Re: [TLS] draft-green-tls-static-dh-in-tls13-01

"Roland Dobbins" <rdobbins@arbor.net> Sat, 15 July 2017 12:00 UTC

Return-Path: <rdobbins@arbor.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02EA9131B1B for <tls@ietfa.amsl.com>; Sat, 15 Jul 2017 05:00:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thescout.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AKLz48Cmxmsk for <tls@ietfa.amsl.com>; Sat, 15 Jul 2017 05:00:02 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0111.outbound.protection.outlook.com [104.47.38.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFEA3131B18 for <tls@ietf.org>; Sat, 15 Jul 2017 05:00:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thescout.onmicrosoft.com; s=selector1-arbor-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=GGJRMHV1gKBkcKvo3DKZtgaWZkAbw07bHaBd0nsSvwI=; b=ht2KNjMGUNabOmD/DM7yf3QCt/j/AHgWpLH1qAZ5qb5lyQuxY0O0Q5z8CMHjsqomsp+YdDwIRYHmNt4clgdGsKhHPi0ScRyFuuC1YI/bmpKllrmoG1q1ZXJqPblRnbegWTGdtxDyn4AUxs3ThaR9euFgvAwa42cLZ+XeDWx6NM8=
Authentication-Results: fifthhorseman.net; dkim=none (message not signed) header.d=none;fifthhorseman.net; dmarc=none action=none header.from=arbor.net;
Received: from [172.19.254.116] (49.228.100.193) by DM2PR0101MB1039.prod.exchangelabs.com (2a01:111:e400:3c19::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1240.13; Sat, 15 Jul 2017 11:59:56 +0000
From: "Roland Dobbins" <rdobbins@arbor.net>
To: "Daniel Kahn Gillmor" <dkg@fifthhorseman.net>
Cc: "Russ Housley" <housley@vigilsec.com>, "Stephen Farrell" <stephen.farrell@cs.tcd.ie>, "IETF TLS" <tls@ietf.org>, "Matthew Green" <matthewdgreen@gmail.com>
Date: Sat, 15 Jul 2017 18:59:37 +0700
Message-ID: <14403761-47B4-4F6C-BF89-2553D180E776@arbor.net>
In-Reply-To: <871spirljc.fsf@fifthhorseman.net>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAL02cgRJeauV9NQ2OrGK1ocQtg-M2tbWm2+5HUc4-Wc8KC3vxQ@mail.gmail.com> <71E07F32-230F-447C-B85B-9B3B4146D386@vigilsec.com> <39bad3e9-2e17-30f6-48a7-a035d449dce7@cs.tcd.ie> <CAJU8_nXBFkpncFDy4QFnd6hFpC7oOZn-F1-EuBC2vk3Y6QKq3A@mail.gmail.com> <f0554055-cdd3-a78c-8ab1-e84f9b624fda@cs.tcd.ie> <A0BEC2E3-8CF5-433D-BA77-E8474A2C922A@vigilsec.com> <87k23arzac.fsf@fifthhorseman.net> <D37DF005-4C6E-4EA8-9D9D-6016A04DF69E@arbor.net> <871spirljc.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
X-Mailer: MailMate (1.9.6r5347)
X-Originating-IP: [49.228.100.193]
X-ClientProxiedBy: SG2PR0601CA0013.apcprd06.prod.outlook.com (2603:1096:3::23) To DM2PR0101MB1039.prod.exchangelabs.com (2a01:111:e400:3c19::28)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 2b30b56a-2a23-47e6-7a5b-08d4cb7903ec
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(300000503095)(300135400095)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM2PR0101MB1039;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 3:6IT1xTNo0B4Eu3uzz+6bp29nT/EHwgFnpNzKIWyWVqnJ+DuOpNtVmpAIFNjrwK/E0msbzCrcFFo9P+2OrKkAP3rF+ihmelm7cmpo/ju6XYogknoOk5GVfjj9z3M6DsWDcvUY6zTVEbkEtOmZuX5cKT9auX7o2RPiDQiOZlHmga/ofJv2ASgtgDa5Vt5cPGpCgCYSLuFzIId+BBjVlXaF08GvgNfEPY8GeMzEOxtBzOtepshkZ9l4OYlSB7Rn/++7Fkv/LGe5FYZFxo+rmX7F3BzA/ErF4KXPMW0zhAGlBn6SaZbQTMPgN1bde6keKnSw+AOIxqsGvkTV0LXun8Sp1gJq8Go2e/YAP7U+4hs1kpWV7f7vschuvr6ALAQI+cpg28jxIsKZounY4052+2Q/k/pD39kSvkI9Arh37z88+LnxruFOdIzHqtO+X2Cy9s/DXJsHqnnyExyiaVx8Rfqf5MaijPHaPHm4Q/e12m1Znp4dp8cmP0b4a55goSZL1q1R60bkQDj3asccdCUM2FfXIdSXSfxD0hnOgHEDxfIGWXk24K9qznZYofFoyito8HETPeL/6SOsAS42N8lZxbsI8BI6vm5lMlhbisUFqnFYK+ydCofnRqINmt2sBERu5ta+n901m29+lZaBr9DgDJ5i1s2QHikttEq9gWhsb0vBGxr9ByYbZwm+A1R2peDwROsG55OmuASOQdlWNCRgpTTDFhxiXdHA1Pa6WSFDrx8qpKw=
X-MS-TrafficTypeDiagnostic: DM2PR0101MB1039:
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 25:UVji6XlNxanbCGFwTQOCWKB40ViFlGOF5fRdWzEoqaPk0X3HmzAym5+VmcCwqZPLuZLK8jbiJugc6Q1/jNyH4MIqJHXSs5rYvgYgjWOsHWmOQkX4uoadi+eGSTGqPEGwjOPDeGhRbMKbzEazWnlSMIes6j2OkupY/WYY7mRJu+XpTmK35DvRnXNeG3ZkUs6JVoJji56d+FRKW/e+0WMP/Nt3xjaud3mJZtfaiZcP7UQ21TqHuf+kdA8XFmwlkNuu5Z7Z1oQ1PqNpkP1TNqdIbRKoPFwDiZ5lEJGaj598BNLIsS7Ov5EVjTVPAFi09JXe3de4A74VlBRuH2h1ySFruze6lW5vPjzNciZXjuiqBM8FvrFyQE8zCQPH9ARtwkB+RAiHk1BvakUDJYlC9YcDSJQN0rF5rRWP9xJ6J6E/AXGCEcq+j4WEWopspoyUUTHGpQkvctWKOAlTFoAGc1GXDWs6/V1UiaNtCyjpA5Rnpq+M4k9uey7r/yFC5O80Q4kbEyvmUDH+gcaoLref8LSHovAO5O8zTZGsF4LBD6o/H5+mp9QtXbc1MJOSgPq8duekf8aaGoFqlSeSM7nCfgRajmcG70JJmcQ7F9vNcsbq40EAeN/O6kmpab1/TBSc6qV7gvonitMZljl0rbW5xd3RtZAfsIltat2YIhxZvCkOSw/naAAiSVEbDgoQ7+JZWFBvvWHBaDJ8dxdFYXGu/2Y5xGTM+3Lqy3ZDGttjse+fK4dY+9XqAOJZlznmF/Y0/5It/HjVzxBYlEZczd+F+vSO4vyKYiYk27M4yK3Kiai1xjQMLOi4dd2UxKt8iXQPHAzJr4TCip9EAkMb5mPkCm0yi00ncI5gaEgROxjq+t5W8qisoJMgvRFkNc3PosY/U9H8BlqzVKgs1/eibZNke7zKPggVBePCX5gCH34RM9dO99c=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 31:S4wdiU+tbWcEzy8sUnglcaIFKYikxw80aLGysmicGgs82XDCnf1SOj9wf52OQ/VV3yJNRftTAMlCfULSHagHiCLXDOFz6T31PmCEgJkbAjFPvGKAK0duSKgEqdLCiLV8rE1OOH6BjDUS8UzBaie4Ppx9tbrOXXuz3NYQ3f7OTonQe1Xx4pSpfYusZMx/MUudOz7lITKyD1N5tp8oYWkflKDIsMy6vQ4xnoR3B6AQMsDL0sgWgR0AJeT1UQHcykNS9ppoSOUKoIF0MrSHM3ZQ1Kt5nbWwV0A9a3+vqls3nZSvVM7NydgeruLmDLefhOYxcbOvyU6+rx3L6GfcdBU9gsyVLVSUnIb6iS18KbNZe5rKbJx7hm/itSp3QntNHo0vG+V9SnvFjXlphqxhJw2ePg2C9KNVNcRR110VUfvzRfIri1BN7U202AblZZcLYFARb8DoCy5yDmteBzAPTTm3bxyq9O9BWVcGU0rKE44JzZGRaiJCEjhGwpl69AwVO+Tky0utqAngcTqLWBgosAU55CwuCuPsOAu8uV74B2TviRLPMClp8TLxyc8KlWMMWrOXBnZzWVy5bhzQXSxIsF9hJNI5GvNMJgJ9YmSRg3S6YeRjQQZmNEGP9cyI/phmVe5M8oJ5VXfL2o2oTQRDKbtG2xQyyzKjFLc3YcEH061sQPI92fs2C6GeVi11JI+k/t0v+yQSDDH9wPfXs52ITa7gVQ==
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 20:2YN3GvyrY2AMIqiHSV/2W/JDQzyglNPx+HzXjWLrT+TD/5OGoRsd98AuCYOi+dqTfLzgUsq8swGQCu1dcTCZ+9jCiY3xI7Vn8oEc6LGCWHMerWPz9EXxAgXVxAD7pplTAJhmboXaOdYMDqccoYikNXAblFor7ScT82KPeZs1jRX3aVT+r/dpliaL6m8k1DdL28wO8dUlwYLcRJ3MK0S4DC3cN2Dowdev3zWyvVcNNRUuos+zb9GwXwIRkCU2mOK1Od6ul2/el//Zs2d3YCjOVk7VJic6tGMck+FzSEFWqiQle96awFiYALA1iubqCfKd1+H210VgCs9NvltZvf1YVBU8Tgq77feF7JYZEAl6bV9hrmyXMNrYSNmWbzuZ6BIe60pMHeIZE2RUgzR0jcwh5EemVO1W7pY8T8i+o+PXUhHLj0Jh7A0lQGT5hWih5WY38++2MJ+QNaQn4YApGYZxJb+6O0XExJNk+SOVA0PsRtjObZUevccSfrFYWAS7iq7S
X-Exchange-Antispam-Report-Test: UriScan:(236129657087228)(192374486261705);
X-Microsoft-Antispam-PRVS: <DM2PR0101MB10395919A5A6BF434ECC57A0CAA20@DM2PR0101MB1039.prod.exchangelabs.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(2017060910075)(5005006)(8121501046)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(3002001)(6041248)(20161123555025)(20161123564025)(20161123558100)(20161123560025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR0101MB1039; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR0101MB1039;
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR0101MB1039; 4:CEZg5oa7usyUUyut996ZDCcfbZxBR4d8WBgxSRc0?= =?us-ascii?Q?SeTjBKAM3oNgOViPa5lRtiQHN4it6vnPI4INZRtEsAyUi3bAuOQraKzLQukl?= =?us-ascii?Q?HAZ/MfNplrwTph6HLZY3jBxQkWSlDYDI0Uu5s1SDWz8gS+RNk5GGdnx9FArx?= =?us-ascii?Q?CMzlhtMRDEnt1eJDEFGTa6zBXBdAvxr0+DjbJuLQa0qzVQFdTjZ32CL7GNWw?= =?us-ascii?Q?JtObgbhpFvW0creJrn420X0ZEtUzBa/DMxb+YlBqHW3MwkFSj/Q10BH5xX0F?= =?us-ascii?Q?Zc4mxsH48fM9eIpgHXL9jgg3WVLvWlQ2HQ+ywEtdsxWFePGmacrRsgB3fMSl?= =?us-ascii?Q?FWi+aJjgOkznc0HXc//wrMHFsV6yz+qz85yY20JYvNKPlTEIXJVI2c0O1UzD?= =?us-ascii?Q?fA4tIYftC7EsbJ+TdZI9/y7Rzf3/VCcsqFbQwSdKjsODyoEIB7UJ09M/cEhq?= =?us-ascii?Q?Pv1X7JpSv7WDxlaE+iby9BAyRYMQlEjSBvZAPkyDeJ5YTmXkoD5sQauCXppO?= =?us-ascii?Q?BPlD89L6yw2tcSFhymUOGG7Ie0EYeAdGPDwxSE286FZn2xX8kLKal79Kjddb?= =?us-ascii?Q?xClWRq6TYtmcGzsA/oIUqF1H7lLlOq564x6UcM3R9E5Q8H16G983FbP+5oVW?= =?us-ascii?Q?gDXZpaIpqwHxMqfmnerootjddfniBuVZBEmDovTE0WpH0uskAeAUXuZrL6FQ?= =?us-ascii?Q?nkLBlYwNyctyJ4dP7NwnRab3ZC8W/TzSjo2LUddrmRaH4mHl1xZRy/5gjjqn?= =?us-ascii?Q?dzkRYEjkdfpwQ2YROMsHGeWcM/mD+P9+2iHrp3G79bg58zzGFxk+e43ola8T?= =?us-ascii?Q?w7+B8XsGPBpKv7Uf7b/EwMFfZ6JogZCxKjDChg6eNL+bu8D93rrx7KtuEy7r?= =?us-ascii?Q?RAaZNleoQJb6IrpKIrh26hAkPLkr2WFXdIz17mup6jIDkQoH4hAMJt7QDPC0?= =?us-ascii?Q?5CQGjWvC0oCvfWIs10BTK3I3XkOFXtjGuRjL6Vz9YtbAnAMKFov43ScMfovB?= =?us-ascii?Q?dXUnBGzDZP1+/g5LD7pOJdM6COYqL+NQ2XzvMhUoOFiuhestOLtHt5X5WNWX?= =?us-ascii?Q?amFaSAkzZmoGbQft4yDV/MGulh6yGu8msEReELSPZIH0SEqdxmxNmB3VQsHI?= =?us-ascii?Q?NlDA5HRiv9DXeCL5rtKBHb20dEvbiVANT08kCPK17jbDMpX7fDauJ0tS/W0J?= =?us-ascii?Q?lx5XhKAhuUwwlSuzvMc5WHPAB9leG1QMNUAzu6gZf+yQjScabM90GBzbI71x?= =?us-ascii?Q?TWLJhEbGMhteP24hBZo=3D?=
X-Forefront-PRVS: 0369E8196C
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(7370300001)(4630300001)(6049001)(6009001)(39400400002)(39410400002)(39450400003)(24454002)(478600001)(189998001)(3846002)(6116002)(93886004)(230783001)(305945005)(33656002)(7736002)(42186005)(76176999)(38730400002)(110136004)(53546010)(54906002)(82746002)(50986999)(2906002)(53936002)(6246003)(77096006)(66066001)(6486002)(6666003)(47776003)(5660300001)(2950100002)(4326008)(86362001)(50466002)(7350300001)(229853002)(50226002)(81166006)(36756003)(5003940100001)(8676002)(6916009)(83716003)(25786009); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0101MB1039; H:[172.19.254.116]; FPR:; SPF:None; MLV:sfv; LANG:en;
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR0101MB1039; 23:aqMAdNzIwD9+MLEji3ibt6TfC1OEGV6+8li9hIL?= =?us-ascii?Q?5H4yipQpMbvBYsMiIG2c4gFv2Un01MzIqbOHXp6iRJE3fbhq/sZ53Cq6SAsn?= =?us-ascii?Q?FKCjMDqT45Wu38T90dEyLwkzppkbucd7pZk7sTpzz8MbzQV4Fz37W9BKZZR2?= =?us-ascii?Q?ckji0TCGBimZdeuUD0B5vPyjayK2hU5X9CUWlPeOUQNGygbqkNEf1HpkyQIR?= =?us-ascii?Q?PbF2u9fjVPEnOGsjn2UFABurm6rPPOv/cR8Eelr2Yf4LzP6S5aho1DduKwxO?= =?us-ascii?Q?hubIfe5TUeDWqq571R2G5TdQ95Aw6WiG0+7ynRhgP1H1RyOvz74S+8A+3Ddb?= =?us-ascii?Q?OaEcY92a0YW1Q5gyLD9T4cVUCOdpeuZ4/T9i6H4En8jtS1yupVx1qiO5poOX?= =?us-ascii?Q?6qmSqkPbAA1IQQUJYwjeHlFdg9tHj4iiJf8zqHNW4ZnuRXS+uVMbq8B0wmya?= =?us-ascii?Q?loMFRZvZas5nFKCd9X7nKOyDbq63NjZkeRQ0Se1wmQxGOd4isMmeFYcj9yuG?= =?us-ascii?Q?+9OG/uJUPx2LbB9rAvp0lzvopQCqRwCXrHq1HutMUlWDzfxwAvMjL+ui7XIw?= =?us-ascii?Q?KT+FLeDoJU2Dhrz40u5MkhR81nx+eialeHJ8pjXEe8jub18OK2IZLhZ9xnl7?= =?us-ascii?Q?hlAomLZaCFIOU52Jim/uMICUqpsSOgHz1LmcnBIlOtWkvF/LpwTdzjXOlzQS?= =?us-ascii?Q?/2Rf4onJtSHr1M2Ec15zMHIsaJMEkQvaBYh/3l+Z+R1UM5RF+anZX/UascBj?= =?us-ascii?Q?Zp4z7OnLJRL0A5t5OCuzjmcRH/PVftHYBmMzb/mBVLFB3kCfc6EzBwdTNc6o?= =?us-ascii?Q?r8oUu2bPZWvtWOXjxubdLdF6TdSr8k38O+r8aXauNp5v2aRDgLNZzpleIuIv?= =?us-ascii?Q?2YqYro/P7r7Vz4oMfkd4Yrmk3fQRedOvFN72FAGpUVJwlFOKqSlZ6/scvRPR?= =?us-ascii?Q?PYWb91KFC4BIJqUDtXqw9wuiKl9pwO7M2oHlRZEUsrn8kodupr1GtlGlT18o?= =?us-ascii?Q?pi0KBZnM2vBdUjetMATNpFpfLCVHgVOlgiNPC496hZcpn8lezFPrLyVwS81X?= =?us-ascii?Q?vGQk/bErkLYLdhEMYkbDLyeQyfJYkWHf/7D/gkBOZaFYB4kqF82mOsCa4kWG?= =?us-ascii?Q?GnpHatBVjm9vb3UALCOlTIK5C5P9v0t5aOxxo3MPUGews6xx5pGapMchanis?= =?us-ascii?Q?Qtk0F7hKE029Ipoz2TY3QultLXDJyJa55iRft?=
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR0101MB1039; 6:E2Xj67YT0fhjaLWGnWUyvA1bxZcT+FfDu+UySY23?= =?us-ascii?Q?iED0N9ZxmMDHaHUqK3bAt3gV8ZjK6/hqPFG8SNEsVbUfhowN1QVvC8yDWQWB?= =?us-ascii?Q?edSONXx4rMzBAFrgFApwmMcIt4FpD03YTBC7WfQTR3udzopMFgaIlm8Nh7Uj?= =?us-ascii?Q?OCe1gJmiowJ5ZfFVx+rapaIRDxs5G4d4MznVnOZe1AheP7Il66vSd+iqMqzk?= =?us-ascii?Q?de6lF3nEOn74b/LsyVWIfnLciRu996Xfzi2p4AN7yQ1BqbJmFafFpOYKKyqc?= =?us-ascii?Q?VjKHlbTwePExw3gStyEz0Ued8fBg3hUiW4qtIFkpeol5/ZVTufPpeHDNindY?= =?us-ascii?Q?KwirH6NwVjHqlg5KVXI8l8PTgxb+nOY5vE1Y8oDYzTAut5FtLgpJXm+fSiHJ?= =?us-ascii?Q?TOuVE48/vR3whex9SmZnygmOsm3xAfSnkISVE95iTr9aboDAwb73Lj8qLQD+?= =?us-ascii?Q?zdE1M+tXgyPltGidBi0pVXgHeSKZmDyaK4ce0Y4WVhhS/f9kwG3tcSoKOADr?= =?us-ascii?Q?XXGceWUPl9uP9YU0429sD5Ss87cToVyU8SlrG7qlH1FqN/y1inzK9lt0QAm0?= =?us-ascii?Q?aydd7hXOLwJCbjgZRlskPuaNWroQUPMSAvsZZnW2UTLwNLNlo+/IbsIwf7td?= =?us-ascii?Q?Vpo6oobr+dPmNCse4Kq3PkP4LmJsrtHhXekHGZK91x7NSNMckmbQYDFoPB7X?= =?us-ascii?Q?faOHWeAtd9Gp2rjoeYy7oCD8KOIL9yX48cgKBFrNVJGY48xZ5hUyhZEgnx/7?= =?us-ascii?Q?8IEFA+mW9d9y3/fTX/ceAsovT1hy5Op9RgLY0sqPipKl2aY7oMxzxZ6GBwtu?= =?us-ascii?Q?AC8D8tvrJjrXfOTmuAFb5y/j9/vzAS8iqYYuSnohZSd2vN9Wi79YVMQxlm13?= =?us-ascii?Q?g3gjQC5Ou77wQ6kXgwsDk1OVC90P966HRYHzYu+Ei6YWPwzgVY8hJTa1zISR?= =?us-ascii?Q?OFAKmEvtI7TGqyXIUoWqbjFFSgSxKA2iRxbsw1vdDb6d71BKlpJieq6QlfMt?= =?us-ascii?Q?gyc=3D?=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 5:4wxiDIhvb8Q0XhvH4mICci24TIeufT4qFpHhq/m7V3fcA2qZ2W2RFWhSft80woaZhZ1mqrvnKCLZgmFRpE8lv1KCKZlw4q2MwdSAI1iPPyHuy1NAAtun29xwVP3YLI1zYvALcKoKuC5LRB5z0L/XdxFXZnCrQ33Myeza/iCUZDwfd2lzrQNNEOyIERpoZ7W4WqNPyPP2x58Zz8JsqEEfx9ELvV2Q/6/rDTE7y7/letgF8iE6subgZR8KVABMbsx2BycBy8gcxVXqyujyfexeWrTPAIYkX+W2BB2ZLiuYbyDYHkd7fMI38873DwD4IkdbFX2K96y5eaHoIHdUVCKDVPyJ9ijyz3YrLYU54PF9Fot+mt8iYYu3mTS5wEp1wTLcTatkfxSW0vV9FIxsOTjN+c0XosYh8VenT5wqLBnZbLerS9dkU5s/80Q5Okh2OJeK9KXPimDTGV3+GSktD7TYYhinI4pEfK1QqwXuOvwh3f1rLnaLHXtNOrA2iednTwOS; 24:RPWZEzNHm2+kVIFQ6sPGs8iTPIebrT07iioNdEVJ3Nd1pBDnWxgGVdzck/AamvT8pOIb2H2UBS7HdMmye9dtmrmuGvfy5fh0Vm9OLPsStdY=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0101MB1039; 7:ORoS0bOJj/7VFiUrHpLz+nMHgWLJnhb4AUsWIvb/tNbX74R6yQ+loYdG5X6gUfLXjCXXEUJHF8BysCLN+xAafpQD2C+6TAF6iw8bEL/e+1Ng+kptXYttIqZTIc9BdpOlKndRfbvBkk35VlzddluvjAXSfB8o2wWl9eYs/a9hWRWEm5kkDTTdtvX5SRR8XFJoiU3NnmARGLDnxPUbejw0pvEW48Q2T4O8MjuQh1kyYxD5pE5SEfm86zwFgwHnkKYcAxFQsV7zCcN/0sovfL5cSlqC7ucKFSSkJRzHqEy3kv6afG6YrVlejndL0+WKD9CjgUtXbr8Ade5Q+GyaqABVw06A/rt7nys/27y3pqkjTnNRpQMWIxdrPATQovUbtdNq1FcMwBFRaEt82EoE7T7Yb9s8IxIiJx7tSp7v1nru3YCFVUE84U5Jbf8qbjY4CYV2tPJ+zPagN7K0Y/59RBEorAjPB2G7q/jSMMxR29niISUZcShTvUsI/WlCOYywspuLTz0ijyf1mWq+9VfnuSfc89EUJSGo329OKL7Kl4rv0WLvjWTC0QnQR7NbyEYEqcUeFo3B5XjCYwBADhJF9XzEOv691hPib2MqRWKaSIbJvi4ViZ7BJ0CT8lnUWmzNj9YXZU52bJORbNgc6FP8lNPQJWonSM9PXeHpOlb0FnwGZbP2zMyZcVu/hBsQnHQhtublHa+EY/4WEH6yhoPRMDtGoem0KCehChgz0SysWbF3jmREHF5o8CE6WS4WCUlfJL3dYlv3DKr+HY7QmCML4yTVSIh/Mt8xTUJFAU20J0s9/OI=
X-OriginatorOrg: arbor.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Jul 2017 11:59:56.5424 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0101MB1039
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uGf29TZ86sPOcLutFElpPtHiwEo>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Jul 2017 12:00:04 -0000

On 15 Jul 2017, at 18:23, Daniel Kahn Gillmor wrote:

> Whether it justifies a loss of security is a separate question.

It isn't a loss of security - it's actually a net gain for security.  
Network visibility, independent of any end-host, is a key requirement 
for network security.

As to the specific regulations, folks from the appropriate verticals 
will need to speak up.  I know vaguely that there are regulations in the 
financial sector and the defense contracting sector which apply, but 
can't cite chapter and verse.

I'm sure someone on the list can, however.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>;