Re: [TLS] chairs - please shutdown wiretapping discussion...
Colm MacCárthaigh <colm@allcosts.net> Sun, 09 July 2017 06:23 UTC
Return-Path: <colm@allcosts.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92396127F0E for <tls@ietfa.amsl.com>; Sat, 8 Jul 2017 23:23:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=allcosts-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ByNnp1BRPsiE for <tls@ietfa.amsl.com>; Sat, 8 Jul 2017 23:23:40 -0700 (PDT)
Received: from mail-yw0-x22e.google.com (mail-yw0-x22e.google.com [IPv6:2607:f8b0:4002:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13FC1127977 for <tls@ietf.org>; Sat, 8 Jul 2017 23:23:40 -0700 (PDT)
Received: by mail-yw0-x22e.google.com with SMTP id a12so25723396ywh.3 for <tls@ietf.org>; Sat, 08 Jul 2017 23:23:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=allcosts-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=06WPUsNAnMF00duTwlbVhGj7EynnHp9N3mPJZuHNbXo=; b=1vYgJXYjOoYzb3bG5yZKMgOdWDtd6JRUWntEUxcky3sImG0f6oaTrvfHLJk2LqBBaV yyaIlqdD+CZd7nY6qdoDSEQ+1soWX22zqFTh5H5jxZ7LkJOkCRwn+a9az47jtcTIuike JqN+YoP9xX6FVLsLAsCAy2GT6eyYPur61Jp1jLKPV7MDxKHzV2wRX4Cu8FWppCBoDieK WbK+h4FkgQ6N2wDZFgXmXIEQFRw21pzfgoNDuLRxxdrToG7XEumORKhAFptr4Bi+xaA3 xsxBSAGSFtobgdOoeGPvMfMNPR+q07aYDUgpE9M4pPQeKixKMRmTiQaPlssy99rJp+jY gxKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=06WPUsNAnMF00duTwlbVhGj7EynnHp9N3mPJZuHNbXo=; b=az5IELlNVB0PSXM85naogcjWNEtzry5mmqgHZfh7NsHuun/CLlZ6GgcD7IBDcrPDrr sWGf2pJlSeGcNW7V6J1KjgbJrYo/aBtgeGbN87UmwQyvJYuY8nxNOajrDNvLgD/8P4oL pAddLmzIfdCKRCt/xq/+9TUU03O+hotQv7IS4YbBnHFgYlSUmDnkD6cSEsMQKHBAcVjS kKX8cSnRjqolmBc7dsMRI8BWlHzjGwUrmKZ4glKwI2Lj/2SEVxi2quCb10kCzWpp7Hze +3S/60hewDWgVongFJdvgf/Tg14qh9NbqH9a8JRKPBVQoQ1YdS+d6jeiC4ABY73zcycw XXCw==
X-Gm-Message-State: AIVw113FPx/+HrYWaqsrgFlcDQBnfFz8kuHUZY8vbe/pyLKi8H2xlayE AApTsQmBHPJaZEuRxCJg0yFq+2ejbjwZ
X-Received: by 10.129.201.66 with SMTP id c2mr8247538ywl.14.1499581419219; Sat, 08 Jul 2017 23:23:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.27.4 with HTTP; Sat, 8 Jul 2017 23:23:38 -0700 (PDT)
In-Reply-To: <CANBOYLVKFhpWMCbyUhA-jsczJi1ve93pV8QSqrUPB8awhqvawg@mail.gmail.com>
References: <b8baf87c-6648-96aa-4275-924fee07f774@cs.tcd.ie> <12b06aa3-f7dd-ab3e-fa4b-0f8e7ed7c6df@gmail.com> <216678f0-49df-dc88-1181-64a235033819@cs.tcd.ie> <634dbf72eee14617a2359f2792d4aee0@venafi.com> <CANBOYLVKFhpWMCbyUhA-jsczJi1ve93pV8QSqrUPB8awhqvawg@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
Date: Sat, 08 Jul 2017 23:23:38 -0700
Message-ID: <CAAF6GDevSdyynqePPzTfva4ZqgB7Qi7v0BZRQ2_roqswBCBo_A@mail.gmail.com>
To: Eric Mill <eric@konklone.com>
Cc: Paul Turner <PAUL.TURNER@venafi.com>, "tls@ietf.org" <tls@ietf.org>, tls chair <tls-chairs@tools.ietf.org>
Content-Type: multipart/alternative; boundary="089e08222864ce05350553dc81a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/zP7K3S0R0ikqfv_Ws1lt1iKHiaE>
Subject: Re: [TLS] chairs - please shutdown wiretapping discussion...
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Jul 2017 06:23:41 -0000
On Sat, Jul 8, 2017 at 6:04 PM, Eric Mill <eric@konklone.com> wrote: > > Stating that proxies are not viable for enterprise organizations due to > the scale and complexity of their network environments is subjective, > generally not well-detailed, and much more open to skepticism. > > The burden on the proposers should be to address this skepticism, and to > justify to the working group why enterprises that are large enough and > well-funded enough to have such vast and complex networks cannot invest in > upgrading those networks to an approach that doesn't rely on directly > weakening their own connection security and potentially the security of > others' through the unintended consequences of formalizing this RFC. > TLS1.3 isn't a debate, or a legal argument. It's an actual thing in the world that we'd like to see succeed and be as pervasive as possible. The folks reporting saying it won't work are doing us a favor, they don't owe us anything. So when those users show up saying "This won't work for me", it is better to have a very open mind and make every attempt to understand them. If their explanations are not clear, then burrow further. Be charitable and lean as heavily towards why they may be right, search for good reasoning in /their/ favor, and state it as well as it can possibly be presented. Only on those terms try to tackle it with alternatives. If the presenters are wrong, and the skepticism is merited, that approach will still work. But if they happen to be right, it makes the alternatives or adaptations more clear, or the necessity for them more obvious. Dismissing concerns with trivial and shallow analysis can serve to diminish the success of TLS1.3, because the users don't need to adopt it, and can end up blocking it and creating a failure of "TLS 1.3 doesn't work in XXX environments". -- Colm
- [TLS] chairs - please shutdown wiretapping discus… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Yaron Sheffer
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Paul Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Tony Arcieri
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Tony Arcieri
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Tony Arcieri
- Re: [TLS] chairs - please shutdown wiretapping di… Eric Mill
- Re: [TLS] chairs - please shutdown wiretapping di… Colm MacCárthaigh
- Re: [TLS] chairs - please shutdown wiretapping di… Dan Brown
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Sean Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Polk, Tim (Fed)
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Nikos Mavrogiannopoulos
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Colm MacCárthaigh
- Re: [TLS] chairs - please shutdown wiretapping di… Sean Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Nico Williams
- Re: [TLS] chairs - please shutdown wiretapping di… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Nico Williams
- Re: [TLS] chairs - please shutdown wiretapping di… Watson Ladd
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Sean Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Eric Mill
- Re: [TLS] chairs - please shutdown wiretapping di… Jeffrey Walton
- Re: [TLS] chairs - please shutdown wiretapping di… Watson Ladd
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Michael StJohns
- Re: [TLS] chairs - please shutdown wiretapping di… Christian Huitema
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Christian Huitema
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Nico Williams
- Re: [TLS] chairs - please shutdown wiretapping di… Bill Frantz
- Re: [TLS] chairs - please shutdown wiretapping di… Timothy Jackson
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Richard Barnes
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ilari Liusvaara
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Kathleen Moriarty
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell