Re: [TLS] I-D Action: draft-rescorla-tls-ctls-04.txt

Watson Ladd <watsonbladd@gmail.com> Tue, 10 March 2020 03:18 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84E393A0E57; Mon, 9 Mar 2020 20:18:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C_n0Hr1-7yhe; Mon, 9 Mar 2020 20:18:34 -0700 (PDT)
Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E6B13A0F6D; Mon, 9 Mar 2020 20:17:31 -0700 (PDT)
Received: by mail-lj1-x230.google.com with SMTP id r7so12423244ljp.10; Mon, 09 Mar 2020 20:17:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ei2goY/jwuDg5A7CD0TsgzQh4fxSCwuwcpOeudBiTwQ=; b=PTL0z+I57p+8WZoPTyRhQtaQj0vPhGsCH2NLUGHTOA8mwJP063k9jJgtkTUtxisaA2 BXA9q/dDmgORVoulDNAmYZ8QsyjtH3umFFf1uNKGnsSBKDzx7EXaFUeQD9JPQJ2W6Ql7 wzQUqKyBKXhQYSgHYXEHB5C99/arRA7aWjnmsoznOyxZ4JwZGQW+0/GCTbgLaS90pWlH 5jQ065mq0N8ZSEnc6O3VUQCgClYdGHGoEh1+wR7OaHKkDjkIVA0uFjpL3eYXYwMqzwv0 0hJ1HD92XmeoloKivh9AQXTvIzQ8IDlGs1r9//QaMmMR7tcoiSW7vrkyCCndTVQz6PUi n2fQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ei2goY/jwuDg5A7CD0TsgzQh4fxSCwuwcpOeudBiTwQ=; b=OVLGz9BSm24Bdl9j0v+Kh7By7Ajhhv57O+i/chj6ClWsPIYTfURUosIOPoUJ5uCQmF ZDU9ybvl/ilcQfsCiSxBHMFzFdteP5u6lOybB9hD+x8U6STSxpiCJq5pp1zQMpq0d56+ Qz36Hwi0cja1DK6n+zCnBAK6KngdIVn10B9GMClnEIDhQalNnvH+JaTVMgi8WKbGPw8e Ubq5nhX3BGav67ljf+n8wVRIiloJUF3D2GpiTWonrKDvbIvT2CurUVrwFDjw/cEAIZ3V YgVAuaeRyABfw0JHB4/wOaPR43eYI6n0FNnJLhLEQKRX7/RjUwdXI6epyCZR5DCZWlGv B6mA==
X-Gm-Message-State: ANhLgQ3yO532K+r+yNme5bsOMj9C5iFNDhWZHCtOKnzmfcfFWuujMk4f gkV+SSZf14G2/adsrMKo/K63RDwNllqUG1hTunu4H3C5
X-Google-Smtp-Source: ADFU+vu06GzGRc3QAU+ucWIkI+AIX//7CJrNtst2QQ/rSwQBZmK+bl6LR1/juKjYO1ywm67n8CDvcYxJkJZYNMFSJgA=
X-Received: by 2002:a2e:b5ca:: with SMTP id g10mr11417914ljn.123.1583810244390; Mon, 09 Mar 2020 20:17:24 -0700 (PDT)
MIME-Version: 1.0
References: <158378531549.5499.7962303709523423292@ietfa.amsl.com>
In-Reply-To: <158378531549.5499.7962303709523423292@ietfa.amsl.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Mon, 09 Mar 2020 20:17:12 -0700
Message-ID: <CACsn0ckBmDV45LJyigdU++D=xkj7hxhQ-mGmYRH451vASENdTQ@mail.gmail.com>
To: TLS List <tls@ietf.org>
Cc: i-d-announce@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/wyvNFY_-VrBRP0D33grea9o8Qww>
Subject: Re: [TLS] I-D Action: draft-rescorla-tls-ctls-04.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2020 03:18:45 -0000

One thing I noticed from my reading is there is no gain from knowing
an extension will be present if one doesn't also know the value. I
could imagine SNI being very useful to include, and knowing the order
of extension values permits their omission, keeping only the length.
This does mean very little freedom to add new unknown extensions.