Re: [TLS] Next steps for draft-ietf-tls-renegotiation
Stefan Santesson <stefan@aaa-sec.com> Sat, 28 November 2009 00:06 UTC
Return-Path: <stefan@aaa-sec.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 30EB53A681E for <tls@core3.amsl.com>; Fri, 27 Nov 2009 16:06:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.229
X-Spam-Level:
X-Spam-Status: No, score=-2.229 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XDTF5Ssa5hYI for <tls@core3.amsl.com>; Fri, 27 Nov 2009 16:06:43 -0800 (PST)
Received: from s87.loopia.se (s87.loopia.se [194.9.95.114]) by core3.amsl.com (Postfix) with ESMTP id 2824D3A67AC for <tls@ietf.org>; Fri, 27 Nov 2009 16:06:42 -0800 (PST)
Received: from s24.loopia.se (s34.loopia.se [194.9.94.70]) by s87.loopia.se (Postfix) with ESMTP id 2B71228E25F for <tls@ietf.org>; Sat, 28 Nov 2009 01:06:44 +0100 (CET)
Received: (qmail 79819 invoked from network); 28 Nov 2009 00:06:34 -0000
Received: from 213-64-142-247-no153.business.telia.com (HELO [192.168.1.3]) (stefan@fiddler.nu@[213.64.142.247]) (envelope-sender <stefan@aaa-sec.com>) by s24.loopia.se (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for <Pasi.Eronen@nokia.com>; 28 Nov 2009 00:06:34 -0000
User-Agent: Microsoft-Entourage/12.23.0.091001
Date: Sat, 28 Nov 2009 01:06:33 +0100
From: Stefan Santesson <stefan@aaa-sec.com>
To: Pasi.Eronen@nokia.com, tls@ietf.org
Message-ID: <C7362819.6C1D%stefan@aaa-sec.com>
Thread-Topic: [TLS] Next steps for draft-ietf-tls-renegotiation
Thread-Index: AcpvsK00o1AiVoleTQuKgrA4F9s+kwADfdv9
In-Reply-To: <808FD6E27AD4884E94820BC333B2DB774F3118C3CA@NOK-EUMSG-01.mgdnok.nokia.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Subject: Re: [TLS] Next steps for draft-ietf-tls-renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Nov 2009 00:06:44 -0000
Pasi, For the record I just need to say that I strongly disagree with this decision. We have two solutions on the table and the essence of them has been concluded during the very last few days. I would say that the support for either of the two approaches has been quite even lately. It surprises me that we don't even have time to seriously ask the WG members what approach they prefer. I can just hope this in the end will turn out to be of service to the community and that all implementers get this right. I would really hate for us to conclude that we patched one vulnerable security design with another due to implementer shortcomings, or that a large part of the community turned off a useful TLS feature. It was interesting to have the discussion. /Stefan On 09-11-27 11:26 PM, "Pasi.Eronen@nokia.com" <Pasi.Eronen@nokia.com> wrote: > <wearing Area Director hat> > > I have asked the secretariat to start IETF Last Call for > draft-rescorla-tls-renegotiation-01. > > I've gone through the list archives for the past month, and it seems a > large majority of the WG members support the overall approach in this > draft (with a small, but very vocal, minority preferring a totally > extension-less approach to signalling). > > I think the users of TLS at this point are served better by a timely > solution that works and is "good enough", rather than continuing the > tweaking. Especially since a large majority of the WG is OK with the > signalling approach in the current draft, it looks like continuing to > tweak the non-signalling parts is not going to provide any significant > additional benefits to the users of TLS. > > The exact text in the -01 draft is still a bit rough (a number of > places could probably benefit from clarifications, and perhaps some > implementation advice, too), and I hope we can continue improving it > during the last call (for example, Martin's draft has lot of > well-written text we should probably consider including here). > > Best regards, > Pasi > IETF Security Area Director > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Next steps for draft-ietf-tls-renegotiation Pasi.Eronen
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Bodo Moeller
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… David-Sarah Hopwood
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Michael D'Errico
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Pasi.Eronen
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Steve Dispensa
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Pasi.Eronen
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Eric Rescorla
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Stefan Santesson
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… David-Sarah Hopwood
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Eric Rescorla
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Michael D'Errico
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Yoav Nir
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Nicolas Williams
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Ben Laurie
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Pasi.Eronen
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Pasi.Eronen
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Eric Rescorla
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Eric Rescorla
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Eric Rescorla
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Martin Rex
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Eric Rescorla
- [TLS] draft-renego "even after previous handshake… Marsh Ray
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Yoav Nir
- Re: [TLS] Next steps for draft-ietf-tls-renegotia… Pasi.Eronen