Re: [TLS] WG actions (was Encrypt-then-MAC again (was padding bug))

Alfredo Pironti <alfredo@pironti.eu> Thu, 05 December 2013 11:52 UTC

Return-Path: <alfredo@pironti.eu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACB7A1ADF89 for <tls@ietfa.amsl.com>; Thu, 5 Dec 2013 03:52:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.079
X-Spam-Level:
X-Spam-Status: No, score=-1.079 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ii30jk45KD22 for <tls@ietfa.amsl.com>; Thu, 5 Dec 2013 03:52:20 -0800 (PST)
Received: from mail-ob0-x22b.google.com (mail-ob0-x22b.google.com [IPv6:2607:f8b0:4003:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 033681ADF79 for <tls@ietf.org>; Thu, 5 Dec 2013 03:52:19 -0800 (PST)
Received: by mail-ob0-f171.google.com with SMTP id wp18so17545335obc.2 for <tls@ietf.org>; Thu, 05 Dec 2013 03:52:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pironti.eu; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=SD74aPeVFQsOR5Y9uVOel1R8eHl7mFVtg120PMg6SyM=; b=L5xqV6WDE2SFEt6rhUWmNOviVRDBEZPXnRN1hI9UO1L9ZDSe+SknvdxrjLMM7FDPTC d3Ckl7XOEsh53N1cPrAqH0CYQ1m+xQTQ0s3HFshNg+vu8ipGKq7pfkS4LNGdw5VCm9cJ ENaA44Rrv3EMIqZFj2JfcUCJ/cPvacfv91ufU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=SD74aPeVFQsOR5Y9uVOel1R8eHl7mFVtg120PMg6SyM=; b=JjF54r85gvhUlrjM2FFx/R/rKO926lFa/QmCmvpNom+TGHGuHE+hK0nukmh/rwd6GP BenMwOgGBucJqKmaKHx/GXGTfP565XyzbQWNGnN/QfRPj6eU68D1Bx5v/x4AfI9Td7PP /zbWzf/RMCknGlaA6JtyTItFbmEt5cRAy8tzfZkwQZf9Wlyo7RbhNBVwZMBlvp65yLpG fC0Sq1FzcXKRBjN9RLn3czy6IVAXU4U8cS7nBzCwsy7xcpURFMzp7V/4Dn/czK0r6lZX 03+Lo6L52b4zaSvnRHVKRF3kAkefD60U9wKqgoKStIPTkAMdK+2UGfSch35Flw3FvOBd bwCw==
X-Gm-Message-State: ALoCoQki9mQn9h1Wt2slLhg148tpz9Gh/ljwWHkip7BIVcvvuk23XS9j4odcki9Rp16ZhSHwSz01
MIME-Version: 1.0
X-Received: by 10.60.44.239 with SMTP id h15mr67870641oem.22.1386244336249; Thu, 05 Dec 2013 03:52:16 -0800 (PST)
Received: by 10.76.180.193 with HTTP; Thu, 5 Dec 2013 03:52:16 -0800 (PST)
X-Originating-IP: [82.224.193.99]
In-Reply-To: <79C48EEB-9FCE-4AE5-96C0-8AA2193A9354@iki.fi>
References: <79C48EEB-9FCE-4AE5-96C0-8AA2193A9354@iki.fi>
Date: Thu, 5 Dec 2013 12:52:16 +0100
Message-ID: <CALR0ui+2VjvvQb1Ykfm8Tw_pAoG2UoaHQ4J_dFYHzL2V2eWR5Q@mail.gmail.com>
From: Alfredo Pironti <alfredo@pironti.eu>
To: =?UTF-8?B?SnVobyBWw6Row6QtSGVydHR1YQ==?= <juhovh@iki.fi>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: "<tls@ietf.org>" <tls@ietf.org>, Peter Gutmann <p.gutmann@auckland.ac.nz>
Subject: Re: [TLS] WG actions (was Encrypt-then-MAC again (was padding bug))
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Dec 2013 11:52:24 -0000

On Thu, Dec 5, 2013 at 11:49 AM, Juho Vähä-Herttua <juhovh@iki.fi> wrote:
>
>> On 5.12.2013, at 5.24, Peter Gutmann <p.gutmann@auckland.ac.nz> wrote:
>>
>> Eric Rescorla <ekr@rtfm.com> writes:
>>
>>> This topic was discussed at the TLS WG meeting in Vancouver (since you
>>> declined to attend,
>>
>> In any case the WG consists of people on this mailing list, not a select
>> few folks in some back-room in Vancouver.
>
> I think the accusation of intentionally organizing meetings so that some members cannot attend might be better handled outside this list, since it sounds a bit personal.
>
> However, I think the comment above about who is a memer of the WG is valid. I would like to put a bit of emphasis on what RFC 2418 says.
>
> "All working group actions shall be taken in a public forum, and wide participation is encouraged. A working group will conduct much of its business via electronic mail distribution lists but may meet periodically to discuss and review task status and progress, to resolve specific issues and to direct future activities."
>
> Unfortunately I haven't had a chance to take part in any of the face-to-face meetings, so my views are purely from mailing list perspective. The mailing list has extremely good discussion and interesting points, but I get the feeling that many decisions are coming from the "top" (face-to-face meetigs) down here.
>
> When people meet regularly and know each other well, they will share more views, this is inevitable. However, IMHO minimizing the gap between the mailing list and meetings, and facilitating communication both ways should be one of the top priorities of WG chairs.
>
> Finding ways to get reliable votes instead of vague second hand summaries might be a good way to resolve these conflicts. All it would take in its smallest form would be to open a thread at the list for voting (with no discussion, it should be mostly done at this point), give a certain timebox for the voting and conclude the results on the list. This could be then taken to the face-to-face meetings.
>
> Does someone know why we don't do this?

My understanding is that humming is preferred, as it provides some
form of anonymity, while voting would quite break it. Voting/humming
on itself is also a delicate point, as there are not eligible voters
lists; finally, IETF (always according to my understanding) is based
on consensus, so for example, winning by a few votes would still mean
that there is no consensus.

Of course, humming has the drawback of requiring some sort of physical presence.

Alfredo

>
>
> Juho
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls