Unless I missed the reply, I did not see any answer to my question as to why it
must be opt-in. Do we think evildoers will tell the truth about what they are
doing?
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
On Fri, Jul 14, 2017 at 11:41 AM, Roland Dobbins wrote:
>
> On 15 Jul 2017, at 1:01, Melinda Shore wrote:
>
>> It might make sense to kick it over to ops for a discussion with people
>> whose meat and potatoes is monitoring, management, and
>> measurement.
>
>
> As someone
The Secretariat is going to put out a revised IETF agenda tomorrow. I suspect
we’ll be in the room that was allocated to RTCweb.
spt
> On Jul 14, 2017, at 16:35, Joseph Lorenzo Hall wrote:
>
> Sean, can you let us know what room the new session will be in when
> you know? (Not
Hi Roland,
It sounds like you misread my messages and should read them in context of TLS
1.3 and the draft using DH static keys proposed to help with monitoring.
Best regards,
Kathleen
Sent from my iPhone
> On Jul 14, 2017, at 8:41 PM, Roland Dobbins wrote:
>
>> On 15
Sean, can you let us know what room the new session will be in when
you know? (Not on the agenda.)
On Fri, Jul 14, 2017 at 4:08 PM, Sean Turner wrote:
>
>> On Jul 14, 2017, at 15:53, Blumenthal, Uri - 0553 - MITLL
>> wrote:
>>
>> On Jul 14, 2017, at 15:51, Sean
> On Jul 14, 2017, at 15:53, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> On Jul 14, 2017, at 15:51, Sean Turner wrote:
>>
>> And by the important business I was referring to the TLS and DTLS drafts.
>
> My apology. We’re in agreement then.
No worries I
On Jul 14, 2017, at 15:51, Sean Turner wrote:
>
> And by the important business I was referring to the TLS and DTLS drafts.
My apology. We’re in agreement then.
___
TLS mailing list
TLS@ietf.org
And by the important business I was referring to the TLS and DTLS drafts.
spt
> On Jul 14, 2017, at 13:22, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> I will be perfectly happy not allocating any time at all for the wiretapping
> presentation.
>
> I would not call the
> ... the IESG could also decline to allow such a WG item to
> get published.
That’s what I’d expect and hope for.
> Better skip the Q/A at the WG meeting -- it makes no difference as to
> determining consensus,
+1
> and no one needs the other side screaming bloody
> murder and judging one
It seems to me that all the use cases you just described require the
*client* to have a static key, since the client is the thing that the
operator controls. If the client uses an unknown key, is malware or
unauthorized.
On Jul 14, 2017 20:42, "Roland Dobbins" wrote:
> On 15
On Fri, Jul 14, 2017 at 07:10:47PM +0200, Ted Lemon wrote:
> I have two working groups already in the monday slot. I doubt I'm unique
> in this. It seems like you should put the important business in the slot
> that was previously scheduled, and the overflow into the Monday slot.
> It's hard
On 15 Jul 2017, at 1:01, Melinda Shore wrote:
It might make sense to kick it over to ops for a discussion with
people whose meat and potatoes is monitoring, management, and
measurement.
As someone who is ops-focused, I think this is an excellent suggestion!
There have been several
> As Stephen points out, it looks like we've allocated 80 minutes to the topic
> of how to remove the forward secrecy guarantees that we've struggled for over
> a year to introduce. That's more than we've allocated for the "main point of
> the TLS WG", which are only 65 minutes combined.
+1.
Except when it's the issue of mutual consent (rather than of a merely technical
change).
Otherwise - "we have to change one side" might turn into "have you pay me
$50,000 every month, your opt-in isn't necessary". :-)
Regards,
Uri
Sent from my iPhone
> On Jul 14, 2017, at 12:45, Yoav Nir
I have two working groups already in the monday slot. I doubt I'm unique
in this. It seems like you should put the important business in the slot
that was previously scheduled, and the overflow into the Monday slot.
It's hard to imagine how a discussion of the wiretapping thing could be
> On 14 Jul 2017, at 18:35, Joseph Lorenzo Hall wrote:
>
> Just want to +1 the notion that this should be opt-in for both sides and in
> an extension!
It’s a good notion, but “we have to change one side” usually wins over “we have
to change both sides”
signature.asc
I also support both time here and a "let's put all the bad breaking TLS
ideas in one draft".
On Thu, Jul 13, 2017 at 17:52 Blumenthal, Uri - 0553 - MITLL
wrote:
> I support allocating a time slot for the arguments against the draft-green
> (and similar/related approaches).
>
>
Just want to +1 the notion that this should be opt-in for both sides and in
an extension!
On Sat, Jul 8, 2017 at 23:16 Nick Sullivan
wrote:
> Putting questions of whether or not this belongs as a working group
> document, I think there are some necessary
+1
Current agenda does look backwards. IMHO, do as Stephen suggested.
Regards,
Uri
Sent from my iPhone
> On Jul 14, 2017, at 11:10, Stephen Farrell wrote:
>
>
> Hiya,
>
>> On 14/07/17 15:51, Sean Turner wrote:
>> Please let us know your thoughts.
>
> 80 minutes
Hiya,
On 14/07/17 15:51, Sean Turner wrote:
> Please let us know your thoughts.
80 minutes for wiretapping is too much. Zero would
be better. But if not...
I'd suggest: 10 minutes for draft-green, 10 minutes
to describe issues with that (i.e. the slot for which
I continue to ask) and then 10
The chairs have requested an additional time on the IETF agenda for TLS. The
Secretariat has allocated us the Monday @ 13:30-15:30 slot. Because the main
point of the TLS WG are the TLS and DTLS drafts and the schedule was already
announced, we want to leave those presentations on Wednesday.
Sent from my iPhone
> On Jul 14, 2017, at 8:02 AM, Martin Thomson wrote:
>
> On 14 July 2017 at 01:08, Kathleen Moriarty
> wrote:
>> It sounds like for malware, we could do something to better document
>> your security options as
TLS is a tool. Good guys want to use it to defend against the bad guys. Bad
guys may want to use it against the good guys. (No surprise here, right?)
You cannot “sabotage” the second use case without sabotaging the first one at
the same time.
Two decades ago Jeff Schiller said something that
On 14 July 2017 at 01:08, Kathleen Moriarty
wrote:
> It sounds like for malware, we could do something to better document
> your security options as well as monitoring. While the documentation
> is there for key pinning and trust anchors, this might not be
24 matches
Mail list logo