IETF Logo Mail Archive

Re: [TLS] Remove 0-RTT client auth

Martin Thomson <martin.thomson@gmail.com> Sun, 21 February 2016 20:08 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D87F41ACC86 for <tls@ietfa.amsl.com>; Sun, 21 Feb 2016 12:08:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ztKuMxvYH6qF for <tls@ietfa.amsl.com>; Sun, 21 Feb 2016 12:08:49 -0800 (PST)
Received: from mail-io0-x22f.google.com (mail-io0-x22f.google.com [IPv6:2607:f8b0:4001:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C0011ACC7F for <tls@ietf.org>; Sun, 21 Feb 2016 12:08:49 -0800 (PST)
Received: by mail-io0-x22f.google.com with SMTP id 9so158921362iom.1 for <tls@ietf.org>; Sun, 21 Feb 2016 12:08:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Dk2ZabMH5/JbIGF4be6spaEJu4lInAF/X6rROAlSqTo=; b=wfdqVTw8dAe7OcvOgqnDpByALsxFFWGkZIdF4SNgJq6FSYdSBPMmvuwMCjj9wZWgsa LK1w4NiKJcUpQAnmxzAOXqw7cqdJ595I5WUXCNetrrLjnQd+gHUvxWhI4BJJkLsmnq90 TMBi/7tIaTLcpluSUR3F7Cet6W6ryh+5L/PrdLQlEttumKzUyHydgXM96V1PyQhf74e+ ijgxsVVjKNWnUrynFOhGUDKutmw0iixeOBCYFg8/ZJAC0CJtlm6lUmLBadBqZVHB8TEJ NSkd0PDFf/Zb0cUUHjuC1nMroLWsZckyyR/W6nGCS3kP/mc7FLS9U/q4tURKWSlafDNn hIyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Dk2ZabMH5/JbIGF4be6spaEJu4lInAF/X6rROAlSqTo=; b=bURRnF0pyknFC3MxscKOrpepyc9h5xITvA5ttzZZpIwrVjbZ6tH2AHkQ4C568pLfOi ULZT5UK+DHnTrVy3wEiHkFp5VRnNepgMOeQ6p8SD7CTV7UtWvRJJ/6Yj8OGfFGopXzry vs+w9YYt+OG1iS7cxOrFLqTxjRgkX5+m6W4TGKctaOpGDGfjFNS417T9jbR9sCdk74x7 1IaUdDNp+6q+IbYwU7RJN+QiIYx4G9qXhTkgl6far0F5L0pk//f90rZSN+cYHPoBgrcC OGszIpr75VdpAgGgNl9+slxbORDno+HZaL56J9esY0Zh8CO5M6KRh8USkod0R8pI7fd8 j6fw==
X-Gm-Message-State: AG10YORm1o5+vOSv6Ue3JA9otFsxzvWSwxXJjBFw8vMOQZI7n6dUFNbkpUUtEi/wPh9L4nHS2h0DAP/uI1tuHA==
MIME-Version: 1.0
X-Received: by 10.107.34.139 with SMTP id i133mr22719468ioi.108.1456085328788; Sun, 21 Feb 2016 12:08:48 -0800 (PST)
Received: by 10.36.53.79 with HTTP; Sun, 21 Feb 2016 12:08:48 -0800 (PST)
In-Reply-To: <CABcZeBNn64agDARbm9MWCOS8QPyjCtaJesy6ArBaLt6AtuDyiQ@mail.gmail.com>
References: <CABkgnnWy3anGeLZ2a=EH+O2f4PnScJPGdBdEOkA7EmE+jgZ1pg@mail.gmail.com> <CAMfhd9V3FBJNKAcZSvojtOXvsfPx5+JY7LWzNEw_45x2KAxq_A@mail.gmail.com> <CABkgnnUF0WocXF-+-gYsVPiuSXrCJCeuNj8s7FLrFYPD1Dk5SQ@mail.gmail.com> <CABcZeBNn64agDARbm9MWCOS8QPyjCtaJesy6ArBaLt6AtuDyiQ@mail.gmail.com>
Date: Sun, 21 Feb 2016 12:08:48 -0800
Message-ID: <CABkgnnVCoVfbt55LKsdZsoKatDWyuEkQim24wipFVr=e4bWmRA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/vIiF1dAzIsvpZsBrQfKWnLtbMWM>
Cc: Adam Langley <agl@imperialviolet.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Remove 0-RTT client auth
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Feb 2016 20:08:51 -0000

On 21 February 2016 at 12:06, Eric Rescorla <ekr@rtfm.com> wrote:
> I think we're going to have to invent a 0-RTT exporter (yes, I understand
> that this
> requires care).

We might disagree about that "have to".  I'd be happier if the 0-RTT
data couldn't rely on the existence of an exporter.  If that means
that token-binding needs to work out a bespoke solution, I think that
I'd prefer that.

v2.23.0 | Report a Bug | By Email