[TLS]Re: Working Group Last Call for Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3
Andrei Popov <Andrei.Popov@microsoft.com> Wed, 22 May 2024 15:19 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8D26C169402 for <tls@ietfa.amsl.com>; Wed, 22 May 2024 08:19:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.1
X-Spam-Level:
X-Spam-Status: No, score=-7.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GtKOEzNmF_sJ for <tls@ietfa.amsl.com>; Wed, 22 May 2024 08:19:42 -0700 (PDT)
Received: from BYAPR05CU005.outbound.protection.outlook.com (mail-westusazon11021006.outbound.protection.outlook.com [52.101.85.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54276C1B164A for <tls@ietf.org>; Wed, 22 May 2024 08:19:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m4V21XGHaInEUEwSRGF5z9wZf5TMtIPsMBKMh6xAXDkfYIStOlW+twaL/Qt5Ccu3IgkJyQfwwr8kDv325q5QTuA8BmDJ1dO34LXj2ornU13FqvdJzbxFWKxYWWjq1+JU9wJMEQlfeGUiuFMfbtBgILWsfnYtl7PDDB8OzMbKhxygh5Xoj2KW+xbkMUD/IuDK1xPRZNm8HYmGDTbZJU0P1PR+5Sz4ggtBMd9NcuL65JOo7/PPlbJVslTjSeTYMSXNZ9HM9Bs9lwk9jgxx+kB/GfWAPVIuVFj8fIEmhcswf3MoikNSwA/tkhCNlhUgMfhuCfkI8s7eKCD5XGpvODK9bw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=abJd5Ktkm7F2LKo5ghvsxCOoyyOF5ImjrDjHjg6kFgQ=; b=KuwCYWHbY2giaLkyapZqyAHMiOpyK1+ZWl71E0GpmIHqtcP06G7/+K5/jEr/Fr7rbN/m8XgFGGc0PmFFQlhBq0KScOOaQH/EZHmWlUrBASpE/SqpNHVQmWaMk8jS5jB8e7rr2R7Lo0BMqzbGq0nfO4SmfDWzNhtC18C6y+CDTtNE8Zua0U8J4Okj7T51EP7T770GvAmeKfD2mtmoEoGGMPLztVIPNJ+bTtZWbiHE4MXQxrAUr7/yAqXcxX2M3A9ZOB+ClD27vswJzTCEHRYxLjHgjSRRlw9KWgmRbqTg6eok+k3Q3QNZfcORcWeZOy9LjXEe4mkXUqgw94acqL9ggw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=abJd5Ktkm7F2LKo5ghvsxCOoyyOF5ImjrDjHjg6kFgQ=; b=UDdaknTZ6nACTPjFIy2tsU+K2uGWojLZIyTRUq4Fv5mH5K6UosxkpTqH3UfMLWBPFjmhI+r1FVHQEAA+i2Y6m0os5moca0wqt8B3FOOR9etBFDbQdYUqSE+Izb2jon5GQSy1olYN/ZQWqD7aHWNDY+A+7bKqPB84RmddLcqnuQA=
Received: from MW2PR2101MB1083.namprd21.prod.outlook.com (2603:10b6:302:a::24) by MN0PR21MB3679.namprd21.prod.outlook.com (2603:10b6:208:3d0::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.5; Wed, 22 May 2024 15:19:33 +0000
Received: from MW2PR2101MB1083.namprd21.prod.outlook.com ([fe80::3256:a31f:7ea3:3972]) by MW2PR2101MB1083.namprd21.prod.outlook.com ([fe80::3256:a31f:7ea3:3972%7]) with mapi id 15.20.7633.001; Wed, 22 May 2024 15:19:32 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Sean Turner <sean@sn3rd.com>, TLS List <tls@ietf.org>
Thread-Topic: [TLS]Re: Working Group Last Call for Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3
Thread-Index: AQHarFQsgm0yirAWNEeokMxHZoDNQbGjXeXQ
Date: Wed, 22 May 2024 15:19:32 +0000
Message-ID: <MW2PR2101MB10837D405D2C5364981D63958CEB2@MW2PR2101MB1083.namprd21.prod.outlook.com>
References: <00F1241B-A3BC-474F-965B-BBABD5A6BBC0@sn3rd.com> <5711BB4A-CB44-4144-AE69-872D3379D320@sn3rd.com> <9D8AF0B8-4094-4602-B0DB-9CE905A8A4D8@akamai.com>
In-Reply-To: <9D8AF0B8-4094-4602-B0DB-9CE905A8A4D8@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=8c2fc12e-e94d-41de-a71b-733e2feff25a;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2024-05-22T15:18:19Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MW2PR2101MB1083:EE_|MN0PR21MB3679:EE_
x-ms-office365-filtering-correlation-id: 62e4cf19-372c-42b4-7b45-08dc7a729504
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230031|366007|376005|1800799015|38070700009;
x-microsoft-antispam-message-info: ekATobKGykhpCEW0HfYTNORBSCEDYgp9Ag7zf9A3uKd9Vu+3gaO5rjgFhFswmrSveFPubD/lJHadqPsH4lsbiThcdsqHhy3HxfTJ1z8Ox4BvKFuFapT/Xyap4xAJ1uXMj3lHhnGfmeac2bMPNZiFkxxHgRhAtkcr9cXcGo1tHadSEB3/kYWDtdSWKNKuIURurHYnMOa+9kC3zxKfacaWZpUr6nHku6I1Xa73b6+n4EiVDZU+gpx9lG6CE6uLATZ3bAr5dbPE8H/hnbqulUh1qXfdUYN5bLrE+QAE/2QbpAqoZhb2aaHBa6MvSiASalibTNCRAgMKxdjaziCWiVD1cZUfC2o7X4Pvg3O3KpYNT4lV5vW9OPtoxpF2ihJ/+HsDniXV9N4N0UEC2TNN5LjYVfYL9zVbTiI0E6Z8hmOpwEeaqzKRv7MeVUxYDA7hfzRMvlN13EJARrAGjqzuc5CXDzSHkj9b/dC7Gi9dhhFWaBL0UFlfu+SszhY3+EPg3E43JEM2uHBja65a5mfVWjbOBpPGtStrUy+cV+wbFFXuMVuqCj8fAufe8DLn097NkG76zAnvBXQdIfxwo6YhE4pob1Yt2NJL2b2zLVyd/gU8Qx8MKX6gcRCKWBwRvq7ebtZdlr050ymw9XvlsWcQ+B3h6scDMebL2lpBYywDFlqF6lcBI/XLy5VBcfwz67liiyZbldzFkI9XXat2p2eQDpPGhU0u3XG9tuB3eYwcace3Cs6WnKKegc5R021ysaPTv1EGtrDbuQamYFPs9vAblVIDjb8ThC36VGI9r7GMXaOfwlP/zCUDPasuHOvNiGNJWarlrOccjiRiG5caEW6tna++lstFbmyhdf4sYUINH3Unosd/jodOKfWDiyySq5h+vjdX5spf/ZTjofRWqtndIaYWCgzl8YPEVTtngn/9GfW5MYALsDVRgRQp08BVzkzb+2Vq8QfF/eJq/6pIWFVSZUltIjOX4xTTiTFhbGt0pzcwMxvWyBxG2XRoe4c+3KUKUpxlhduUNqoJgJjet1AIB1aoxOL+yfwku7eki8a2fNVYBJWq1M/d4KVxdDaV0wYc0+YbOgKnJHqzUW375V5tJlcQslsco9N32WqZs7fH6LZpcDZRSAw0INcS42kZUxMu6Gfh9KgvmyQSjjm2WfDy9lL6bjKjyNcmtWGz7OHcV0jcAIKxFElMlk6jKRFRGJdgq0HqWfQtqrUOF6p1BzOfOVIHJbu/8CNJDZo5/eOylL2CG/+lwnf5JfhSTY5k1MWZJ1kp6m+b0ikXFQYb3pYUMr86mzil3tIassON9IfmX4mQkNX8HUsZkdEAJMYLRzLb+Vcvfy2LdKjuY2pVplNFn1lTQA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1083.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(366007)(376005)(1800799015)(38070700009);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 0k+cVz7LnyIGWoQidhl3O7SknvK4VPaFXMAsaA0a0e0i6OWHq2WCIOJQfm3FgaGeCEs01qIaIqYsktfyIR1D5mXVbfHotMrkE7K4iCoOMf3RGdGWU0E5Hz+1uOfW19OzT3UWUV8Jz3ywild1RlxiBeEikquWVoeqbjRd4V88x0dmCY35zUuPBBYu8o7DK5MuwerdZBM36mRQbFgsWPoKxv9V2Zt2mh5ZdVXk9cnAmG4yAHucVagnXzktEA0kFSa25iQp5NxhX3eCHhoawrxFhrNvpaW9Oc5Xn0cCC+NxNjKIh4xq+ma3ZtFNaqTIk4QSpB3LjK4B108uGvmmvvH51wOBlnvA/wjNNx2ZVk5OsLwZt4F3ms/MJrYnRuwYLdyt0HtJRQpQvu93mdBL7PjE3oDG+kJIct1kwazc8+o/8OQ0yGotk1ogfvxRQIBb+HdRot3qDvZM1g9Wltec98jTaDKIrhf9nreGsGR4UWHMpoJCJZTWxL2iQFRtDApEIz0D05MOo33HID101T0peUj2OdujolWB18b7YckVMrCicEAIK4SBE16BiRzVbzByRNfRIuielYchswTDxdjoEpNPUnQlC2Qn4r3pzA6mHPIU34ReXFfra33QAEw2AHY50tjJY5Z4We5pMxx3A+x2dyeKwlNMvc6fKzfz+Wi4xKA3nxlUrSKIvvocANjwbDUw4GUWnnAeRM3uiv7oG6FATJPlGAmPGaHmTw2927Mv/7POaPwnqnCB91Mzg2lrO6lfLYe7fEwrMJyNS+cq62e4/1oqIfsjAvDU5bHs1/vLMoRAgOmGRNis0EadUEjvhFLJKcdpqR2vJNf/Qi8uMKssud5Ay4do3L790ELobVJtA9fz07SIkuFH96LTOsuB0OppPTvs97QgS6VyKqSZd3uD5uvvMGJBiM+p7RnPPE1bvTmRJqslXt0tdyr7iQY59ka+pubaEvCt5Ouu965rKbFgNETVclhr0qr/16NZbS3ttEeWECi9D+BpZwBF9Gt/L8eKTl5RQNzj0JFRLTiNQl4jImGGsDd20UE4RB+GkvraDDvivC3cDqXwWNrqckA/s7ZrRUbw3ybee0KtXQERP1OKbRQf3HVfK+FTmr9PRosEmLndazx/rJV9u/rGPvuo5c1UuTa7hMMvXmBn8kLd21v+hz1PG5yncILvyxc0bTRxgz3GyJMfjW75f+yEWhcidzw5psdGsWyU9v5CA7pkX7pgqUQ8vzKe+oxy7IrywM0V0+hACI5LuVGMUS1CPtwo93Hfr6W7q07OPPoKyLU3rxwtTZgwLPqULLBBBBbL3BOvO915lHXoXUVdy7BOTefp1MS2cS16qQ0VPqZpJgMcm2xwf2AVQmJsOTcgpXOLEH9sqkxw/IClZG6DbQ9JQaB/dReglP7Sqdj1dZHuG68Ql0W4X5WNWo7u7XC37X2JEgmstnUIgSYvsAI75NF4DlEETWYyk0Azq0RqNWPRIuwDy0YyEMlawOHH7KUIo/qZkHPFlAjIfRN4IQ2Cm61zk0V0po+35GayY4zjxkja2MsYqgl1e2eUMOnTUfEHJa6CxSVCa8xKJNP7xZAU7Ye75dMomb0Su7DC
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1083.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 62e4cf19-372c-42b4-7b45-08dc7a729504
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 May 2024 15:19:32.4541 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: u3gY9+si3CZDhYPW4TsuJCSN4DfrDE6kNR/cv4aCxEfCsUX739xeeREIbJKQ0AT7avbV5LOgbgYAF7RDf+JGMA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR21MB3679
Message-ID-Hash: YCGG4ELITWFQMLGAQY7J6FBX4S5GN35U
X-Message-ID-Hash: YCGG4ELITWFQMLGAQY7J6FBX4S5GN35U
X-MailFrom: Andrei.Popov@microsoft.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Working Group Last Call for Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
+1 what Rich said. Not a deal-breaker for me either way, but I would prefer "N", initially. Cheers, Andrei -----Original Message----- From: Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> Sent: Wednesday, May 22, 2024 7:26 AM To: Sean Turner <sean@sn3rd.com>; TLS List <tls@ietf.org> Subject: [EXTERNAL] [TLS]Re: Working Group Last Call for Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3 > This email starts the working group last call for "Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3” I-D, located here: No comments, ship it. > The only comment/question I have about this I-D (and I hope this is not too much of a bikeshed) is whether the Recommended column should be “D” instead of “N”. I think that would be a mistake as it makes the vast deployment of existing TPM machines nonconformant. In a few years, maybe. For now, not-recommended is strong enough. _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-leave@ietf.org
- [TLS]Working Group Last Call for Legacy RSASSA-PK… Sean Turner
- [TLS]Re: Working Group Last Call for Legacy RSASS… Sean Turner
- [TLS]Re: Working Group Last Call for Legacy RSASS… Salz, Rich
- [TLS]Re: Working Group Last Call for Legacy RSASS… David Benjamin
- [TLS]Re: Working Group Last Call for Legacy RSASS… Sean Turner
- [TLS]Re: Working Group Last Call for Legacy RSASS… Andrei Popov
- [TLS]Re: Working Group Last Call for Legacy RSASS… Sean Turner
- [TLS]Re: Working Group Last Call for Legacy RSASS… Sean Turner
- [TLS]Re: Working Group Last Call for Legacy RSASS… Sean Turner