Re: [TLS] AD review of draft-ietf-tls-falsestart-01
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 06 April 2016 16:10 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 408D612D15E for <tls@ietfa.amsl.com>; Wed, 6 Apr 2016 09:10:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cixTQxRObeRa for <tls@ietfa.amsl.com>; Wed, 6 Apr 2016 09:10:39 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1ACBF12D10C for <tls@ietf.org>; Wed, 6 Apr 2016 09:10:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id B2EBBBE2F for <tls@ietf.org>; Wed, 6 Apr 2016 17:02:36 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07haYxdmAOLS for <tls@ietf.org>; Wed, 6 Apr 2016 17:02:29 +0100 (IST)
Received: from [31.133.178.21] (dhcp-b215.meeting.ietf.org [31.133.178.21]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id C66D4BE33 for <tls@ietf.org>; Wed, 6 Apr 2016 17:01:55 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1459958516; bh=mPTUXLKRKLZ+wtv4eRX6Xf7bexyWs1bOQ+jRIRa5hOs=; h=Subject:To:References:From:Date:In-Reply-To:From; b=X0ZEKlyZ+otw5Y06QHl5GNiwCIDLPVUEPO9lZrRXKSXOY3T3mizxn3v3xnKK7GAx5 jIukinDBOeJYHAhKyVLGC79oEz4TxyUUD3HJ29QkScQO/Ibr+jqj28Nz7fI72joawq VUY4HLKpVzIkArb1rBbTNd0WuFRGuxk5VF+hmiW0=
To: "tls@ietf.org" <tls@ietf.org>
References: <56F2B2E7.1060809@cs.tcd.ie>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <570532F1.9090802@cs.tcd.ie>
Date: Wed, 06 Apr 2016 17:01:53 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <56F2B2E7.1060809@cs.tcd.ie>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms010702080701050206010107"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/xU7NdvTv4fT-_Kayf5gWN9WxD_8>
Subject: Re: [TLS] AD review of draft-ietf-tls-falsestart-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Apr 2016 16:10:41 -0000
Hiya, ekr, Sean and Joe convinced me #2 below wasn't really needed. And I don't much care what the WG conclude wrt #1 (and we can fix later if needed), so I've requested IETF LC to start for this. Thanks, S. On 23/03/16 15:14, Stephen Farrell wrote: > > Hiya, > > I've done my AD review of this and have three questions > I'd like to ask before starting IETF last call. I mostly > care about the answer to #3. #1 is just a suggestion that > might avoid some process-crap and #2 is just me being > curious (unless #2 turns out to be a part of #3). > > (1) Why experimental? Wouldn't this be better as info > and documented as "here's a spec for a thing that's > widely deployed." I fear we may get questions like > "what's the experiment?", "where's this going in > future?" if this aims for experimental, and info may > avoid that esp if we really want people to move to > TLS1.3. I also didn't see list discussion about what > kind of RFC to aim for, but maybe it was discussed at > a meeting or interim? (Apologies if I missed that in > my scan of the list.) > > (2) The write up and some mail list traffic and AGL's > bloggy thing all refer to NPN, but there's no mention of > NPN or ALPN in the draft. What's up with that? (Not > saying that needs to be explained, but I wondered.) > > (3) Why is there no description of the reasons for all > the MUST only use whitelisted <foo> and for the choices > that are whitelisted? Wouldn't omitting that tend to > lead people to use this more badly? That could be done > with some explanatory text and using some of the > references below maybe. Or, if we don't really want new > folks to implement this (do we?) then just saying that > might mean it's ok to not explain the "why." (And then > you could also address #1 above then by issuing this > as an historic RFC too if you wanted.) > > Cheers, > S. > > Possible refs: > - http://www.ieee-security.org/TC/SP2015/papers-archived/6949a535.pdf > (esp Section V-C) > - http://homes.esat.kuleuven.be/~fvercaut/papers/ACM2012.pdf > - https://hal.inria.fr/hal-01184171/document > - https://arxiv.org/pdf/1602.02396.pdf > - https://eprint.iacr.org/2016/072.pdf > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] AD review of draft-ietf-tls-falsestart-01 Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Bodo Moeller
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Martin Thomson
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Dave Garrett
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Stephen Farrell
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Peter Bowen
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Eric Rescorla
- Re: [TLS] AD review of draft-ietf-tls-falsestart-… Stephen Farrell