Re: [TLS] Re-chartering TLS
Eric Rescorla <ekr@rtfm.com> Mon, 20 January 2020 21:56 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0638120232 for <tls@ietfa.amsl.com>; Mon, 20 Jan 2020 13:56:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OqCRL9E7Y-Pv for <tls@ietfa.amsl.com>; Mon, 20 Jan 2020 13:56:02 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8611120045 for <TLS@ietf.org>; Mon, 20 Jan 2020 13:56:01 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id j1so638322lja.2 for <TLS@ietf.org>; Mon, 20 Jan 2020 13:56:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=aMwi9/KUiNLC7R+VDre0h1598zda3aJOSFP9rRA5h6A=; b=bCh1Llh4gr+U5XVi1ZIPpgMXWv9HlFn3GhHa/L1m8Sw7RQat1AaKXH/mTEBnxdtzhp D+3mmXFnOiAtTpfG6bzfE6vbD1unc66EQShVHQOiz7Y10qaTo4TfEYoHqIfDDb2Y6igc SeieYDJuCu8hewUXzGtCK6a9SuW4OgwHolo0vve4sWJ+n8YsJCV1aJ34Y7IWOVHv38Bj bVCiJCvIK6AQpJFojIewpUlY1fdBevJe1kQJ33WFn0tDtd5UMgu9k+wfcND+pTb2Wivl CTyuIggsaaF9va1DI3yqdScZhI5iLGuFEIWNvkRyZeuXyb7Anr95dBvkqk2mDt74cODR QZvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=aMwi9/KUiNLC7R+VDre0h1598zda3aJOSFP9rRA5h6A=; b=gVY3mMk9iQZ3s5SPRRDOJEe97yHcULVgD0mlObz98SyqlDxDFZNkth3UhFHe/RPkyY yQJmfR0Lz2Uwqqwn50oxBQLAeCbLaH2fdhUu/RbiAC0S5dkhYltt24Y7su/cfUilJxhP xNLPlx6icBSWMSJlBgykuc5znZ1DDmRi61EzHIU1mA20fH6unZgg45vUeJLPfa57tZlC mJfHIZmIy94nGKujLU5RJ4S5yeqs/DasIeZRpxg1wDOGuQiliZGg0vOSowpu0Wc4LuQX MwcWk1XeBoWzebGFX8rXYEtQyYCjCAmrSIqoGMQCjbhYTe21bFIfN/MUEtU0srsn3cGA JOVA==
X-Gm-Message-State: APjAAAUjzkREqc4tmYI5Q5KnuJ5uO+Yt+iqtv/cDaUfYwDiYYt6UDKov O9ZqdPaVnf8R1X2+oe5q7TP6V+oqFBrZ4NyA3QP9TTBwwzE=
X-Google-Smtp-Source: APXvYqzwjsVdVEjgRiQinAzIa553XswgbafWjF9zJ3vVUC5fCFrug/RTgKHDFk9EEi3My6nnNCCcV+uZ+EOOq7yWJDI=
X-Received: by 2002:a2e:b054:: with SMTP id d20mr14403097ljl.190.1579557359795; Mon, 20 Jan 2020 13:55:59 -0800 (PST)
MIME-Version: 1.0
References: <0d5254f7-d51f-4519-95ed-29502c61fa2b@www.fastmail.com>
In-Reply-To: <0d5254f7-d51f-4519-95ed-29502c61fa2b@www.fastmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 20 Jan 2020 13:55:22 -0800
Message-ID: <CABcZeBMqF242dWvYj3gFUD6cdOn7oprgnxTNnGd9p7gXjBCJtQ@mail.gmail.com>
To: Christopher Wood <caw@heapingbits.net>
Cc: "TLS@ietf.org" <TLS@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000555292059c995b44"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/tIFMaEn2n_mkfrjB6JWyT88X6AM>
Subject: Re: [TLS] Re-chartering TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2020 21:56:05 -0000
LGTM On Thu, Jan 16, 2020 at 7:32 PM Christopher Wood <caw@heapingbits.net> wrote: > Hi folks, > > As discussed in Singapore, it's time to re-charter the working group to > reflect ongoing (e.g., Exported Authenticators and Encrypted SNI/CH) and > future work (e.g., cTLS). For reference, the current charter is available > here: > > https://datatracker.ietf.org/doc/charter-ietf-tls/ > > A draft of the new charter is below, and also available on GitHub [1]. > Please have a look and and send comments, either here on the mailing list > or in the GitHub repo, by 2359 UTC on 30 January 2020. Any and all feedback > is welcome! We would like to complete this in advance of IETF 107 so we can > move forward with items such as cTLS. > > ~~~ > The TLS (Transport Layer Security) working group was established in 1996 > to standardize a 'transport layer' security protocol. The basis for the > work was SSL (Secure Socket Layer) v3.0 [RFC6101]. The TLS working group > has completed a series of specifications that describe the TLS protocol > v1.0 [RFC2246], v1.1 [RFC4346], v1.2 [RFC5346], and v1.3 [RFC8446], and > DTLS (Datagram TLS) v1.0 [RFC4347], v1.2 [RFC6347], and v1.3 > [draft-ietf-tls-dtls13], as well as extensions to the protocols and > ciphersuites. > > The working group aims to achieve three goals. First, improve the > applicability and suitability of the TLS family of protocols for use in > emerging protocols and use cases. This includes extensions or changes that > help protocols better use TLS as an authenticated key exchange protocol, or > extensions that help protocols better leverage TLS security properties, > such as Exported Authenticators. Extensions that focus specifically on > protocol extensibility are also in scope. This goal also includes protocol > changes that reduce the size of TLS without affecting security. Extensions > that help reduce TLS handshake size meet this criteria. > > The second working group goal is to improve security, privacy, and > deployability. This includes, for example, Delegated Credentials, Encrypted > SNI, and GREASE. Security and privacy goals will place emphasis on the > following: > > - Encrypt the ClientHello SNI (Server Name Indication) and other > application-sensitive extensions, such as ALPN (Application-Layer Protocol > Negotiation). > - Identify and mitigate other (long-term) user tracking or fingerprinting > vectors enabled by TLS deployments and implementations. > > The third goal is to maintain current and previous version of the (D)TLS > protocol as well as to specify general best practices for use of (D)TLS, > extensions to (D)TLS, and cipher suites. This includes recommendations as > to when a particular version should be deprecated. Changes or additions to > older versions of (D)TLS whether via extensions or ciphersuites are > discouraged and require significant justification to be taken on as work > items. > > With these goals in mind, the working group will also place a priority in > minimizing gratuitous changes to (D)TLS. > ~~~ > > Best, > Chris, on behalf of the chairs > > [1] https://github.com/tlswg/wg-materials/blob/master/charter/charter.md > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Re-chartering TLS Christopher Wood
- Re: [TLS] Re-chartering TLS Dmitry Belyavsky
- Re: [TLS] Re-chartering TLS Christopher Wood
- Re: [TLS] Re-chartering TLS Salz, Rich
- Re: [TLS] Re-chartering TLS Benjamin Beurdouche
- Re: [TLS] Re-chartering TLS Christopher Wood
- Re: [TLS] Re-chartering TLS Christopher Wood
- Re: [TLS] Re-chartering TLS Salz, Rich
- Re: [TLS] Re-chartering TLS Eric Rescorla
- Re: [TLS] Re-chartering TLS Christopher Wood