Re: [TLS] Fixing TLS

Dave Garrett <davemgarrett@gmail.com> Tue, 12 January 2016 20:34 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A8DC1A889D for <tls@ietfa.amsl.com>; Tue, 12 Jan 2016 12:34:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NHJdGY6JISx2 for <tls@ietfa.amsl.com>; Tue, 12 Jan 2016 12:34:02 -0800 (PST)
Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com [IPv6:2607:f8b0:400d:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6AFA1A8899 for <tls@ietf.org>; Tue, 12 Jan 2016 12:34:02 -0800 (PST)
Received: by mail-qk0-x235.google.com with SMTP id n135so260420896qka.2 for <tls@ietf.org>; Tue, 12 Jan 2016 12:34:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=Alhf1g3FGt9tYeVrdj+qCoPplKoGjACvO3MKOYuTeHo=; b=Fj9KHLIO/QdMK3d/zJHn5M6RYBd1ClprQYBucAj8WXuSt/pYMN71+0ZwJXrCdEb06q RLiCNp6ZeVLuswaQ4f6UdVzaFWC2LPprz6OZyMAqDIJ/6AAzofxxbpnLWAx6y88BfCnm JZtaUyWbes6wBqIo7+Qb3zi3y9FBYf61hma7YcvaGikWNta7CF8WjV5J6yxyeNMIUN08 yUqBjQ36I1HMlFvBb+hbBi30D3YGb+R6e0popbPlmO4ncI+YKP/1BZHyS/9Xvp+ieR2H sQeQ72aorUduFZwTOn+uW/5AFCZicjGzGUu6GSHMEDlVsmHbQf3FPdkZsqo4dUNcb5DX S+8A==
X-Received: by 10.55.72.87 with SMTP id v84mr159877166qka.9.1452630841918; Tue, 12 Jan 2016 12:34:01 -0800 (PST)
Received: from dave-laptop.localnet (pool-72-94-152-197.phlapa.fios.verizon.net. [72.94.152.197]) by smtp.gmail.com with ESMTPSA id v64sm7246339qkv.24.2016.01.12.12.34.01 (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 12 Jan 2016 12:34:01 -0800 (PST)
From: Dave Garrett <davemgarrett@gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 12 Jan 2016 15:33:59 -0500
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <9A043F3CF02CD34C8E74AC1594475C73F4BC6849@uxcn10-5.UoA.auckland.ac.nz> <CAH9QtQHu_TiC2SfdurCfv__yBRVJLdiyn58g-A940nvPnC8EAw@mail.gmail.com> <CABcZeBOrKWa+Fqf9fsqGqeZnHH_jL=mZPu7wUJ6QtM5vrVkXyg@mail.gmail.com>
In-Reply-To: <CABcZeBOrKWa+Fqf9fsqGqeZnHH_jL=mZPu7wUJ6QtM5vrVkXyg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201601121533.59799.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/osX3pzfQB-VtMYiX9w4pARqrxks>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Fixing TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2016 20:34:04 -0000

On Tuesday, January 12, 2016 03:18:11 pm Eric Rescorla wrote:
> On Tue, Jan 12, 2016 at 12:12 PM, Bill Cox <waywardgeek@google.com>; wrote:
> > I wish that were the plan (to upgrade QUIC crypto and eventually make that
> > the new crypto platform).  If I am not mistaken, QUICK crypto is going to
> > be archived, TLS 1.3 will replace the crypto code, and QUIC will remain the
> > transport layer.
> 
> This is my understanding as well, based both onconversations with the QUIC
> folks, and Adam and Jana's public presentations. A number of us (MT, I,
> Jana, Ian, AGL, Christian) have already started some initial conversations
> at how to do that.

I'm quite interested to hear what the plans are there. I'd appreciate it if, whenever there is a fleshed-out starting point, an outline could be posted to this list to keep us in the loop with what's going to be the initial design. Not necessarily for debate here, but just so we can have an idea of where things are going.

> With that said, I don't think there's a plausible story in which QUIC becomes the only
> transport protocol in the world any time soon, so I don't think standalone TLS 1.3
> is going away.

Yes. Whatever the discussion for future work, TLS 1.3 is the current direction. One step at a time so we don't trip over our feet. ;)


Dave