[TLS] Re: Adoption Call for Trust Anchor IDs
Martin Thomson <mt@lowentropy.net> Tue, 21 January 2025 11:18 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 533E0C1DC7F8 for <tls@ietfa.amsl.com>; Tue, 21 Jan 2025 03:18:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.805
X-Spam-Level:
X-Spam-Status: No, score=-2.805 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b="fB2Z1Uax"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="roqZcDFZ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hp1F9HNmUGqA for <tls@ietfa.amsl.com>; Tue, 21 Jan 2025 03:17:57 -0800 (PST)
Received: from fout-b7-smtp.messagingengine.com (fout-b7-smtp.messagingengine.com [202.12.124.150]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B5FBC1DC7EF for <tls@ietf.org>; Tue, 21 Jan 2025 03:17:57 -0800 (PST)
Received: from phl-compute-05.internal (phl-compute-05.phl.internal [10.202.2.45]) by mailfout.stl.internal (Postfix) with ESMTP id 64AF911401BC for <tls@ietf.org>; Tue, 21 Jan 2025 06:17:56 -0500 (EST)
Received: from phl-imap-08 ([10.202.2.84]) by phl-compute-05.internal (MEProxy); Tue, 21 Jan 2025 06:17:56 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm1; t=1737458276; x=1737544676; bh=Jh8Tsv3Kn39zPQ4FxW65P9Ws+yaYMrrrgvlmGycGDE4=; b= fB2Z1Uax3KMRzbTNCA591wDlTaTitdse/SzPPJ42jfsPCjHt2+YyXlCm0SIlIPVu /+pPQ7D/i1Mo9tyAYrfpO8tZALpRsY36u2SP2Q44Ib0wmi09KVoxLGJU7c8/WeAQ fSkb4XepiLkvybmK8acYlKGt6CcTrDi/CtxfKy73efh4zVl8INo63g0D2opgFcU4 i2fuc/fQZP1x1ShA7qRuP26HW0POKgo0iFfy0nZq5n2vkEz8qqPyiG6lEYokuweQ BmxCXoAK+PDVRC0ow8D2pDoWth37we6BbwTCtN1QjX1o2DVds8vGuPFoGLPdPKQi yK8b0qxQsOT2CE2FL2OjOQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1737458276; x=1737544676; bh=J h8Tsv3Kn39zPQ4FxW65P9Ws+yaYMrrrgvlmGycGDE4=; b=roqZcDFZcM9ioD/Ss y/bm9ax03v3EM8KyOamQqTKQCprx5UwIXFXnBQ31ZeeUAIG9Pb1h+CiS8xGVgden w16G6ld5MFSFSkwNZiAu1pqKday+fqPx+9g0ToGX855UxHEERG8s42XUM2+ucwlS vHQ0lDiajFDfArWVO5zoSlfn4wNa5PzL17YtQPnhTY+9LSHoZfoj+T7VWd8T+kuM gL/NgtYtwkEJpZglTz2wfgze10aoZo9oEqvrkmspXYUh9Zk0axOwzS/K2xQjt0Jg hZFp1qeEQ9zZQ4ZUYc7zZdqIlKr6vsFgwhIOB8hDvKQjd2L3C5sww8MU8QB5f6xB vwVTQ==
X-ME-Sender: <xms:ZIKPZwQdPEVLLh9B68liHJOauarBFrJ0P38A_KewQfW4kAg4rrQKdg> <xme:ZIKPZ9wOUPxn3sOnbIfqpGfKuXbiC37yLyaXJ_yZkZNBc_-B9UnZtkUUtezcAncj4 qar7Wx84NbdDc1z1_M>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefuddrudejuddgvdefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefoggffhf fvkfgjfhfutgfgsehtjeertdertddtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhs ohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpe ffheeulefggeehieevffelteejjeffteevgeelveegieeffeffkeejgeefudfhgfenucff ohhmrghinhepihgvthhfrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgvthdpnhgspghrtghp thhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepthhlshesihgvthhfrd horhhg
X-ME-Proxy: <xmx:ZIKPZ91ToM0jGy1NbVzNACl3yb7tkcXrNCdJ1wQiPev-M92oyHEG-Q> <xmx:ZIKPZ0CvO9MWwG-l2g9XqnoLdRJFEYAie_UsPz_acW4NB06Jc-8krQ> <xmx:ZIKPZ5jiINtyt7p9ZJcW7AvIrBGO95Bz_OqZ8NN2XsHB_wDGbPLIwA> <xmx:ZIKPZwqnmw1LD4yMLfOKnL3nCwe9vgCxObFe4nNM8BL81o7C1aun2g> <xmx:ZIKPZ5Iv_5-hXPUtVWAdzbp19GeJVkeNjVUfAMy2CzxBkBFxTPqY3XFd>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501) id ED07718A006F; Tue, 21 Jan 2025 06:17:55 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
Date: Tue, 21 Jan 2025 11:17:34 +0000
From: Martin Thomson <mt@lowentropy.net>
To: tls@ietf.org
Message-Id: <55885fdd-9be2-4b9a-9212-9a0cfe4d102d@app.fastmail.com>
In-Reply-To: <78292afa-bef3-4a80-83cb-f7c6a64e3996@redhat.com>
References: <CAOgPGoDHaHXAcpXjtzoA7U-T7B0LoqxSxXsbp7-Rq+gF3shj7Q@mail.gmail.com> <78292afa-bef3-4a80-83cb-f7c6a64e3996@redhat.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-ID-Hash: CPBTJV5J7OWI6AW2UQY2S7DTSWAVQCME
X-Message-ID-Hash: CPBTJV5J7OWI6AW2UQY2S7DTSWAVQCME
X-MailFrom: mt@lowentropy.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Adoption Call for Trust Anchor IDs
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/roFpazc8hU2h19BMAPPSrEUcyEQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
I do not support adoption for the reasons that I outlined in my last mail. https://mailarchive.ietf.org/arch/msg/tls/JZl0U7gKNYn1FWVFjzlL-qZXzF8/ (Still on vacation, so I won't elaborate more.) On Fri, Jan 17, 2025, at 16:16, Robert Relyea wrote: > I do not support adoptions. I believe that arguments have already been > layed out in: > > https://datatracker.ietf.org/doc/draft-jackson-tls-trust-is-nonnegotiable/ > > As an SSL implementer, I am highly unlikely to include this draft in my > library. > > bob > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-leave@ietf.org
- [TLS] Adoption Call for Trust Anchor IDs Joseph Salowey
- [TLS] Re: Adoption Call for Trust Anchor IDs David Benjamin
- [TLS] Re: Adoption Call for Trust Anchor IDs Bob Beck
- [TLS] Re: Adoption Call for Trust Anchor IDs Andrew Chen
- [TLS] Re: Adoption Call for Trust Anchor IDs Ryan Hurst
- [TLS] Re: Adoption Call for Trust Anchor IDs Brendan McMillion
- [TLS] Re: Adoption Call for Trust Anchor IDs Robert Relyea
- [TLS] Re: Adoption Call for Trust Anchor IDs Loganaden Velvindron
- [TLS] Re: Adoption Call for Trust Anchor IDs Martin Thomson
- [TLS] Re: Adoption Call for Trust Anchor IDs David Adrian
- [TLS] Re: Adoption Call for Trust Anchor IDs Watson Ladd
- [TLS] Re: Adoption Call for Trust Anchor IDs Mike Shaver
- [TLS] Re: Adoption Call for Trust Anchor IDs Stephen Farrell
- [TLS] Re: Adoption Call for Trust Anchor IDs Thom Wiggers
- [TLS] Re: Adoption Call for Trust Anchor IDs Bas Westerbaan
- [TLS] Re: Adoption Call for Trust Anchor IDs Clint Wilson
- [TLS] Re: Adoption Call for Trust Anchor IDs Kyle Nekritz
- [TLS] Re: Adoption Call for Trust Anchor IDs Christopher Patton
- [TLS] Re: Adoption Call for Trust Anchor IDs Kathleen Moriarty
- [TLS] Re: Adoption Call for Trust Anchor IDs Dennis Jackson
- [TLS] Re: Adoption Call for Trust Anchor IDs Kampanakis, Panos
- [TLS] Re: Adoption Call for Trust Anchor IDs Nick Harper
- [TLS] Re: Adoption Call for Trust Anchor IDs Salz, Rich
- [TLS] Re: Adoption Call for Trust Anchor IDs David Schinazi
- [TLS] Re: Adoption Call for Trust Anchor IDs Christopher Wood