Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Unless I missed the reply, I did not see any answer to my question as to why it must be opt-in. Do we think evildoers will tell the truth about what they are doing? ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

[TLS] Fwd: draft-green-tls-static-dh-in-tls13-01

On Fri, Jul 14, 2017 at 11:41 AM, Roland Dobbins wrote: > > On 15 Jul 2017, at 1:01, Melinda Shore wrote: > >> It might make sense to kick it over to ops for a discussion with people >> whose meat and potatoes is monitoring, management, and >> measurement. > > > As someone

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

The Secretariat is going to put out a revised IETF agenda tomorrow. I suspect we’ll be in the room that was allocated to RTCweb. spt > On Jul 14, 2017, at 16:35, Joseph Lorenzo Hall wrote: > > Sean, can you let us know what room the new session will be in when > you know? (Not

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Hi Roland, It sounds like you misread my messages and should read them in context of TLS 1.3 and the draft using DH static keys proposed to help with monitoring. Best regards, Kathleen Sent from my iPhone > On Jul 14, 2017, at 8:41 PM, Roland Dobbins wrote: > >> On 15

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

Sean, can you let us know what room the new session will be in when you know? (Not on the agenda.) On Fri, Jul 14, 2017 at 4:08 PM, Sean Turner wrote: > >> On Jul 14, 2017, at 15:53, Blumenthal, Uri - 0553 - MITLL >> wrote: >> >> On Jul 14, 2017, at 15:51, Sean

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

> On Jul 14, 2017, at 15:53, Blumenthal, Uri - 0553 - MITLL > wrote: > > On Jul 14, 2017, at 15:51, Sean Turner wrote: >> >> And by the important business I was referring to the TLS and DTLS drafts. > > My apology. We’re in agreement then. No worries I

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

On Jul 14, 2017, at 15:51, Sean Turner wrote: > > And by the important business I was referring to the TLS and DTLS drafts. My apology. We’re in agreement then. ___ TLS mailing list TLS@ietf.org

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

And by the important business I was referring to the TLS and DTLS drafts. spt > On Jul 14, 2017, at 13:22, Blumenthal, Uri - 0553 - MITLL > wrote: > > I will be perfectly happy not allocating any time at all for the wiretapping > presentation. > > I would not call the

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

> ... the IESG could also decline to allow such a WG item to > get published. That’s what I’d expect and hope for. > Better skip the Q/A at the WG meeting -- it makes no difference as to > determining consensus, +1 > and no one needs the other side screaming bloody > murder and judging one

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

It seems to me that all the use cases you just described require the *client* to have a static key, since the client is the thing that the operator controls. If the client uses an unknown key, is malware or unauthorized. On Jul 14, 2017 20:42, "Roland Dobbins" wrote: > On 15

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

On Fri, Jul 14, 2017 at 07:10:47PM +0200, Ted Lemon wrote: > I have two working groups already in the monday slot. I doubt I'm unique > in this. It seems like you should put the important business in the slot > that was previously scheduled, and the overflow into the Monday slot. > It's hard

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

On 15 Jul 2017, at 1:01, Melinda Shore wrote: It might make sense to kick it over to ops for a discussion with people whose meat and potatoes is monitoring, management, and measurement. As someone who is ops-focused, I think this is an excellent suggestion! There have been several

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

> As Stephen points out, it looks like we've allocated 80 minutes to the topic > of how to remove the forward secrecy guarantees that we've struggled for over > a year to introduce. That's more than we've allocated for the "main point of > the TLS WG", which are only 65 minutes combined. +1.

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Except when it's the issue of mutual consent (rather than of a merely technical change). Otherwise - "we have to change one side" might turn into "have you pay me $50,000 every month, your opt-in isn't necessary". :-) Regards, Uri Sent from my iPhone > On Jul 14, 2017, at 12:45, Yoav Nir

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

I have two working groups already in the monday slot. I doubt I'm unique in this. It seems like you should put the important business in the slot that was previously scheduled, and the overflow into the Monday slot. It's hard to imagine how a discussion of the wiretapping thing could be

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

> On 14 Jul 2017, at 18:35, Joseph Lorenzo Hall wrote: > > Just want to +1 the notion that this should be opt-in for both sides and in > an extension! It’s a good notion, but “we have to change one side” usually wins over “we have to change both sides” signature.asc

Re: [TLS] possible new work item: not breaking TLS

I also support both time here and a "let's put all the bad breaking TLS ideas in one draft". On Thu, Jul 13, 2017 at 17:52 Blumenthal, Uri - 0553 - MITLL wrote: > I support allocating a time slot for the arguments against the draft-green > (and similar/related approaches). > >

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Just want to +1 the notion that this should be opt-in for both sides and in an extension! On Sat, Jul 8, 2017 at 23:16 Nick Sullivan wrote: > Putting questions of whether or not this belongs as a working group > document, I think there are some necessary

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

+1 Current agenda does look backwards. IMHO, do as Stephen suggested. Regards, Uri Sent from my iPhone > On Jul 14, 2017, at 11:10, Stephen Farrell wrote: > > > Hiya, > >> On 14/07/17 15:51, Sean Turner wrote: >> Please let us know your thoughts. > > 80 minutes

Re: [TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

Hiya, On 14/07/17 15:51, Sean Turner wrote: > Please let us know your thoughts. 80 minutes for wiretapping is too much. Zero would be better. But if not... I'd suggest: 10 minutes for draft-green, 10 minutes to describe issues with that (i.e. the slot for which I continue to ask) and then 10

[TLS] TLS@IETF99 - Additional Session Added and Agenda Bash!

The chairs have requested an additional time on the IETF agenda for TLS. The Secretariat has allocated us the Monday @ 13:30-15:30 slot. Because the main point of the TLS WG are the TLS and DTLS drafts and the schedule was already announced, we want to leave those presentations on Wednesday.

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

Sent from my iPhone > On Jul 14, 2017, at 8:02 AM, Martin Thomson wrote: > > On 14 July 2017 at 01:08, Kathleen Moriarty > wrote: >> It sounds like for malware, we could do something to better document >> your security options as

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

TLS is a tool. Good guys want to use it to defend against the bad guys. Bad guys may want to use it against the good guys. (No surprise here, right?) You cannot “sabotage” the second use case without sabotaging the first one at the same time. Two decades ago Jeff Schiller said something that

[TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

On 14 July 2017 at 01:08, Kathleen Moriarty wrote: > It sounds like for malware, we could do something to better document > your security options as well as monitoring. While the documentation > is there for key pinning and trust anchors, this might not be