IETF Logo Mail Archive

Re: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00

Alexey Melnikov <alexey.melnikov@isode.com> Mon, 27 April 2020 17:42 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 744333A125E; Mon, 27 Apr 2020 10:42:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XEvYTAb0m7Or; Mon, 27 Apr 2020 10:42:52 -0700 (PDT)
Received: from statler.isode.com (Statler.isode.com [62.232.206.189]) by ietfa.amsl.com (Postfix) with ESMTP id B99E23A0BEB; Mon, 27 Apr 2020 10:42:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1588009370; d=isode.com; s=june2016; i=@isode.com; bh=ZD+uk7BS+w2fkixI5qmcTSplYHvBelDqBNarhrOfo9Q=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=VU6m54CS3hfDu93uzu39IdBsFk+8eKnytVdWRJr6aK+A7qrQgb+ikpn+0vqPwttVTocFkq Ue3CX0DtZDhOrlrpkfV6RRa3/pagYb+pXsEGL/KzgwhStBXv4nyjpdVDrQuZwPKNCIdW2u djDY4UirT5NLnRamzXPCIBySuOuQNic=;
Received: from [172.27.255.19] (connect.isode.net [172.20.0.72]) by statler.isode.com (submission channel) via TCP with ESMTPSA id <XqcZmQAhH6-T@statler.isode.com>; Mon, 27 Apr 2020 18:42:50 +0100
To: Ralph Holz <ralph.holz@gmail.com>, tom petch <daedulus@btconnect.com>
Cc: "uta@ietf.org" <uta@ietf.org>, Yaron Sheffer <yaronf.ietf@gmail.com>, "uta-chairs@ietf.org" <uta-chairs@ietf.org>, Valery Smyslov <valery@smyslov.net>, Peter Saint-Andre <stpeter@mozilla.com>
References: <004801d61bae$08a61590$19f240b0$@smyslov.net> <1UW7qWO4vA.17rUXhBMkf8@pc8xp> <CAEKAoHTJ4S5Wfkb4KB+ZWQN7JO_Q-DXDcEz5pqd7MPMhyj_CDQ@mail.gmail.com>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <9c423d31-4040-ef7f-1779-240a26104344@isode.com>
Date: Mon, 27 Apr 2020 18:42:49 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
In-Reply-To: <CAEKAoHTJ4S5Wfkb4KB+ZWQN7JO_Q-DXDcEz5pqd7MPMhyj_CDQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------C13EFC63ADD177622809D9C7"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/DLlRPJ_NnmHe01cOBQi2ak_Eo-E>
Subject: Re: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2020 17:42:55 -0000

Hi,

On 27/04/2020 12:25, Ralph Holz wrote:
> Hi,
>
> I am not sure which key requirement you are referring to, or why TLS 
> 1.3 should not see widespread use. In fact, TLS 1.3 is getting much 
> more traction already than TLS 1.2 ever had in a comparable amount of 
> time: https://arxiv.org/abs/1907.12762. I am not sure why you speak of 
> a fragmentation of protocols here - if anything, we are seeing 
> consolidation.

I don't have any number for SMTP or IMAP, but judging from my own 
experience: our implementations upgraded to OpenSSL 1.1.1 and we got TLS 
1.3 enabled for free. I suspect many other people in the same boat.


Best Regards,

Alexey

> It seems weird to leave a BCP in a state that is not referring to the 
> BP, which is definitely TLS 1.3 - due to the many additions made. TLS 
> 1.3 also brings changes that are important for applications - 0-RTT, 
> for example, has no replay protection, and should only be used with 
> idempotent requests. While that is spelled out in the RFC, it's not 
> where our audience would look (or we would not need BCPs).
>
> It's also worthwhile to deprecate < TLS 1.2, and discuss under which 
> circumstances TLS 1.3 is preferable to TLS 1.2 (that's more a business 
> question). Add to that a discussion of PSK. Plus a few new extensions, 
> some defined in separate RFCs (eSNI for example).
>
> I am, of course, both an author on the old (and new) BCP, and also an 
> author of the study I cite - but I think there's enough to warrant the 
> -bis.
>
> Ralph
>
> On Mon, 27 Apr 2020 at 19:03, tom petch <daedulus@btconnect.com 
> <mailto:daedulus@btconnect.com>> wrote:
>
>     What is the point of rfc7525bis?  Why do we need it?
>
>     It seems to me that RFC7525 is a good set of recommendations and
>     little has changed, in practical terms, since it was produced,
>     although cryptanalysts can find weaknesses therein
>
>     ---
>     New Outlook Express and Windows Live Mail replacement - get it here:
>     https://www.oeclassic.com/
>
>     ..
>
>     The one change I am aware of is that the TLS WG has produced TLS
>     1.3 - I follow the TLS WG mailing list - but so what?  TLS 1.3
>     failed to meet one key requirement and I am unclear whether or not
>     TLS 1.3 will gain widespread use in the Internet, with HTTP, SMTP
>     and such like.  I see TLS 1.2 as being adequate for most purposes
>     for some time to come so my concern is that rfc5575bis will simply
>     be an endorsement of the work of the TLS WG - 1.3 is great, ditch
>     everything else - leading to further fragmentation of the protocols.
>
>     So, I am against adoption until it is clear that the I-D will
>     endorse TLS 1..2 as adequate for most purposes.  After all, the
>     TLS WG has yet to propose an I-D 'TLS 1.2 - Die, Die, Die'
>
>     Tom Petch
>
>
>     ----- Original Message -----
>     From: Valery Smyslov <valery@smyslov.net <mailto:valery@smyslov.net>>
>     To: <uta@ietf.org <mailto:uta@ietf.org>>
>     Cc: 'Yaron Sheffer' <yaronf.ietf@gmail.com
>     <mailto:yaronf.ietf@gmail.com>>, <uta-chairs@ietf.org
>     <mailto:uta-chairs@ietf.org>>, 'Ralph Holz' <ralph..holz@gmail.com
>     <mailto:ralph.holz@gmail.com>>, 'Peter Saint-Andre'
>     <stpeter@mozilla.com <mailto:stpeter@mozilla.com>>
>     Sent: 26/04/2020 10:35:30
>     Subject: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00
>     ________________________________________________________________________________
>
>     Hi,
>
>     during the last  virtual interim meeting the draft
>     draft-sheffer-uta-bcp195bis-00 was presented and the authors asked
>     for its
>     adoption.
>     The general feeling in the room was in favor of the adoption, however
>     the authors were asked to rename it to *-rfc7525-bis.
>     The authors have renamed the draft and asked the chairs for its
>     adoption.
>     Since our responsible AD thinks agrees that this work is within
>     the charter
>     of the WG, the chairs are issuing a formal call for adoption
>     to confirm the results we had at the meeting.
>
>     This message starts a two weeks call for adoption of the
>     draft-sheffer-uta-rfc7525bis-00 draft.
>     The call will end up 10 May 2020. Please send your opinions to the
>     list
>     before this date.
>
>     Please if possible include any reasons supporting your opinion. If you
>     support this adoption,
>     please indicate whether you are ready to review this draft if it
>     becomes a
>     WG document.
>
>     Regards,
>     Leif & Valery.
>
>
>     _______________________________________________
>     Uta mailing list
>     Uta@ietf.org <mailto:Uta@ietf.org>
>     https://www.ietf.org/mailman/listinfo/uta
>
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta

v2.23.0 | Report a Bug | By Email