Re: [TLS] Proposed text for removing renegotiation

Eric Rescorla <ekr@rtfm.com> Sat, 07 June 2014 15:51 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E5CC1A01B4 for <tls@ietfa.amsl.com>; Sat, 7 Jun 2014 08:51:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3XHQWFUrolEG for <tls@ietfa.amsl.com>; Sat, 7 Jun 2014 08:50:49 -0700 (PDT)
Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D78851A0376 for <tls@ietf.org>; Sat, 7 Jun 2014 08:50:43 -0700 (PDT)
Received: by mail-wg0-f50.google.com with SMTP id x13so122236wgg.9 for <tls@ietf.org>; Sat, 07 Jun 2014 08:50:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=9LF1HISQw/WiFm36M02799+kEx9jHxy/feWTIWd0SpY=; b=HpJLWUViEBfsQSOPikzfIDIxisw7SS7y3Lg5UsDhNJ5qQjUcp6Bc1mvYD9YmEDDzhZ 3KPwyxh9zwF4Ar8f7R9jbnsQiJ8ZT0LKpOhfADubOgspDyYMJnV0tIE1H4wSNk6fBM8x gVOMjlAmG2JBashlV8gguu8gZvLTkq1OjO5H8APICFzqPVJ8Mj0MY6EAtQhpOhraBQp5 1DRidiaCwEndMwLQtGvb6PA4jgIYcSnCg3PY19Kc/0vJXTYlXXLn/2JpVLPh4cQfovNX JDdcU7iDcMxtWxGSWU2RORcrja6AlMfKPo8UEtvfQCwrk3q5bQ/WfZxvoNh1dSmdqkF6 nIGw==
X-Gm-Message-State: ALoCoQk+S9nOIRi+1BKdne34AXQ8q9XtK9YcAAAj38oGBuaOj2qd/vQf7dMVk0dw6dnzK3cLQheJ
X-Received: by 10.195.13.79 with SMTP id ew15mr16592420wjd.19.1402156235600; Sat, 07 Jun 2014 08:50:35 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.218.198 with HTTP; Sat, 7 Jun 2014 08:49:55 -0700 (PDT)
X-Originating-IP: [74.95.2.168]
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7130F434F76@USMBX1.msg.corp.akamai.com>
References: <CAFewVt65X1V6=A_HP_pcg=6nXNVFLxQmSsPB2rq1KvmGPRz+og@mail.gmail.com> <20140606223045.3B5AF1AD46@ld9781.wdf.sap.corp> <CACsn0cmcc6kXvOuqkZaDj7+QPdpY9qqQ58bs3s-JBGXdNJSZyw@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7130F434F76@USMBX1.msg.corp.akamai.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 7 Jun 2014 08:49:55 -0700
Message-ID: <CABcZeBOJi9eW+WZGq=1wWUD3fmzb1fjSxrstg2eNRtSwwVDY2g@mail.gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: multipart/alternative; boundary=047d7bfd093a57cf0f04fb40f0b1
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/rqEbUTTp2W_kQVEhWsYBfCEJ0Nc
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Proposed text for removing renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Jun 2014 15:51:00 -0000

On Sat, Jun 7, 2014 at 8:11 AM, Salz, Rich <rsalz@akamai.com> wrote:

> > What about this solution: separate TLS into a handshake and transport.
>
> That's a very interesting idea.  The "HTTP/1.1 update" did that, turning
> RFC2616 into something like seven separate, albeit interlocked, RFC's.


As I noted in my response to Watson, TLS does already attempt to
make this split inside the RFC (Sections 6 and 7) so this seems like
more a document structure question than a technical one. IIRC when
HTTP did this, it was partly motivated by concerns that the document
was getting unwieldy and indeed RFC 2616 is quite a bit larger than
TLS (176 versus 104 pages).

As part of what we are trying to do with TLS 1.3 is to remove stuff
(my local draft with the initial non-AEAD removal is down to 94 pages)
I'd prefer to keep everything in one place, at least, for now.

Best,
-Ekr