Re: [TLS] Consensus Call on MTI Algorithms

Christian Huitema <huitema@microsoft.com> Thu, 02 April 2015 19:04 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8186A1A0364 for <tls@ietfa.amsl.com>; Thu, 2 Apr 2015 12:04:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R5ZEmSLcezAI for <tls@ietfa.amsl.com>; Thu, 2 Apr 2015 12:04:28 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0148.outbound.protection.outlook.com [207.46.100.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD6E31A1B5D for <tls@ietf.org>; Thu, 2 Apr 2015 12:04:28 -0700 (PDT)
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (25.160.96.17) by DM2PR0301MB1248.namprd03.prod.outlook.com (25.160.219.25) with Microsoft SMTP Server (TLS) id 15.1.125.19; Thu, 2 Apr 2015 19:04:28 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (25.160.96.17) by DM2PR0301MB0655.namprd03.prod.outlook.com (25.160.96.17) with Microsoft SMTP Server (TLS) id 15.1.118.21; Thu, 2 Apr 2015 19:04:27 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com ([25.160.96.17]) by DM2PR0301MB0655.namprd03.prod.outlook.com ([25.160.96.17]) with mapi id 15.01.0118.022; Thu, 2 Apr 2015 19:04:27 +0000
From: Christian Huitema <huitema@microsoft.com>
To: Nico Williams <nico@cryptonector.com>, Yaron Sheffer <yaronf.ietf@gmail.com>
Thread-Topic: [TLS] Consensus Call on MTI Algorithms
Thread-Index: AQHQbKd23SkjMeyZOkOkfPrXiYtBbp04tCUAgAAvggCAAAfCAIAAsbcAgAAQGYCAAAFBAIAAYA2AgAAG5aA=
Date: Thu, 2 Apr 2015 19:04:27 +0000
Message-ID: <DM2PR0301MB0655E94445ACBA130CBC6B5EA8F20@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <CAOgPGoBk+E=cNV1ufBaQ0n7=CJQ34zukPixKCEdpmMLBX=Kg_w@mail.gmail.com> <4EAF777A-0F04-400D-BFCA-AA1F13526770@gmail.com> <551C9170.8050708@gmail.com> <CABkgnnXAUnM6hy0mom5398RP9wJJwxxBxyuqUvdMG-PFAM+F7g@mail.gmail.com> <551D2D06.6000603@gmail.com> <551D3A87.5060801@cs.tcd.ie> <551D3B94.7070100@gmail.com> <20150402183622.GE10960@localhost>
In-Reply-To: <20150402183622.GE10960@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [131.107.174.254]
authentication-results: cryptonector.com; dkim=none (message not signed) header.d=none;
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0655; UriScan:; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB1248;
x-o365ent-eop-header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
x-forefront-antispam-report: BMV:1; SFV:NSPM; SFS:(10019020)(6009001)(66066001)(76176999)(102836002)(62966003)(77156002)(54356999)(86612001)(2950100001)(92566002)(2900100001)(86362001)(87936001)(93886004)(74316001)(122556002)(2656002)(99286002)(46102003)(50986999)(106116001)(76576001)(33656002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0655; H:DM2PR0301MB0655.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
x-microsoft-antispam-prvs: <DM2PR0301MB0655E00AF6143892B80CAABAA8F20@DM2PR0301MB0655.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5002010)(5005006); SRVR:DM2PR0301MB0655; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0655;
x-forefront-prvs: 0534947130
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2015 19:04:27.0718 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0655
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/u4s6i07mh5ovI33Djicthf-v-yc>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call on MTI Algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2015 19:04:32 -0000

> Must-implement != must-deploy.

Not really true. If you implement something and the code is never used, then you cannot really trust that code. This is the old paradigm of the fire exit. If you never used it before the fire, you are surprised to see it rusted or blocked by debris the day there is a fire. If you implement something, you need at a minimum the equivalent of fire-drills to test that it actually works.

-- Christian Huitema