IETF Logo Mail Archive

Re: [Uta] Extended Master Secret as a MUST in 7525bis

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 19 June 2022 09:16 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67589C15AACB for <uta@ietfa.amsl.com>; Sun, 19 Jun 2022 02:16:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mIt2mD7m5mSb for <uta@ietfa.amsl.com>; Sun, 19 Jun 2022 02:16:58 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.21.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C1A7C14F746 for <uta@ietf.org>; Sun, 19 Jun 2022 02:16:57 -0700 (PDT)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01lp2235.outbound.protection.outlook.com [104.47.71.235]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-65-BsWrhC4HPMOtXaTJyY4noA-1; Sun, 19 Jun 2022 19:16:49 +1000
X-MC-Unique: BsWrhC4HPMOtXaTJyY4noA-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SY2PR01MB3017.ausprd01.prod.outlook.com (2603:10c6:1:17::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.13; Sun, 19 Jun 2022 09:16:48 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::64d6:2532:7a7e:561d]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::64d6:2532:7a7e:561d%7]) with mapi id 15.20.5353.020; Sun, 19 Jun 2022 09:16:48 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Yaron Sheffer <yaronf.ietf@gmail.com>, "uta@ietf.org" <uta@ietf.org>
Thread-Topic: Extended Master Secret as a MUST in 7525bis
Thread-Index: AQHYgmA5RYYrw1LFgEWVUYfqVdYhTK1Wda4j
Date: Sun, 19 Jun 2022 09:16:48 +0000
Message-ID: <SY4PR01MB6251FFBC2C2A64588B39EEEDEEB19@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <D6BB4AD9-BB6C-4904-BE2E-F3BB20E1C3D6@gmail.com>
In-Reply-To: <D6BB4AD9-BB6C-4904-BE2E-F3BB20E1C3D6@gmail.com>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 567545bc-d7da-47e0-b605-08da51d47057
x-ms-traffictypediagnostic: SY2PR01MB3017:EE_
x-microsoft-antispam-prvs: <SY2PR01MB301722FE08199E98E130FB2AEEB19@SY2PR01MB3017.ausprd01.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: FWiHuzwwyeiDJUm1VdcWF77Yur2FwErTWXfKp0mdGZAVBc6PtdrPKD1CxoV4A+0MLbAapzsbSiS3ZI5NhlaWgZmwQEBSddjV5A/yoXBlnJr3oSbLjt4uvqbYiga03TAdpWABZkaZR6jPyXBCPPyqxjn+VgIhkCSuhQmxgjZOUjk14w2mm8YpI6GFrCJLJViUD6xn5wHwUmIipf7BkdZKF9mVCn13l0M+DW27GefOTqknn+FteMUUD5JmLoHxETGMTHPiKqOxflxodif3ewzdAdE6wUEH0FNJx0tIQndpl0PmZnxm9D4UbF8rFod+hoVvVSwt3HdYgVLgnbOs6T1Y940tda19e3Bz8teiCWFhdvzerZh/6wz3ibU1GxcqhRjgee6+5YTwVs8z+Gmgfa04y+TEpqbQFw2/hYRpudsVsTYPt+LL0Y9SrL01tjWUiAhFI27iG5wUdUPp3x6+LDVtRkVQqgO1/QCR2hDZu1VKvJUGI53ElvGWcf/2ZpIGCskJiMxa3PySJfR7PT3W+J+v4AqiqdlNDBR7jSxfc73LrUjkm2KL0PuuvOIKruYjgzZXWGwT0mM9ws+nrZJvtDck8Zs8OkKfI3xqKfOpRrAJP03rR2Bb9Yy1iiRi/VVYGIEfJrQL8/pHN6pAsN36FrxfK/f0DhtxGogBobbq+Dvmr9Ci04eY7matF0tVCJBjo/gAjYbIWfiHlocym8bG+Zbb8mK+0bcpR0iDGnWZCske1T8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(316002)(786003)(38070700005)(7696005)(38100700002)(4744005)(122000001)(110136005)(55016003)(186003)(2906002)(9686003)(26005)(498600001)(66476007)(33656002)(8936002)(66556008)(66446008)(66946007)(76116006)(8676002)(64756008)(5660300002)(52536014)(6506007)(86362001)(71200400001)(219293001); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: rB9QWl5AfhsO1/y7zY2vyj4gll/TEIq9QDYwPDevsk+MbOJxKx5faSh6YdXjYKxBKNxXtHYpCCrrkX7hEr3yMOj/FxRdGI7LKpRYHhMIZ/lCtwXv7QO+4oF8uHWgaSyZOLd/+0uXDeOFZI9ToTOt2TCC/+TRxaeboWh17M/y2yjEgcknuFoepyYzFyBwTkQY6v85ZnLSs1YBL5yygrcvegJ6i6kVrQtBBZ9iVSkc0KlSdQzOgoLB95vLWjFi/U1jRD2x81W1cXhpOsprk5f3z9k4b0Qk4xzd4ekvPgiVhYTDEY8ExkJwpL+ksJbct0A0Ka5yA2o37Tu+eQ6+Q8z5SQAppD2a9+7TCgkZB4gfN86szSy/llwBnrpuOF6xlLPK6EytHmjodNyvwcBUbTuZGr54E0N9UvMuoq5zgTcVCJ5oW7DNfzoxnkCkEJN33JNuHD2Hitg9xP/I9FlxD+Te8o0BIZi5LtyYXM6alunKZ3uZp7q4hrHkIWBgF3XayXhA+GiHk9BrGIg/4FYebLt0+gyEu1iwQBGHK/Vp2nLAC8TFQ1fJwYfyNZS3P0BBP4fEIlhWriung3E+ACen3RX1KsFpDs16dNCYJhfjFj0jjk7uRSKmt8F3Ke7S2v4MHr+jBSbE0B3+y1VXXuaV49h8Lodnp4x4ytQ3C0HUFfoAorte5zSzPHQIN5mAmLMdla/fW7RD4huPyDTluXj3pQzSJr63FnyTO41domk1Efexd/GZfdOX3a6eP5W4uL55JPz8YVrFWFaouF8a5/T8jCO0B3ubAZHWqm+nLLmIDeurojehMnKXrYTLDFn+Rk9p+TR9Q65QlWSI8sQnaanC0L2cP19rpw1MSxGa08Pdm78Mplf2+AF2K9FVyeuQYkbw4jfdS91ZdGHU9Sz23DifTgXuz1XaKV/s1Q5VdguDl+8lelRCBgLrhoQOlDO/5Tj9UX5Hw+ve9So1wRD8yxDphsiN+l+dYj1za/32P+1A4Il+1W3RNirDZpTTxDK3qoDW11Lk3gYafFPmajJlHEOeORveVO6kxJ2n8GX6UZywLcDp1HVZU2MpuR3hV0GHUJ/0hYd4iebBHX7KJcuLXM4HgV264lOYgZSeLG5Flo8c8wZap82+uPmE13j5rnyYh3wLAw3nZ3q0Wg20a4w63awFemnZrHuKTrvXNGI2qfNGD5Z3BZ5GnQJMG7pQRH3wqs2YUe0XgR9EsYQA2AmQx/XpjHkF4pCpmkTSxF6AiSrfsrpakJm8/yicsjV0qZBCh3z0/QU26aq85J954wxA21jOuyqWKz84K3U7noeqLRP5PG2gSFmK4+5a6aSB2zdKDtDzIsID/JyU5zzrgxMLnXQnMz8KD+sNKUsDgqT38MrAyFI6hoDRwH9ePgo2WUXmTFAqUfS/vQRq0jaWP/8GgBhPPyJ6gGvI0r4Iohnkxp5upTP937dCqmGvmeC+NMF2dp4qmoEOkDgAIxoGy94VkfLtIN16zQRepgPSIZf+s2sv0NA2UCuIFmFAsubUOch1XdcYaiTPLwyvKbCNThp1KzN+SqcK9qhRJWlFxuPARNpD50hCekd8PPvxtouqdy4RmYo/oCazjbKHD5HJ+L5d/dsqIa8WJvzPVBaUf9suekBbSA/fU1XNRhqNDdyWQCwbl4or7XSpZc2OVu8EEi9+OTNPmNkYpea7RiEKxkmLMAvDLyntpLe654+vXI3HUBpzoUTPkTe8j1tu1kpnj6hqK392EDC1HA5AfeXBoLAgi0plSG/BxhE=
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 567545bc-d7da-47e0-b605-08da51d47057
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jun 2022 09:16:48.5434 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: iSuXj+mulTL3zKmfO2D1Enn+N5xvM2hj2E/d2KjijRt+XcQ84LkalCE9+y76cMkcCb5AThZBPnuPsK9FPGvF2oONKzRNSiLW7QlRV+40418=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY2PR01MB3017
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/i3LiIxXKAp0QLYnWz8LA9wlCGgc>
Subject: Re: [Uta] Extended Master Secret as a MUST in 7525bis
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jun 2022 09:16:59 -0000

Yaron Sheffer <yaronf.ietf@gmail.com> writes:

>Ben Kaduk asked why we only added TLS 1.2 Extended Master Secret support as a
>SHOULD, and we tend to agree (given widespread support of this feature) that
>is needs to be a MUST [1]. We would appreciate the group’s input before we
>make this change.

This, alongside MUST EtM for the same draft, is like asking "should having
brakes and safety belts in cars be a MUST, or do you think a SHOULD will be
OK?", it's such a no-brainer that I'm surprised there's a need to ask.

Of course both EMS and EtM MUST be a MUST.

Peter.

v2.23.0 | Report a Bug | By Email