IETF Logo Mail Archive

Re: [Uta] Proposed list of deliverables

Linus Nordberg <linus@nordberg.se> Mon, 20 January 2014 11:09 UTC

Return-Path: <linus@nordberg.se>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A6E21A0118 for <uta@ietfa.amsl.com>; Mon, 20 Jan 2014 03:09:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.613
X-Spam-Level:
X-Spam-Status: No, score=0.613 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_SE=0.35, RP_MATCHES_RCVD=-0.535, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QfvxG7VXnr41 for <uta@ietfa.amsl.com>; Mon, 20 Jan 2014 03:09:29 -0800 (PST)
Received: from smtp.nordberg.se (smtp.nordberg.se [193.10.5.87]) by ietfa.amsl.com (Postfix) with ESMTP id 5509B1A0112 for <uta@ietf.org>; Mon, 20 Jan 2014 03:09:29 -0800 (PST)
Received: from tool.nordberg.se (unknown [192.36.125.242]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.nordberg.se (Postfix) with ESMTPSA id BD17511757; Mon, 20 Jan 2014 12:09:27 +0100 (CET)
From: Linus Nordberg <linus@nordberg.se>
To: "Orit Levin (LCA)" <oritl@microsoft.com>
References: <0bc674da169f4772b0fb2173ed679115@BY2PR03MB300.namprd03.prod.outlook.com>
Date: Mon, 20 Jan 2014 12:09:27 +0100
In-Reply-To: <0bc674da169f4772b0fb2173ed679115@BY2PR03MB300.namprd03.prod.outlook.com> (Orit Levin's message of "Sat, 18 Jan 2014 06:24:44 +0000")
Message-ID: <871u0229lk.fsf@nordberg.se>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
Cc: "uta@ietf.org" <uta@ietf.org>
Subject: Re: [Uta] Proposed list of deliverables
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2014 11:09:31 -0000

"Orit Levin (LCA)" <oritl@microsoft.com> wrote
Sat, 18 Jan 2014 06:24:44 +0000:

| Below is the list of deliverables for your consideration:
| 
| 1. A threat analysis document containing a collection of known
| security breaches to application protocols due to poor use of TLS
| (Likely an Informational RFC)
| 2. Applications' independent document recommending best existing and
| future practices for using TLS (Likely a BCP or a Proposed Standard
| RFC)
| 3. A set of documents, each describing best existing and future
| practices for using TLS with a specific application protocol, i.e.,
| SMTP, POP, IMAP, XMPP, HTTP 1.1, etc. (Case-by-case likely a BCP or a
| Proposed Standard RFC)
| 4. A document discussing (and potentially defining) how to apply the
| opportunistic encryption approach (preliminary outlined in
| draft-farrelll-mpls-opportunistic-encrypt-00.txt) to TLS. (Category
| TBD)

These all seem fine to me. I'd like to propose another document
describing fingerprintability of TLS traffic and how TLS is being
fingerprinted in practice.

v2.23.0 | Report a Bug | By Email