IETF Logo Mail Archive

Re: [TLS] TLS Provfiles (Was: Call for consensus to remove anonymous DH)

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 16 September 2015 14:59 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C7121B4080 for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 07:59:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.071
X-Spam-Level:
X-Spam-Status: No, score=0.071 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FRT_PROFILE2=1.981, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3bg-w5AvRuOL for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 07:59:38 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C3A21B4086 for <tls@ietf.org>; Wed, 16 Sep 2015 07:59:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1442415576; x=1473951576; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=Ig8RsvFfAaGUpmfoFgHlBFPt/7X3UkxegmsSpaE22mw=; b=34tBGp+k7HkJ/dtLt7FKcC9lwFoDCbwF9M3Nfal+fGRg3b27tkMcLynV 7J/geLVjtflaMpi4XrAVGcFDzmUc0Uy5/sK1Y71ALtR+F12qWjRUFEuIB WwUNPNUfVpljeGA94CVPPShoPI3PU+8twE2QlUiYYcFnMrCQ5yMFSdQbV pm/RLYPR9rkx6te4Pyy4JU7UXVfA26/5HjBt0Qfspk3/j82czBZN1FR22 xvQT75WEiuJ5LiP6uiWVGRLAMvbPlDYa45va0gp7doLV6+SdtIagtRwHo wLuOIQbGWLXB9sftn31QMZL6co5B86xQt8RFqCWeuW677ffLRtWl7FT+1 g==;
X-IronPort-AV: E=Sophos;i="5.17,539,1437393600"; d="scan'208";a="41946801"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.171 - Outgoing - Outgoing
Received: from exchangemx.uoa.auckland.ac.nz (HELO uxchange10-fe4.UoA.auckland.ac.nz) ([130.216.4.171]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 17 Sep 2015 02:59:34 +1200
Received: from UXCN10-TDC05.UoA.auckland.ac.nz ([169.254.9.47]) by uxchange10-fe4.UoA.auckland.ac.nz ([169.254.109.63]) with mapi id 14.03.0174.001; Thu, 17 Sep 2015 02:59:32 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "noloader@gmail.com" <noloader@gmail.com>, Tony Arcieri <bascule@gmail.com>
Thread-Topic: [TLS] TLS Provfiles (Was: Call for consensus to remove anonymous DH)
Thread-Index: AQHQ8FFq13KcVZ89fEGkcyYs2GLTPZ4+0CRR//8+EACAAPO8Y///cIqAgADNSLw=
Date: Wed, 16 Sep 2015 14:59:32 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73F4B08823@uxcn10-tdc05.UoA.auckland.ac.nz>
References: <CAH8yC8=eHzQPL6cROVK4Pm0V2FSYTL7C7csLG7p49W5LEmfo=Q@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4B070E6@uxcn10-tdc05.UoA.auckland.ac.nz> <55F92C1A.9060703@cs.tcd.ie> <9A043F3CF02CD34C8E74AC1594475C73F4B0723C@uxcn10-tdc05.UoA.auckland.ac.nz>, <55F98037.6050103@cs.tcd.ie>
In-Reply-To: <55F98037.6050103@cs.tcd.ie>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/u6LUNa-3-MnlnVRKcDBkzK5EE_k>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS Provfiles (Was: Call for consensus to remove anonymous DH)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2015 14:59:44 -0000

Stephen Farrell <stephen.farrell@cs.tcd.ie> writes:

>I'm not sure how to process that comment. You ask for X, I ask is Y==X and
>your answer is that Y doesn't exist? Seems odd. ;-)

There's a difference between "X/Y exists" (but no-one knows about it) and "X/Y
exists and is actively used".  As I said, I've never seen the BCP quoted,
cited, or referenced in any third-party standard that deals with TLS (and by
third-party standard I don't mean other RFCs but industry standards like IEC
61850 or IEC 62351).

>Feel free to collect a bunch of your own emails (hand-wringing or not:-) and
>shoot those out as an I-D.

That makes it worse, not better, because it's just creating one more I-D or
RFC or BCP or whatever to languish in obscurity.  The profiles need to be part
of the TLS spec where they'll be noticed and used by other standards
referencing it.

Peter.

v2.23.0 | Report a Bug | By Email