IETF Logo Mail Archive

[Uta] Brief summary of the UTA WG meeting @IETF 91, Honolulu

"Orit Levin (LCA)" <oritl@microsoft.com> Wed, 12 November 2014 02:02 UTC

Return-Path: <oritl@microsoft.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D723B1A1BF2; Tue, 11 Nov 2014 18:02:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkmCVIidl-yP; Tue, 11 Nov 2014 18:02:22 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0799.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:799]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4FBB1A6F28; Tue, 11 Nov 2014 18:02:21 -0800 (PST)
Received: from BL2PR03MB290.namprd03.prod.outlook.com (10.141.68.19) by BL2PR03MB291.namprd03.prod.outlook.com (10.141.68.25) with Microsoft SMTP Server (TLS) id 15.1.16.10; Wed, 12 Nov 2014 02:01:58 +0000
Received: from BL2PR03MB290.namprd03.prod.outlook.com ([10.141.68.19]) by BL2PR03MB290.namprd03.prod.outlook.com ([10.141.68.19]) with mapi id 15.01.0016.006; Wed, 12 Nov 2014 02:01:58 +0000
From: "Orit Levin (LCA)" <oritl@microsoft.com>
To: "uta@ietf.org" <uta@ietf.org>, saag <saag-bounces@ietf.org>
Thread-Topic: Brief summary of the UTA WG meeting @IETF 91, Honolulu
Thread-Index: Ac/+CW/BNEeqO3ABR3OkcTptfgs3Ew==
Date: Wed, 12 Nov 2014 02:01:58 +0000
Message-ID: <f5e1664779eb4b7db7843e3ea442726e@BL2PR03MB290.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [31.133.140.205]
x-microsoft-antispam: BCL:0;PCL:0;RULEID:;SRVR:BL2PR03MB291;
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa: BCL:0;PCL:0;RULEID:;SRVR:BL2PR03MB291;
x-forefront-prvs: 03932714EB
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(199003)(189002)(97736003)(19580395003)(64706001)(66066001)(20776003)(87936001)(120916001)(2656002)(101416001)(31966008)(74316001)(99396003)(33646002)(46102003)(2501002)(86362001)(15975445006)(92566001)(50986999)(4396001)(54356999)(76576001)(106356001)(99286002)(105586002)(108616004)(450100001)(229853001)(77156002)(107046002)(21056001)(62966003)(95666004)(107886001)(122556002)(40100003)(24736002); DIR:OUT; SFP:1102; SCL:1; SRVR:BL2PR03MB291; H:BL2PR03MB290.namprd03.prod.outlook.com; FPR:; MLV:sfv; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/8G2_GAF2XTsqC1vcwHHnzx9MCgs
Subject: [Uta] Brief summary of the UTA WG meeting @IETF 91, Honolulu
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Nov 2014 02:02:24 -0000

Brief summary of the UTA WG meeting @IETF 91, Honolulu
Tuesday, Nov 11, 2014

https://datatracker.ietf.org/doc/draft-ietf-uta-tls-bcp/
The new version incorporating all comments from the LC is available as -07. Short one week last call starts from today. All are encouraged to double check that their concerns and feedback have been addressed.
  
https://datatracker.ietf.org/doc/draft-newman-email-deep/
Adopted and will be resubmitted as a new WG ID. Rename "assurance" to "confidentiality". Ross and Sean will review the pinning mechanism. Keep the email certificates draft separate for now. Other open issues to be further investigated and discussed on the list.

https://datatracker.ietf.org/doc/draft-martin-authentication-results-tls/
Perceived as a useful tool including for the inter-domain use cases.  Expressed concerns are related to privacy and insufficient semantics of the recorded authentication details. The author will continue working on the individual draft. The author, Chris Newman, with other volunteers will write an (additional) draft focusing on the broader meaning/semantics of the inter-domain authentication.

https://datatracker.ietf.org/doc/draft-popov-token-binding/ and
https://datatracker.ietf.org/doc/draft-balfanz-https-token-binding/
Perceived as a very much needed approach. Defines a complicated system with many moving parts. HTTP is not a single application to benefit from it. Another would be Email with SAML. Strong sense that a dedicated new WG (preferably in the Security Area) needs to be established to make this infrastructural work finally happen. This is for the ADs to address.
 
"TLS Fallback Dance"
Daniel Kahn Gillmor with a group of volunteers (~5) will write an initial draft documenting known fallback use cases and the existing techniques to deal with them. Tentative goals include sharing common knowledge and educating the community about the pitfalls of this approach. 

Leif & Orit.

v2.23.0 | Report a Bug | By Email