Re: [TLS] ECH & HPKE versions as an example of too much githubbery

Mark Nottingham <> Tue, 27 October 2020 22:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C8E723A15C5 for <>; Tue, 27 Oct 2020 15:28:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=eABy1K/S; dkim=pass (2048-bit key) header.b=RdQZSxyi
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id upEgKEc-hl9W for <>; Tue, 27 Oct 2020 15:28:19 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 75DB23A15A6 for <>; Tue, 27 Oct 2020 15:28:19 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id 9C3895C012A; Tue, 27 Oct 2020 18:28:18 -0400 (EDT)
Received: from mailfrontend1 ([]) by compute2.internal (MEProxy); Tue, 27 Oct 2020 18:28:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm1; bh=O vOrp11RmtH0n5gPuFTI+HjZ4AjTpV66HMPtsF+I7sw=; b=eABy1K/SCETWrD/zb 1edmwC1lNXwY46kNPli74mYGLJIfvaRVIUIW9Cpk++xIf26cp8m9BoPye5nHGNgT rFVsu9TeSzYHu/wFjfkvl418pxk2uMpO4KPTzX0fIgkqcz1VRo9RdoCb5+Sl6Hwq r5gBkh8a6gnvhvlY7slvG7omMXSVU3qjJLKWRRPoN5gfx9LoNH2oUFPqquv446K5 4fYG1Ita1KnecR5B9Al5Iy4PTDq1vZu1hHnRne+X/eIgp1aFF1N/HAbsMwLz/n70 nwcxENySqTpYBgBH/Z0t+RAKSojqvwBUZ9hPfZLJw3448nq5DHklJ0Tk7cqSDcs2 MfjBg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=OvOrp11RmtH0n5gPuFTI+HjZ4AjTpV66HMPtsF+I7 sw=; b=RdQZSxyiF0DBhqMFPoiS8SAsxB9EKDJWddS5s+Hf8j3oTR+yPpvN1DL37 uKtnefubQyIY9ht8cnlkmiEAA+BaAuj5XUlCpOOhgS9UiS0jVvug5fPv7UZcc6gj dICmvwYjcNkYw8BadEWp5DIPNqMrZjhnoWBAG4+Lz/gmirW1RQ5AqVIIZnmehsFx nehBWqDoc5FPvc7NSXOCM6F+wLossxwe9g1NkS5eqYuPfHNkvUZeuicYea78JJal OmQVpqpHf03AmPl9+LkAD5qDCHX5nR76gDwCH1XNpX05gfs9/mCcyC/0r37v5H9U egR9fZLxWDWFZqrNTnnRWbVJ5LaJw==
X-ME-Sender: <xms:AJ-YXxp-X6F4ivqBkA2ahAK46CjqmIdETn0ElOwsX6K3YRv1qr4H0Q> <xme:AJ-YXzop4pSQmXUP4kLymNy58MeFqEYDTRqsaQggy83iJaoNqMjBgH_YcXURRUYq- ieKHOC8TB_wYYaGEA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrkeelgdduieduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptggguffhjgffgffkfhfvofesthhqmhdthhdtvdenucfhrhhomhepofgrrhhk ucfpohhtthhinhhghhgrmhcuoehmnhhothesmhhnohhtrdhnvghtqeenucggtffrrghtth gvrhhnpeekuddvleejgeethfevkefhtdevkeelveekfeegleduiefhudegvdeiuefftddt hfenucffohhmrghinhepihgvthhfrdhorhhgpdhmnhhothdrnhgvthenucfkphepuddule drudejrdduheekrddvhedunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehm rghilhhfrhhomhepmhhnohhtsehmnhhothdrnhgvth
X-ME-Proxy: <xmx:AJ-YX-MBLtqOUZnZ_dXGmof2NlRB7GLSp0v8iUxPoKDxRqa4en0a-A> <xmx:AJ-YX84rcBe4QJ86wkaAQkvOivLADFcw-icyPndNEh_r8a1uS1BwgA> <xmx:AJ-YXw5_SQRywJrh_rjJfrOyK6Rp7UgeClE0JwJg3OjYHNPd_uyhIQ> <xmx:Ap-YXwEgNP-f7zbikSrXWatYCO9pAHHXBFfOdRKoZ_s1fa7mjuEagg>
Received: from [] ( []) by (Postfix) with ESMTPA id 7858C3280059; Tue, 27 Oct 2020 18:28:15 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
From: Mark Nottingham <>
In-Reply-To: <>
Date: Wed, 28 Oct 2020 09:28:12 +1100
Cc: "" <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <>
To: Stephen Farrell <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
Subject: Re: [TLS] ECH & HPKE versions as an example of too much githubbery
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 27 Oct 2020 22:28:22 -0000


I don't think what you're complaining about can be attributed to GitHub. Tools are just tools, how they're used is what's relevant (i.e., this could just as easily happen over e-mail).


> On 28 Oct 2020, at 7:31 am, Stephen Farrell <> wrote:
> Hiya,
> The latest ECH draft from Oct 16 says "ECH uses draft-05 of
> HPKE for public key encryption."
> The latest HPKE draft (-06) from Oct 23 has a few minor
> incompatible changes (for good but relatively trivial
> reasons).
> So for interop ECH apparently requires use of an outdated
> I-D, despite the one week difference in publishing and
> a common co-author.
> It seems a bit mad that all that githubbery results in
> such a lack of co-ordination in two closely related
> specs.
> Anyway, I can manage to handle both HPKE-05 and
> HPKE-06 but this seems like yet another case where
> there is too much githubbery going on with the result
> that two closely linked drafts with a common co-author
> end up out of whack despite being issued within a week
> of one another.
> That and the velocity of discussion and changes on
> github are a major disincentive (for me) for implementing
> ECH. I simply do not have the cycles to keep up with it
> as it has been happening these last months. If that were
> the goal of the authors and those endlessly commenting on
> github (and I do not believe it is), then they would be
> close to reaching that goal.
> Can we not please freeze this stuff for at least long
> enough to get implementations done and somewhat tested?
> Frankly, I expect my plea here to be more or less ignored
> just as my previous entreaties were. I decided to send
> it anyway on the basis that the perhaps what seems like
> an obvious failure of the current approach (ECH can't
> interop unless you use an outdated I-D for HPKE) might
> show that all this apparent high velocity discussion on
> github is not as effetcive as claimed (in at least this
> case).
> Thanks,
> Stephen.
> _______________________________________________
> TLS mailing list

Mark Nottingham