IETF Logo Mail Archive

Re: [TLS] [EXTERNAL] Re: WG Adoption for TLS Trust Expressions

Devon O'Brien <asymmetric@google.com> Mon, 29 April 2024 15:33 UTC

Return-Path: <asymmetric@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBB94C14F6E9 for <tls@ietfa.amsl.com>; Mon, 29 Apr 2024 08:33:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.596
X-Spam-Level:
X-Spam-Status: No, score=-17.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iARuWc66p1Tm for <tls@ietfa.amsl.com>; Mon, 29 Apr 2024 08:33:16 -0700 (PDT)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C8D5C1840D1 for <tls@ietf.org>; Mon, 29 Apr 2024 08:33:00 -0700 (PDT)
Received: by mail-qt1-x834.google.com with SMTP id d75a77b69052e-43ae23431fbso188901cf.0 for <tls@ietf.org>; Mon, 29 Apr 2024 08:33:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714404779; x=1715009579; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=UKzyu00Xx5mL/ryiHEgrO0yp8mkg4cw6C2YF1s1PbYo=; b=ZdNgnbhyK0Y4Yd+RUJ10qXXHqQAvX5lbYGKuSc4H5NLNvPh4t5zGlAD+GqFqzuAORk Z+T+cNuQ/GAjfhlXtMLCfZ8lQJhxmvIc1wlZLxiPW+yy/vygr0tWqApQHX60FB8I0DSz 6Z9b4ZqcbIUieu/4fX8Q5eEaksQ7OJz5PfFYqu/JLi8n6q21VSzCQzCXI7BKNvDMpOrG 00FXULTiKeyNk2TbNCNTjHKBWQpbqxyNxGPxFGYdR6gkUO2n6d4f721yWmwfoEvZhE5a KtYG9Mt3KEOE1VysbtcSGhSGCxFAKMlF207E0ezSOFAXHaDZpeMcj9wyCu2mXk2OMnmr DpzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714404779; x=1715009579; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UKzyu00Xx5mL/ryiHEgrO0yp8mkg4cw6C2YF1s1PbYo=; b=ZC02eoP2bwae9t6ojk9pWgWzJk+xw0h9lVf/54mEU9yu/EucDOjrKs1DT+eeoQm3qZ lIAooMzl11qXzODLld3lgGbm3GmWTzvYjZHzkXP2OQ2/1p9gjuCYWafaSW/i1EJRejvG pACocbIDmSErCK0GuVuYvUaN4hY7JvQMCUuCml2IE+x1quYv+MVsQOuQ66+j2yogtaA+ bqAiME3NUEUzLPI743ixjp/Q+6IMDZIgcqTfLfaMHvzxcUlAlYseRHO5RXtvK8gxfnen hD1kg28GIze+O4Hd4o9+x5+5TjdOeo/3LtZ5mOKET/8bG7jMmB6cfTRY9cnvBy2SDA5q w0+A==
X-Forwarded-Encrypted: i=1; AJvYcCW95DQVNv0jFQYhcWCZip9BsW/oHXCqMsjoLsAk3H4486gITmUCqjrXpCpGmvCZU17/lZFlcOEXdB5G6Pk=
X-Gm-Message-State: AOJu0YzFvRW9StbSAKgMVKsU6UX6mogjKGArwt2Qc8n0KLsbGyhuipvs 9vatI2YYLQb1Oya2oiZm/4vRkX/IMcznqVwmU6E1fVbTuqFNrhNdf0HhmTrt+yBhXJemU1TSAfT J0IPdzPXaJ8hrJRqc1MicJ6B4dVcqF/sDCev7
X-Google-Smtp-Source: AGHT+IHzgEpWVQnfQbDoDM21v+D0ElhgV0/sAQ9ude5f4SLj0HQfp8RmBdD1hVYJuujtQ/dVDB3pOyyWV0UNf50sp7Y=
X-Received: by 2002:a05:622a:1a90:b0:43a:f42f:ef0d with SMTP id s16-20020a05622a1a9000b0043af42fef0dmr191379qtc.23.1714404779216; Mon, 29 Apr 2024 08:32:59 -0700 (PDT)
MIME-Version: 1.0
References: <CAD2nvsQafns7PB72uV2CBgrt1N+f3YK6p_=EO-A_Bs-mb9=g1Q@mail.gmail.com> <CACsn0cnb9Aq80cUAQ6rctgCJF0Dmsxe+1zy=Axtu-tAV3sr_JA@mail.gmail.com> <MW2PR2101MB1083F82C2B4C9681B270D1208C152@MW2PR2101MB1083.namprd21.prod.outlook.com> <CAJTd26+hSFAnRxhe0pvk=ST0y-ST55tM6WUYnR2px8hH1MZ3Cw@mail.gmail.com> <CABcZeBMovHnPh6zbX2ff4ckVcpnzCEjVBsXFJVtAaR+frJD0eA@mail.gmail.com>
In-Reply-To: <CABcZeBMovHnPh6zbX2ff4ckVcpnzCEjVBsXFJVtAaR+frJD0eA@mail.gmail.com>
From: Devon O'Brien <asymmetric@google.com>
Date: Mon, 29 Apr 2024 08:32:47 -0700
Message-ID: <CAD2nvsT-5i+nmvxLW18dsCyb6rxOk8QGZdbEi+WJfWmq6LNLbA@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Brendan McMillion <brendanmcmillion@gmail.com>, Andrei Popov <Andrei.Popov@microsoft.com>, "tls@ietf.org" <tls@ietf.org>, Bob Beck <bbe@google.com>
Content-Type: multipart/alternative; boundary="000000000000de433306173df788"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ols1EjgxBHEUpenXmH_7l1qz_RI>
Subject: Re: [TLS] [EXTERNAL] Re: WG Adoption for TLS Trust Expressions
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Apr 2024 15:33:20 -0000

Hi Ekr,

Thanks for calling attention to the wg draft adoption process; we didn't
intend to issue a formal call (as that's reserved for wg chairs) and
hopefully didn't cause too much confusion to that effect. While we're
waiting to hear from the chairs whether they want to move this draft into
candidate for adoption status, we wanted to share our planned next steps
and gather some opinions on the mechanism and draft on list since so many
of our ad-hoc conversations on this draft happened in person over the past
couple of IETFs.

-Devon

On Mon, Apr 29, 2024 at 6:44 AM Eric Rescorla <ekr@rtfm.com> wrote:

> Hi folks,
>
> I haven't yet formed an opinion on this document yet, but I did want to
> observe that calls for adoption are issued by the chairs, not by individual
> participants. Of course, anyone can start a thread and comments in this
> thread are information for the chairs, but if adoption does happen, it will
> be via some separate process.
>
> -Ekr
>
>
> On Sat, Apr 27, 2024 at 11:42 AM Brendan McMillion <
> brendanmcmillion@gmail.com> wrote:
>
>> Hi Devon
>>
>> I support adoption
>>
>> On Fri, Apr 26, 2024 at 7:38 PM Andrei Popov <Andrei.Popov=
>> 40microsoft.com@dmarc.ietf.org> wrote:
>>
>>> I support adoption.
>>>
>>> Cheers,
>>>
>>> Andrei
>>>
>>> -----Original Message-----
>>> From: TLS <tls-bounces@ietf.org> On Behalf Of Watson Ladd
>>> Sent: Friday, April 26, 2024 7:13 PM
>>> To: Devon O'Brien <asymmetric=40google.com@dmarc.ietf.org>
>>> Cc: tls@ietf.org; Bob Beck <bbe@google.com>
>>> Subject: [EXTERNAL] Re: [TLS] WG Adoption for TLS Trust Expressions
>>>
>>> On Tue, Apr 23, 2024 at 1:39 PM Devon O'Brien <asymmetric=
>>> 40google.com@dmarc.ietf.org> wrote:
>>> >
>>> > After sharing our first draft of TLS Trust Expressions and several
>>> discussions across a couple  IETFs, we’d like to proceed with a call for
>>> working group adoption of this draft. We are currently prototyping trust
>>> expressions in BoringSSL & Chromium and will share more details when
>>> implementation is complete.
>>> >
>>> >
>>> > As we mentioned in our message to the mailing list from January, our
>>> primary goal is to produce a mechanism for supporting multiple subscriber
>>> certificates and efficiently negotiating which to serve on a given TLS
>>> connection, even if that ends up requiring significant changes to the draft
>>> in its current state.
>>> >
>>> >
>>> > To that end, we’re interested in learning whether wg members support
>>> adoption of this deployment model and the currently-described certificate
>>> negotiation mechanism or if they oppose adoption (and why!).
>>>
>>> We absolutely need to solve the problem and the draft is a good starting
>>> point.
>>>
>>> >
>>> >
>>> > Thanks!
>>> >
>>> > David, Devon, and Bob
>>> >
>>> >
>>> > _______________________________________________
>>> > TLS mailing list
>>> > TLS@ietf.org
>>> > https://www/.
>>> > ietf.org%2Fmailman%2Flistinfo%2Ftls&data=05%7C02%7CAndrei.Popov%40micr
>>> > osoft.com%7C6ca75aa932344f322d9f08dc665fa375%7C72f988bf86f141af91ab2d7
>>> > cd011db47%7C1%7C0%7C638497808164901299%7CUnknown%7CTWFpbGZsb3d8eyJWIjo
>>> > iMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%
>>> > 7C&sdata=2n8iljUXBtb4Jf%2FZTqN2Nl5j81WoatTYA64c5%2FRoH0A%3D&reserved=0
>>>
>>>
>>>
>>> --
>>> Astra mortemque praestare gradatim
>>>
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>

v2.31.3 | Report a Bug | By Email | System Status