Re: [TLS] consensus call: changing cTLS and ECH to standards track
We are going to close these out and request that the authors change the track on these drafts to standards track. There are multiple participants who expressed a willingness to implement. I will note that Rich is a bit skeptical, and I can add that to the Shepherd write-up. spt > On May 21, 2020, at 22:10, Sean Turner wrote: > > It looks like the intended status for both draft-ietf-tls-ctls (aka cTLS) and > draft-ietf-tls-esni (aka ECH) should be changed. It appears that both should > be set to standards track; cTLS is now Informational and ECH is Experimental. > If you object to changing the track for either of these drafts please send an > email to the list stating why by 2359 UTC on 5 June 2020. > > Cheers, > spt (for the Chairs) ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] consensus call: changing cTLS and ECH to standards track
FWIW, I’m less skeptical of standards-track for cTLS, but still not sure. ARM and mBedTLS are important. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] consensus call: changing cTLS and ECH to standards track
I support moving both drafts to standards track. For ECH, there is a definite need to encrypt the SNI and other fields as a complement to using encrypted DNS. We have implemented draft versions, and will implement and use the final certain of ECH + HTTPSSVC. For cTLS, this is a prime candidate for use by future versions of QUIC. Since that would want to be a normative reference from a standards track document, it would need to be standards track at the time it was used. Thanks, Tommy > On May 21, 2020, at 7:11 PM, Sean Turner wrote: > > It looks like the intended status for both draft-ietf-tls-ctls (aka cTLS) > and draft-ietf-tls-esni (aka ECH) should be changed. It appears that both > should be set to standards track; cTLS is now Informational and ECH is > Experimental. If you object to changing the track for either of these drafts > please send an email to the list stating why by 2359 UTC on 5 June 2020. > > Cheers, > spt (for the Chairs) > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] consensus call: changing cTLS and ECH to standards track
I have started working on the cTLS implementation and will continue doing so together with my co-worker Hanno. A bit more details: We have re-based the 1.3 implementation* to the development branch of Mbed TLS and we have refactored the code so that we can put a new messaging layer in place**, which contains formal annotations. Besides the cleaner separation of the handshake layer and the underlying message transmission and record layer handling the refactoring also allows us now to test each handshake message individually. This was not possible previously and one instead had to run through the entire handshake to test a specific message pattern. The new code has made it easier to add the cTLS functionality as well, which is what we are doing right now. Once we are done with the development, the rest of the Mbed TLS team will review the code. In a nutshell, a bigger restructuring of the codebase and we do the cTLS alongside as well. Ciao Hannes *: For the moment we put the code here: https://github.com/hannestschofenig/mbedtls/tree/tls13-prototype. The plan is to merge it into the mainstream Mbed TLS repo once it is ready. **: The new messaging layer, called MPS for "Message Processing Stack", can be found here: https://github.com/hanno-arm/mbedtls/tree/mps_implementation. The plan is to incorporate it into https://github.com/hannestschofenig/mbedtls/tree/tls13-prototype. From: TLS On Behalf Of Eric Rescorla Sent: Friday, May 22, 2020 3:27 PM To: Salz, Rich Cc: TLS List Subject: Re: [TLS] consensus call: changing cTLS and ECH to standards track We have already implemented ECH (old versions) for NSS and are eager to deploy it in Firefox. We are likely to implement cTLS. -Ekr On Fri, May 22, 2020 at 6:20 AM Salz, Rich mailto:40akamai@dmarc.ietf.org>> wrote: I am reluctant to make CTLS standards-track without a statement from someone that they are likely to implement it. We already have such a statement from Stephen about OpenSSL for ECH, and I'll add to that. ___ TLS mailing list TLS@ietf.org<mailto:TLS@ietf.org> https://www.ietf.org/mailman/listinfo/tls IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] consensus call: changing cTLS and ECH to standards track
* We are likely to implement cTLS. I believe we need to hear more definitively, ideally from others, before moving this to standards-track. Right now, I believe it should stay experimental. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] consensus call: changing cTLS and ECH to standards track
We have already implemented ECH (old versions) for NSS and are eager to deploy it in Firefox. We are likely to implement cTLS. -Ekr On Fri, May 22, 2020 at 6:20 AM Salz, Rich wrote: > I am reluctant to make CTLS standards-track without a statement from > someone that they are likely to implement it. We already have such a > statement from Stephen about OpenSSL for ECH, and I'll add to that. > > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] consensus call: changing cTLS and ECH to standards track
I am reluctant to make CTLS standards-track without a statement from someone that they are likely to implement it. We already have such a statement from Stephen about OpenSSL for ECH, and I'll add to that. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
[TLS] consensus call: changing cTLS and ECH to standards track
It looks like the intended status for both draft-ietf-tls-ctls (aka cTLS) and draft-ietf-tls-esni (aka ECH) should be changed. It appears that both should be set to standards track; cTLS is now Informational and ECH is Experimental. If you object to changing the track for either of these drafts please send an email to the list stating why by 2359 UTC on 5 June 2020. Cheers, spt (for the Chairs) ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls