[TLS]Re: Discussions on Trust Anchor Negotiation at IETF 120
Dennis Jackson <ietf@dennis-jackson.uk> Mon, 29 July 2024 14:07 UTC
Return-Path: <ietf@dennis-jackson.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3775C151540 for <tls@ietfa.amsl.com>; Mon, 29 Jul 2024 07:07:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dennis-jackson.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S0n7PQf6xuPc for <tls@ietfa.amsl.com>; Mon, 29 Jul 2024 07:07:17 -0700 (PDT)
Received: from mout-p-101.mailbox.org (mout-p-101.mailbox.org [80.241.56.151]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62511C151073 for <tls@ietf.org>; Mon, 29 Jul 2024 07:07:15 -0700 (PDT)
Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4WX8fn44hLz9tLV for <tls@ietf.org>; Sun, 28 Jul 2024 20:10:25 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dennis-jackson.uk; s=MBO0001; t=1722190225; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rXxJDUE4l0AEzGY8yHACy1P8LJi02I2akWfKilMOwIk=; b=c1zveTu95lIMFCmGTyP4seCjZGUuXVWY3R+jPoJ8X/FN2wIiy59cHQFRu8rOStf9bP3f2a /LWyTaSfMfHPqKs+PMv6sPSiLp4798TFss0fH4cfVFU1aFYwmQSdYzCw71IAFzzcl17En0 4g8v/RERXCqqC/sb2up6cT49ePnGPVTxBuMbMMkHV1Ru93rV33JKDvBkcKQiP2cMTmLRQO 2FLjU80QsRXs+zDMM1QX6DMsCG8MKGVojMZr5RQvljFhTQLXaYmJNdnWH0GPwKkFoMpNeR 7dHA+yF7TPFKMvcSybGtSm2LtjIGZpBJfA2n2uLCBmRsrRLdQPAKPOgZZH7D9A==
Message-ID: <0d0bd7c0-a34d-47e7-84cd-22f25537495e@dennis-jackson.uk>
MIME-Version: 1.0
From: Dennis Jackson <ietf@dennis-jackson.uk>
To: TLS List <tls@ietf.org>
References: <d1589f89-35cb-489f-b195-30feb3e7e40f@dennis-jackson.uk> <SN7PR14MB6492663C2AE4A15639D62F5583AA2@SN7PR14MB6492.namprd14.prod.outlook.com> <e7aee41a-0df4-4048-8692-6805d06cfadd@dennis-jackson.uk> <CAEEbLAa5bZ3zQX=A74THsxtgkryF4sCVCt1P+BTdDi9faraciw@mail.gmail.com>
Content-Language: en-US
In-Reply-To: <CAEEbLAa5bZ3zQX=A74THsxtgkryF4sCVCt1P+BTdDi9faraciw@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: EVTISCMJI7QSOWURXP7BSH5NU5WU4MJY
X-Message-ID-Hash: EVTISCMJI7QSOWURXP7BSH5NU5WU4MJY
X-MailFrom: ietf@dennis-jackson.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Discussions on Trust Anchor Negotiation at IETF 120
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/w-R6-73O9Da4NENyC8wXukHrxpI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Date: Mon, 29 Jul 2024 14:07:22 -0000
X-Original-Date: Sun, 28 Jul 2024 19:10:04 +0100
On 26/07/2024 15:24, Sophie Schmieg wrote: > I don't think trust anchor negotiation needs a lot more discussion, > over what has happened already. All in all, I think it's a good > mechanism that is fairly well defined and it's not clear to me how it > would benefit from an interim. The Trust Anchor Identifiers draft was first published only 4 weeks ago, received less than 10 minutes of discussion in the meeting and has a lot of unaddressed issues. We would have had more time to discuss these issues if the author's presentation had focused on their new draft, rather than splitting the limited time with Trust Expressions, which I think we already knew was not going to be a viable option. Many participants in the meeting expressed a preference for an interim so I would be surprised if there was a rough consensus for adoption. Especially as the concerns are fundamental to the design rather than about issues which could be addressed later. However, I'm sure the chairs will be gauging the mood based on their own conversations with WG participants and deciding accordingly. > PQ TLS on the other hand has a lot of open questions about things like > different variants of Merkle Tree Certificates that I would love to > flesh out further. I completely agree, though I think the first task will be getting a shared understanding of the challenges and requirements. I'm excited to talk about the different variants of MTC as well. Best, Dennis N.B. I had to retype this message. I"m not sure if the original is going to show up on the list or not.
- [TLS]Discussions on Trust Anchor Negotiation at I… Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Ilari Liusvaara
- [TLS]Re: Discussions on Trust Anchor Negotiation … Tim Hollebeek
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Sophie Schmieg
- [TLS]Re: Discussions on Trust Anchor Negotiation … Ryan Hurst
- [TLS]Re: Discussions on Trust Anchor Negotiation … Watson Ladd
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Salz, Rich
- [TLS]Re: Discussions on Trust Anchor Negotiation … Andrei Popov
- [TLS]Re: Discussions on Trust Anchor Negotiation … Dennis Jackson
- [TLS]Re: Discussions on Trust Anchor Negotiation … Tim Hollebeek
- [TLS]Re: Discussions on Trust Anchor Negotiation … Eric Rescorla
- [TLS]Re: [EXTERNAL] Re: Re: Discussions on Trust … Andrei Popov
- [TLS]Re: Discussions on Trust Anchor Negotiation … Ilari Liusvaara