Re: [TLS] A new consensus call on ALPN vs NPN (was ALPN concerns)
Brian Smith <brian@briansmith.org> Thu, 12 December 2013 00:58 UTC
Return-Path: <brian@briansmith.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D3201AE0DE for <tls@ietfa.amsl.com>; Wed, 11 Dec 2013 16:58:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 79Z37FN20rlR for <tls@ietfa.amsl.com>; Wed, 11 Dec 2013 16:58:22 -0800 (PST)
Received: from mail-qc0-f180.google.com (mail-qc0-f180.google.com [209.85.216.180]) by ietfa.amsl.com (Postfix) with ESMTP id 72ACE1AD791 for <tls@ietf.org>; Wed, 11 Dec 2013 16:58:22 -0800 (PST)
Received: by mail-qc0-f180.google.com with SMTP id w7so5792320qcr.11 for <tls@ietf.org>; Wed, 11 Dec 2013 16:58:16 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=eAUpEMXk2qVtyEHfe7fdAfJso2itdHyOXRdrsxdrhRI=; b=Q5LBYw3qLxNPKtlwAD3LHvYG9MTJJ7qjrNFYUpVetzLTmUPrGKrais+vRnwhlvnCXc CNWeZC4T8LR6FwLtv0hs32Q8fN5u/ojCo9iTTOD4wIVN5mSDA7iPAG3tFAK5BxJyrdTY wuHQOWNQuDnEAseGaqba25gWOUr8nCzoFLENmN0pP27yAINolGSo2cJJkLE2FumDWC4+ Ml8/NRPcD2oPjCZT2ju3A8QVDjGwwKXgy9P6pRO5oDuh85we3qBSm107mpqC+6mNrm7I SmBtCo2UwVU1eoKDT5QvYl3tbkvWJTGIVPyqVUlGsoQVdoA4auLH+xnlKqFHFl9hKGMN CHvQ==
X-Gm-Message-State: ALoCoQnuZ++U0KLhymmSYnfWEXwE/G4tQOytuXSrW48OlOwEzUXlmom5iiWBg/XLyYWmDiiBS/5h
MIME-Version: 1.0
X-Received: by 10.224.171.196 with SMTP id i4mr886329qaz.38.1386809896541; Wed, 11 Dec 2013 16:58:16 -0800 (PST)
Received: by 10.224.40.11 with HTTP; Wed, 11 Dec 2013 16:58:16 -0800 (PST)
X-Originating-IP: [63.245.219.54]
In-Reply-To: <CABcZeBM=gOZrm1EGDSer2RmGsbOoxPDSQK5t-+LZmWaB6a_swQ@mail.gmail.com>
References: <CAFewVt7SS9ud8J=6VtR-Zv-9bhaTHEnjT8XD+ULaRSVUkYftaQ@mail.gmail.com> <CABcZeBM=gOZrm1EGDSer2RmGsbOoxPDSQK5t-+LZmWaB6a_swQ@mail.gmail.com>
Date: Wed, 11 Dec 2013 16:58:16 -0800
Message-ID: <CAFewVt6ufrcteLfKA+r_7kby3fNRcwG410FJ1enu=pVO=xeBBQ@mail.gmail.com>
From: Brian Smith <brian@briansmith.org>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: text/plain; charset="UTF-8"
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] A new consensus call on ALPN vs NPN (was ALPN concerns)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Dec 2013 00:58:24 -0000
On Tue, Dec 10, 2013 at 10:30 PM, Eric Rescorla <ekr@rtfm.com> wrote: > After reviewing your request, the chairs believe that it does not raise any > new substantive issues that were not known to the WG at the time of the > decision to adopt ALPN and the subsequent WGLC. Therefore, we do not > believe it is appropriate to re-open the issue at this time. > > Because the document has already passed WGLC, we will be asking the > AD for advancement. You should of course feel free to reraise your objections > during IETF LC. Thanks for the response Eric. I can understand that the chairs may not think it is appropriate to re-open the issue at this time. It isn't surprising, because you have lobbied for ALPN and against NPN, and you've also said that it is important for Cisco (the other chair's employer) to have its inspection appliances capable of learning which protocol is being used on TLS connections. But, don't you think it would be better for the whole working group to make that determination, instead of just the chairs? I think that if you simply asked the working group if we (still) have have a consensus, and the consensus is "go ahead with ALPN," then the whole issue would be resolved within a week or two, and there would be no trouble with IETF LC. But, if we don't verify that we actually have a consensus now, then during IETF LC there will be doubt about whether we still have a consensus. I remember somebody once saying that, when we have authority, it is important to avoid not just impropriety, but also the *appearance* of impropriety. We as a working group have the authority and responsibility to everybody that uses IETF protocols and products based on TLS to make sure we've made good decisions and achieved consensus. So, I still think it is important, before advancing the document to IETF LC, that we clarify and verify that we actually have a consensus. Thanks again, Brian
- [TLS] A new consensus call on ALPN vs NPN (was AL… Brian Smith
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Hannes Tschofenig
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Tom Ritter
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Stephen Farrell
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Eric Rescorla
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Daniel Kahn Gillmor
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Stephen Farrell
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Brian Smith
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Yoav Nir
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Bill Frantz
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Daniel Kahn Gillmor
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Yoav Nir
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Brian Smith
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Watson Ladd
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Brian Smith
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Brian Smith
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Wan-Teh Chang
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Paul Hoffman
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Watson Ladd
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Eric Rescorla
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Ralf Skyper Kaiser
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Yoav Nir
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Nikos Mavrogiannopoulos
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Alyssa Rowan
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Stephan Friedl (sfriedl)
- Re: [TLS] A new consensus call on ALPN vs NPN (wa… Bill Frantz