IETF Logo Mail Archive

Re: [TLS] TLS@IETF101 Agenda Posted

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 09 March 2018 22:07 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31E561242F7 for <tls@ietfa.amsl.com>; Fri, 9 Mar 2018 14:07:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IQzHit10iUKZ for <tls@ietfa.amsl.com>; Fri, 9 Mar 2018 14:07:31 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C856120721 for <tls@ietf.org>; Fri, 9 Mar 2018 14:07:31 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id D6591BE49; Fri, 9 Mar 2018 22:07:28 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GF8kI5hVW_HM; Fri, 9 Mar 2018 22:07:26 +0000 (GMT)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id A9E09BE3E; Fri, 9 Mar 2018 22:07:26 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1520633246; bh=S/62vER6yPS0wT9UUebfUeSJWc+wD+cq3Eh8yR2DE84=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=GK4PHhNXT3dyP2KxtoI9Dv5KTVfvfd+WhLbemRMZZZ4qMxh9Ny4g8iiQQIW0/SZuF hs5B8Wg7dC/ZGqjNtDHYDbyq6LWaNXbBbsSWiiOQpkp+uhLtO6zAKYpvHoX7T+T78S LDorW6Epcd5RVm/Q8Ob7XwVXZzF8m5MOf2kDozFI=
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: Joseph Salowey <joe@salowey.net>, "<tls@ietf.org>" <tls@ietf.org>
References: <6140B7A6-A1C7-44BC-9C65-9BE0D5E1B580@sn3rd.com> <986797a7-81b0-7874-5f39-afe83c86635b@cs.tcd.ie> <CAOgPGoBYc7O+qmjM-ptkRkE6mRsOYgc5O7Wu9pm3drFp3TVa6Q@mail.gmail.com> <d7dfdc1a-2c96-fd88-df1b-3167fe0f804b@cs.tcd.ie> <CAHbuEH7E8MhFcMt2GSngSrGxN=6bU6LD49foPC-mdoUZboH_0Q@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Message-ID: <a6048713-bc2d-c5c7-32af-643a0902d759@cs.tcd.ie>
Date: Fri, 09 Mar 2018 22:07:25 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CAHbuEH7E8MhFcMt2GSngSrGxN=6bU6LD49foPC-mdoUZboH_0Q@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="qknWQMSVMUDELUGONrFDJEvFSqivH962S"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/v3Pqab1zGKC6-mI57sQ8EsF0k3E>
Subject: Re: [TLS] TLS@IETF101 Agenda Posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2018 22:07:34 -0000

Kathleen,

On 09/03/18 21:57, Kathleen Moriarty wrote:
> Hello, Stephen.
> 
> On Fri, Mar 9, 2018 at 4:24 PM, Stephen Farrell
> <stephen.farrell@cs.tcd.ie> wrote:
>>
>> Hi Joe,
>>
>> I'm sorry, but I gotta say that answer seems to me both unresponsive
>> to the questions asked and unconvincing.
>>
>> On 08/03/18 23:08, Joseph Salowey wrote:
>>> Hi Stephen,
>>>
>>> In the meeting in Prague there was interest in this problem space, but
>>> neither the consensus to accept or reject this work.
>>
>> Without rough consensus to adopt, the work is not adopted.
>>
>> But your statement above isn't accurate - it wasn't "this work"
>> (as in this draft) that was discussed in Prague, but rather the
>> entire idea of weakening TLS in these ways - quoting from the
>> Prague minutes [1]:
>>
>> "The main question: Is this subject something that the WG should
>> consider?"
> 
> The hummed answer to that question was very close to 50/50 in the
> room, inconclusive.

I'm sorry to disagree but it was entirely clear there was a
lack of consensus. That's the significant thing here. And
there is zero evidence that anyone's changing their position.

That ought be enough for the chairs to say no to all proposals
in this space unless someone turns up with something unexpected.

That's not the case here - in discussion of this draft, various
folks asked on the list that we stop the constant debate about
making TLS worse, so there is zero evidence that this draft is
going to change people's minds.

Where am I wrong?

> 
>>
>> There is clearly no consensus to adopt *any* work in this space,
>> whether that be draft-green or this latest iteration from Russ
>> and Ralph.
> 
> It was clear that there was no consensus to adopt draft-green and that
> is considered dead in the water, we agree there. 

The question asked in Prague was not specific to draft-green.
I would have preferred if it had been and Lucy Lynch suggested
that in fact (so say the minutes) but the chairs conferred and
asked a much more general question. The consequence is that
Russ and Ralph's draft, having been discussed on the list, with
no evidence that it's changed minds, ought not be taken further
in the WG and ought not get agenda time.

Where am I wrong?

> Since there was
> interest (50% of the room) to consider work in this space, I agree
> with the chairs assessment to allow this presentation.  I am confident
> they will work on any hums to carefully assess next steps and if any
> future proposals belong in this WG or elsewhere.

Again, I'm sorry but that's just not logical. There's abundant
evidence that people's opinions have not changed from the earlier
discussion of Russ and Ralph's draft so it makes no sense at all
to repeatedly impose this divisive topic on the WG.

S.


> 
>>
>> I see nothing whatsoever to indicate any significant change in
>> sets of opinions since Prague.
>>
>> What makes you think iterating on yet more proposals like this
>> will ever conclude? If there's no evidence of that we ought not
>> waste the time and energy. Can you point at any change that
>> could possibly indicate that this bun-fight is worth doing yet
>> again?
>>
>>>  The authors have
>>> revised their proposal to address some of the concerns raised by working
>>> group members and are asking to bring the new approach in front of the
>>> working group.
>>
>> What significant change has there been since -00 of Russ and Ralph's
>> draft? I see nothing major there. that -00 was debated on the list
>> which is the primary place for  discussion. My read of that set of
>> threads it that it pretty clearly showed that the same folks have
>> the same opinions with no significant movement. Can you point at
>> some evidence to the contrary? If not, we shouldn't bother to waste
>> more time on this.
>>
>> If instead you mean Russ and Ralph's draft differs from draft-green,
>> then see above - it wasn't only draft-green that was rejected in
>> Prague, but the entire idea of adopting work in this space, which
>> includes Russ and Ralph's -00 and -01.
>>
>> That the authors have asked for time counts for nothing, when the
>> WG have no consensus to work in this space. If just asking for time
>> does matter, then I'll now publicly repeat my request for time
>> to refure the assertions that'll be made for breaking TLS. You said
>> no to my request, so what's different about one that relates to a
>> draft that has been debated on the list and attracted significant
>> negative comment?
>>
>>> I believe in this case this is the right thing to do even
>>> if it appears there is some repetition of topic.
>>
>> It is not "some repetition" - this topic has been debated f2f and
>> on this draft on the list and there's zero evidence of significant
>> changes in opinion, in fact the opposite. Can you point at any
>> such evidence? If not, your position as chairs seems illogical.
>>
>>> However, if the new
>>> approach fails to achieve significantly more support I believe the authors
>>> will need to find another path for their work that does not go through the
>>> TLS working group.
>>
>> But the WG has already demonstrated a lack of consensus to even
>> consider "work in this space" (your choice of words I believe.)
>> That should be enough. What does or doesn't happen outside the
>> TLS WG is not at issue here.
>>
>> To reiterate, in Prague you asked "The main question: Is this subject
>> something that the WG should consider?" The result was a clear lack of
>> any consensus to work in this space, which means not working in this
>> space. Yet here we are again giving agenda time to highly controversial
>> proposals in this space.
>>
>> Please: just take this off the agenda and let the WG do it's real work.
>>
>> Thanks,
>> S.
>>
>> [1] https://datatracker.ietf.org/meeting/99/materials/minutes-99-tls
> 
> Relevant comment from minutes:
> Hums: No clarity whatsoever. Seemed pretty even.
> 
> Best,
> Kathleen
> 
>>
>>>
>>> Cheers,
>>>
>>> Joe
>>>
>>> On Thu, Mar 8, 2018 at 9:21 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>
>>> wrote:
>>>
>>>>
>>>> Hi Sean, Joe,
>>>>
>>>> On 08/03/18 16:20, Sean Turner wrote:
>>>>> I’ve posted the draft agendas:
>>>>>
>>>>> Monday:
>>>>>   https://datatracker.ietf.org/meeting/101/materials/agenda-
>>>> 101-tls-sessb
>>>>
>>>> That includes:
>>>> "
>>>> TLS Vizability - Russ & Chairs - 30min
>>>>  - 10min draft - Russ
>>>>   https://datatracker.ietf.org/doc/draft-rhrd-tls-tls13-visibility/
>>>>  - 10min discussion - Chairs
>>>>  - 10min wrap-up - Chairs
>>>> "
>>>>
>>>> Consider this as an objection to that agenda item
>>>> being given any time. I also have some questions
>>>> below.
>>>>
>>>> This topic was discussed at length in Prague with a
>>>> very clear lack of consensus to consider any work in
>>>> that space, despite there being quite a few fans of
>>>> doing such work in the room that day. I don't see
>>>> that anything has changed in the meantime.
>>>>
>>>> Russ' draft was discussed on the list last year, also
>>>> with (ISTM) no consensus at all to do any work in
>>>> that space. (While you didn't make a consensus call,
>>>> am I wrong?) The -01 version is not significantly
>>>> different from what was discussed on the list so I
>>>> see no need for any presentation nor discussion time.
>>>>
>>>> Given the above, on what basis are meeting attendees
>>>> being asked to waste yet more f2f time on this topic?
>>>>
>>>> And why is another want-it/hate-it exercise useful?
>>>>
>>>> As chairs, are you going to continually allow the same
>>>> topic to be raised, in the face of a very clear lack
>>>> of consensus to do anything in this space? If not,
>>>> then what's the plan for ending this?
>>>>
>>>> Thanks,
>>>> S.
>>>>
>>>> PS: I also strongly object to the "visibility" euphemism,
>>>> and while that's partly a comment on the draft, it would
>>>> also IMO be a significant error to pose any questions to
>>>> the WG based on that euphemism.
>>>>
>>>>
>>>> _______________________________________________
>>>> TLS mailing list
>>>> TLS@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/tls
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
> 
> 
>

v2.23.0 | Report a Bug | By Email