Re: [TLS] Is there a way forward after today's hum?

Ted Lemon <mellon@fugue.com> Wed, 19 July 2017 17:15 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E5EA131474 for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 10:15:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6RpUksLIFYqO for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 10:15:28 -0700 (PDT)
Received: from mail-pg0-x233.google.com (mail-pg0-x233.google.com [IPv6:2607:f8b0:400e:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF24D131B84 for <tls@ietf.org>; Wed, 19 Jul 2017 10:15:27 -0700 (PDT)
Received: by mail-pg0-x233.google.com with SMTP id y129so2878433pgy.4 for <tls@ietf.org>; Wed, 19 Jul 2017 10:15:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=j0sQRgOLncm54rDtzl28UOOSg4rYkVvW5rvrdrhIGwE=; b=jFKKkLus9y9tZu/f3uXgpUP+6GNfVuXK8bqo821EGkSIaNc0LPeDxEYjOF4HvYud8H YISPwROkehz1oxJQZGSlyTul2TKBO2wR/JKCfq4wIL1KflngVlRaVIwfCyiFuVwSwlPk 2bDSBjxapIElaSQDGOc5MwOS7mgIxU+CFh3jx4kz9tB/6Ow2YtWVULc4+OsZ06kKxJ9o hUgzt9XpoWnhTmtng85pNgh11jxnkS3AUz6PnxoJALJd6QhA+KfEKkVgaHTdkLL3KRI7 HxCoNh556xnJHnFTn61iPa8yNyCyYhELZqlXJ4GjHpmrKOJMFIRfpHvQcjykkhDHIY2j BLHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=j0sQRgOLncm54rDtzl28UOOSg4rYkVvW5rvrdrhIGwE=; b=s4m0G9zJSXojQEkdFAZEjUZYkE0kh1A0hM4gz302hsdk6XeSlFQKgpM80ESZiID5fP RhMGO7Z3+d0jygRVEWNZkOhXLVp0f5INiZe1rPmX6Hnda9Sw/G/vppBYbv+YyAfda7FV DTIsLL6y/h/t/vOSscJAht8mZ1Xu7kz031IADljRcHf73Qymi75WL59lIKgU+nHeyfs4 nk4oFmwQxKJA9N3BcPFSJCorG4jaE3RXb0MoSd2tHKYrybmeb3fgBqnPIvuXKeS/52+d DzoHBf/ZY+UwnZQwGvzKtNAVJHSg8Fax45UcnG7iLWlZqcMDGTxd+DPWMN94kEIW5Pu0 xUgQ==
X-Gm-Message-State: AIVw113w6cOSc+mKt1BWa9VB0DzRTHiLjIYgCQy2GMd27GtRhHkcJxH0 e0pq8i+zUiEGZISrGcUnNf17WEtJiPzb
X-Received: by 10.99.43.5 with SMTP id r5mr784508pgr.135.1500484527439; Wed, 19 Jul 2017 10:15:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.181.42 with HTTP; Wed, 19 Jul 2017 10:14:46 -0700 (PDT)
In-Reply-To: <E6D7DDCD-FDE6-4784-ACE8-0F5AC8E2CEDF@vigilsec.com>
References: <E6D7DDCD-FDE6-4784-ACE8-0F5AC8E2CEDF@vigilsec.com>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 19 Jul 2017 19:14:46 +0200
Message-ID: <CAPt1N1ka=vuoZMB58LXfkJ_qafohf08WeoUs2y4kaCxBtCx29Q@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: IETF TLS <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a1146e2e03fd7870554aec715"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/onKhYUKmdXOHVwRuF6WpE2pvHww>
Subject: Re: [TLS] Is there a way forward after today's hum?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 17:15:33 -0000

Provably involved, or involved setting an evil bit?

On Wed, Jul 19, 2017 at 7:10 PM, Russ Housley <housley@vigilsec.com> wrote:

> The hum told us that the room was roughly evenly split.  In hind sight, I
> wish the chairs had asked a second question.  If the split in the room was
> different for the second question, then I think we might have learned a bit
> more about what people are thinking.
>
> If a specification were available that used an extension that involved
> both the client and the server, would the working group adopt it, work on
> it, and publish it as an RFC?
>
> I was listening very carefully to the comments made by people in line.
> Clearly some people would hum for "no" to the above question, but it
> sounded like many felt that this would be a significant difference.  It
> would ensure that both server and client explicitly opt-in, and any party
> observing the handshake could see the extension was included or not.
>
> Russ
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>