbzZGOU7JOhUbdyd31YktsYDINvlbUIdK5A/ZNANJ3rBT4An4V1noLaEknJKy2JV2gfrGtNLoItZ6qkhuaL5DzyxTcmq7rndEAmKPG67F6xrSf2EQyKwzBqyMdmEQdnbS8/EbL3n4pu+1+K97UtA9o7scgunbhZVkSXqInMGyRw9BWI9k1ttJr0sWApxc7jcd7dB9iiRfTqtbZ3mrvPupnH5FSmmYPIfKJIWc1lnU6DA1uXjgJu3l9IjLz0nj+Zb9MPgz+ob5QbBsg/ZemR6aBq7AWzSPoyXRCmQ8obOK2BRmdNg==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by AM9PR02MB6900.eurprd02.prod.outlook.com (2603:10a6:20b:26a::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7068.25; Wed, 6 Dec 2023 21:00:47 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::d7cb:f7b5:ad53:c139]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::d7cb:f7b5:ad53:c139%5]) with mapi id 15.20.7068.025; Wed, 6 Dec 2023 21:00:46 +0000
Message-ID: <a3d5a39d-8d8d-4bb7-9a4e-92894e6f281c@cs.tcd.ie>
Date: Wed, 06 Dec 2023 21:00:45 +0000
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Russ Housley <housley@vigilsec.com>, John Mattsson <john.mattsson@ericsson.com>
Cc: IETF TLS <tls@ietf.org>
References: <CAOgPGoCV9VQD+hqtorrRGi8+2V6dHfKr_ifAwUzECLVzJE=ZHQ@mail.gmail.com> <aacbbdc4-fb28-22cd-1fbd-a1c6b844f2ee@lounge.org> <GVXPR07MB967852472870E05C04FB70F68984A@GVXPR07MB9678.eurprd07.prod.outlook.com> <4BB96C09-1EDD-4D58-8491-86623E93369F@vigilsec.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <4BB96C09-1EDD-4D58-8491-86623E93369F@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------HllikzMbbPt09ze9gof6tsDE"
X-ClientProxiedBy: DU2PR04CA0043.eurprd04.prod.outlook.com (2603:10a6:10:234::18) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|AM9PR02MB6900:EE_
X-MS-Office365-Filtering-Correlation-Id: 49f8aeff-fed1-4525-0fbd-08dbf69e6b2b
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: REcB00l6GIwLUrwzIUjwMRvbGu1qmFH48f1fB9/Lf5VG7jZ4Y7j/s6bmH7ThBnkmydtCQcYbxHxI3O5b9GUXB1JzopMwja+aAvoU9lKVe3SPgJCVTZXtlNQwKDM41O3xAONC5TlvzsKUM7sHbWZcUJaQmoyu0Okr5IyV5PIR1YlKp9rNgvsMZI+xi7bjcqL/L4/kQC2ZCi2NsReOdlxwrsIIrck3VPOusDdJcqQcZwhaQ18WlvxQ6nXshyZPNctfJGHAZJaAGXpMiRug7a5ji2r8I6CrZgfIThXwD/NviBNXugu11hBHCvEnCY/1Fcda8TkNAWFCreUVmVMNX4JoSqJ+dohxsS8fuAbAT65TP92dm9vFH/zeGCWJ/Xtd7jZ5t2pA70ZC9okY3r6BltLiejyNsIoUDnbddSWZHVuZqAfsn05WbOL9BJB0yegQnPsnHNxMtT0v470efKv1u4Sz+vIRkKiTwyXAi+z3UUViSzD9LRlOuw8yr+hlt74vFPLRyGRhcqgza9RgyIGDTZwjLkwmyfZROV8mYQRarnraDUqGBBAt1eDhS6J3hGYbdJ4ajcgVewxZ9F0m/Go7FEt+7d6lgHOTvMV/WiYD7Hy2qxLl/y4sJKuIMxbf4wT3RlBXXui2m+hCVeK+sm8Vo1aKkHN1fxpH/aAcbMsEGZx5Cu6o9y+MM4X+MxssmR6CDXgP
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(396003)(346002)(136003)(366004)(376002)(39860400002)(230273577357003)(230173577357003)(230922051799003)(64100799003)(451199024)(1800799012)(186009)(44832011)(31686004)(45080400002)(966005)(83380400001)(21480400003)(6512007)(53546011)(38100700002)(66556008)(31696002)(66476007)(86362001)(2616005)(66946007)(110136005)(316002)(786003)(33964004)(6486002)(478600001)(8936002)(6506007)(4326008)(8676002)(235185007)(5660300002)(66899024)(36756003)(41300700001)(2906002)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: WUUUiG6fZqvYMLSjBPxdOj58rDGWdvawySeZrfUMBcBHmo+9ybHxrWeJwhfLClsieDTBR9bPjyvt8fqChZF+eWXa8s1KPnizngyxQjyipl9L4euNmGNgQrQGCVfLEWxjZmkKPM71VjAsY2VWKWCdAT9YCwlXeaHaL/Scg19/0CNKy0vFS533sW/pRIFGKr6SvjJiohCyuZk93SsiRHuesvZX5fmAu/3agteA8FjJs8Vf+zpjgyxE7/Lojrj1FHblHI6DfaizThLDzJxPhqaqYoQQd7KcnvSmD9TttGPDg+cqS/nEc/ws8xziTfMwpXw40/sj+x3K82C+6gGjAuA4coWPRGQ8o46n13N+QNgPOZVGsTetytrNM1+143yavQbKTt649ahcHSUkDyucPW1wwm8NNuaHcT7ZkZhBIkJ5O1DZ/VGUL66X/tCjMjK7fe7/xBYNEdCPSI0SadKX/GW6nYSFfQH5KanYtcI77RJd8uVcfs7bDtljsi1RCM1W+5FOGdUc6Zlo8UUJ/Ufc8pysm9MhGvAAeb2Js0vzE8PWEKhOz/kJMB09LoD0MVW1MPI7LDZ5pYXCB6zsv9j2dez7Wc/ag0b0uXJK2O0lkLBjFpROfcpkRU5Xtw+b6QEAWDqzHY3DhrXF/0KfWRTw1Ht/45oHgkd3Brqli6R75G7S7eNEt1tc8cOd1AiUTHm8jo9z2lR/4vYpOHiUJ44npJWqDPjuCJEHO9mIbjWfOSVlLUpSXXwvEX1d9crtH7VYH53CCA1oADX6PspyWJNHmhLp6j9ktr0/xOKa6oTbi/IKH+lK8Woz/1mQS5pgK3feCS2IDNDZFxgM1CROMWadMnCNDkJVGXMSUYE6ig5DUQJOO5bu6Z9uo7wCfVmMjgsprBZ93EcKEW3fMU0A52PyPOXGFbkZNlIkwCqYDpDREBmjqC+IUyTj/8GNbo7jacou5hRepGruPFqZ5VdyAsAQHYNzugsFMyRkmiH+WdHJOT8yzpK/5Fm7DuEs98n2dxWi3NtC3vQS5drJPIZy10BYsiBYdnn3LP6yfYegQoGaNrTcr3VXYQCbyLRK7Q3LNOyb/y0oC16jPpjDrkSj50rA756zldzhqG7YKQJ1u1Z9btyJuqBQAJ2V6AkwdUnXOb2hz5ZR1ryp9U84EU0Tlzxbq8vR7Cy9ND01BWzcKzN64dn7XQAKvvx7oJTxP5unVLIReJptDWo6Y6irZFlQeA+hE4lfAOl3VyIRpQ+9PUJyl/lywkC0kaMO9f1FaCnZDgdH4WZNSv8U++6OBXpTuRWNPU9X64n8VLW8C9syrC9qCsJp4cphRFwj1IZwUOlZ5C5L4bjHlktaZnr6fhwG7qupe0d3nh0DjH/pZJKhqxl5o5tAFvZZUeubSoETGG9uzfvFJ2e/Xpui7EyPpp1NV60f648zmDrenFLrwFEdp0UN246zEMDHwPBQ6UPQvsDoz1zfYtNBLR3b3mnqifJoNKpQm3btlKdThBr8/v4ZNz5BhLLezgs2Rh1e9UOC790B6Xos7Ese/XZLeRfRV2smLz1+5R+L8zDCgxc8dj/lTgUTSNagvBW7CnSbJNz6j/d3s6Cye/wXVsT5jpLjeCMUvASk6zer4JSi3adWzr0p8aqIpXT3/18Va19QF130nSjx9sW/FimQ
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 49f8aeff-fed1-4525-0fbd-08dbf69e6b2b
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Dec 2023 21:00:46.7607 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: NKfIXO7E2TQkTfO3gRhMimvJSLPtyG/q1e5A3HVk0C0Wk7Kp6aDaZ8ntNbJebSRN
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR02MB6900
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mbpK33KrRb-cOZh50W5PWn5MA64>
Subject: Re: [TLS] Call to Move RFC 8773 from Experimental to Standards Track
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Dec 2023 21:00:56 -0000

Hiya,

> (3) The privacy considerations already talk about Appendix E.6 of
> [RFC8446].  I am please to add a pointer to ECH, but I do not think
> that ECH use should not be mandated.

While I'm a fan of ECH, does it actually do the trick here?
If the adversary has a CRQC then we'd need an updated ECH
that's not vulnerable in that scenario, and we don't have
that now. (And it might be hard to get to, given MTU sizes.)

Cheers,
S.

> 
> I suggest:
> 
> Appendix E.6 of [RFC8446] discusses identity-exposure attacks on 
> PSKs.  Also, Appendix C.4 of [I-D.ietf-tls-rfc8446bis] discusses 
> tracking prevention.  The guidance in these sections remain
> relevant.
> 
> If an external PSK identity is used for multiple connections, then
> an observer will generally be able track clients and/or servers
> across connections.  The rotation of the external PSK identity or the
> use of the Encrypted Client Hello extension [I-D.ietf-tls-esni] can
> mitigate this risk.
> 
> Russ
> 
> 
>> On Dec 6, 2023, at 11:51 AM, John Mattsson
>> <john.mattsson=40ericsson.com@dmarc.ietf.org> wrote:
>> 
>> Hi,
>> 
>> I am quite convinced that the security properties are not worse
>> than a mixture of PSK authentication, PSK key exchange, (EC)DHE key
>> exchange, and signature authentication.
>> 
>> In some cases, this is very good. You get the quantum-resistance of
>> the PSK together with the PFS of ECDHE, and the entity
>> authentication and security policies of certificates. In other
>> cases, it is not so good as the reuse of a PSK identifier enables
>> tracking and potentially identification of both the client and the
>> server. I don’t think that such a field enabling tracking belongs
>> in modern TLS, but reuse of a PSK identifier is already in RFC 8446
>> so this document does theoretically not make the worst-case worse.
>> 
>> If RFC 8773 is updated. I think the following things should be
>> updated: - The title and abstract only talks about PSK
>> authentication. The key exchange is likely more important to make
>> quantum-resistant than the authentication. I think the title and
>> abstract should talk about PSK key exchange. - I think the
>> paywalled references should be removed. I think paywalled
>> references are both a cybersecurity risk and a democracy problem
>> [1]. I don’t think they belong in RFCs unless absolutely necessary.
>> RFC 8446bis recently removed all paywalled references. - The
>> document should refer to section C.4 of RFC8446bis that now
>> includes a short discussion on that reuse of an PSK identifier
>> enables tracking. I think RFC8773bis should have a warning early
>> that the privacy properties are much worse than the normal
>> certificate-based authentication. This could be completely solved
>> by mandating ECH. Alternatively, it could be solved by sending the
>> PSK identifier after flight #1 when things are encrypted.
>> 
>> 3GPP specified the use of server certificate authentication
>> combined with PSK authentication and key exchange for TLS 1.2. As
>> that mode was not available in RFC 8446, 3GPP does not specify this
>> mode for TLS 1.3 but there have recently been discussions in 3GPP
>> about adding RFC 8773. I think the really bad privacy properties of
>> PSK in TLS 1.3 is a significant problem for 3GPP. The bad privacy
>> properties of TLS 1.3 with PSK have also been discussed several
>> times in EMU WG. I think a mode that sends the PSK identifier
>> encrypted would make a lot more sense for standard track.
>> 
>> I am not supportive of standard track unless the tracking problem
>> is solved. If the privacy problems are solved, I am however very
>> supportive. Adding an extra roundtrip is a small price to pay for
>> privacy. Adding a field (psk identifier) that can be used for
>> tracking to current certificate-based TLS is making privacy worse.
>> I don’t think that is a good idea or worthy of standards track.
>> 
>> Cheers, John Preuß Mattsson
>> 
>> [1]
>> https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/W2VOzy0wz_E/m/6pgf5tFaAAAJ
>>
>>  From: TLS <tls-bounces@ietf.org <mailto:tls-bounces@ietf.org>> on
>> behalf of Dan Harkins <dharkins@lounge.org
>> <mailto:dharkins@lounge.org>> Date: Wednesday, 6 December 2023 at
>> 14:50 To: TLS@ietf.org <mailto:TLS@ietf.org> <tls@ietf.org
>> <mailto:tls@ietf.org>> Subject: Re: [TLS] Call to Move RFC 8773
>> from Experimental to Standards Track
>> 
>> 
>> Hi,
>> 
>> I approve of this transition to standards track and I am
>> implementing this as well.
>> 
>> regards,
>> 
>> Dan.
>> 
>> On 11/29/23 7:51 AM, Joseph Salowey wrote:
>>> RFC 8773 (TLS 1.3 Extension for Certificate-Based Authentication
>>> with an External Pre-Shared Key) was originally published as
>>> experimental due to lack of implementations. As part of
>>> implementation work for the EMU workitem
>>> draft-ietf-emu-bootstrapped-tls which uses RFC 8773 there is
>>> ongoing implementation work. Since the implementation status of
>>> RFC 8773 is changing, this is a consensus call to move RFC 8773
>>> to standards track as reflected in 
>>> [RFC8773bis](https://datatracker.ietf.org/doc/draft-ietf-tls-8773bis).
>>>
>>> 
This will also help avoid downref for the EMU draft.  Please indicate
>>> if you approve of or object to this transition to standards
>>> track status by December 15, 2023.
>>> 
>>> Thanks,
>>> 
>>> Joe, Sean, and Deirdre
>>> 
>>> _______________________________________________ TLS mailing list 
>>> TLS@ietf.org <mailto:TLS@ietf.org> 
>>> https://www.ietf.org/mailman/listinfo/tls
>> 
>> -- "The object of life is not to be on the side of the majority,
>> but to escape finding oneself in the ranks of the insane." --
>> Marcus Aurelius
>> 
>> _______________________________________________ TLS mailing list 
>> TLS@ietf.org <mailto:TLS@ietf.org> 
>> https://www.ietf.org/mailman/listinfo/tls 
>> _______________________________________________ TLS mailing list 
>> TLS@ietf.org <mailto:TLS@ietf.org> 
>> https://www.ietf.org/mailman/listinfo/tls
> 
> 
> 
> _______________________________________________ TLS mailing list 
> TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email