Re: [TLS] consensus call: changing cTLS and ECH to standards track

[Salz, Rich]

FWIW, I’m less skeptical of standards-track for cTLS, but still not sure.  ARM 
and mBedTLS are important.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

[TLS] Publication has been requested for draft-ietf-tls-external-psk-importer-05

[Joseph Salowey via Datatracker]

Joseph Salowey has requested publication of 
draft-ietf-tls-external-psk-importer-05 as Proposed Standard on behalf of the 
TLS working group.

Please verify the document's state at 
https://datatracker.ietf.org/doc/draft-ietf-tls-external-psk-importer/


___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] consensus call: changing cTLS and ECH to standards track

[Tommy Pauly]

I support moving both drafts to standards track. 

For ECH, there is a definite need to encrypt the SNI and other fields as a 
complement to using encrypted DNS. We have implemented draft versions, and will 
implement and use the final certain of ECH + HTTPSSVC. 

For cTLS, this is a prime candidate for use by future versions of QUIC. Since 
that would want to be a normative reference from a standards track document, it 
would need to be standards track at the time it was used.

Thanks,
Tommy 

> On May 21, 2020, at 7:11 PM, Sean Turner  wrote:
> 
> It looks like the intended status for both draft-ietf-tls-ctls (aka cTLS) 
> and draft-ietf-tls-esni (aka ECH) should be changed. It appears that both 
> should be set to standards track; cTLS is now Informational and ECH is 
> Experimental. If you object to changing the track for either of these drafts 
> please send an email to the list stating why by 2359 UTC on 5 June 2020.
> 
> Cheers,
> spt (for the Chairs)
> ___
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] consensus call: changing cTLS and ECH to standards track

[Hannes Tschofenig]

I have started working on the cTLS implementation and will continue doing so 
together with my co-worker Hanno.

A bit more details:

We have re-based the 1.3 implementation* to the development branch of Mbed TLS 
and we have refactored the code so that we can put a new messaging layer in 
place**, which contains formal annotations. Besides the cleaner separation of 
the handshake layer and the underlying message transmission and record layer 
handling the refactoring also allows us now to test each handshake message 
individually. This was not possible previously and one instead had to run 
through the entire handshake to test a specific message pattern. The new code 
has made it easier to add the cTLS functionality as well, which is what we are 
doing right now. Once we are done with the development, the rest of the Mbed 
TLS team will review the code.

In a nutshell, a bigger restructuring of the codebase and we do the cTLS 
alongside as well.

Ciao
Hannes

*: For the moment we put the code here: 
https://github.com/hannestschofenig/mbedtls/tree/tls13-prototype. The plan is 
to merge it into the mainstream Mbed TLS repo once it is ready.

**: The new messaging layer, called MPS for "Message Processing Stack", can be 
found here: https://github.com/hanno-arm/mbedtls/tree/mps_implementation. The 
plan is to incorporate it into 
https://github.com/hannestschofenig/mbedtls/tree/tls13-prototype.

From: TLS  On Behalf Of Eric Rescorla
Sent: Friday, May 22, 2020 3:27 PM
To: Salz, Rich 
Cc: TLS List 
Subject: Re: [TLS] consensus call: changing cTLS and ECH to standards track

We have already implemented ECH (old versions) for NSS and are eager to deploy 
it in Firefox.

We are likely to implement cTLS.

-Ekr


On Fri, May 22, 2020 at 6:20 AM Salz, Rich 
mailto:40akamai@dmarc.ietf.org>> wrote:
I am reluctant to make CTLS standards-track without a statement from someone 
that they are likely to implement it.  We already have such a statement from 
Stephen about OpenSSL for ECH, and I'll add to that.

___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
IMPORTANT NOTICE: The contents of this email and any attachments are 
confidential and may also be privileged. If you are not the intended recipient, 
please notify the sender immediately and do not disclose the contents to any 
other person, use it for any purpose, or store or copy the information in any 
medium. Thank you.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls