Re: [TLS] Working Group Last Call for SSLKEYLOG File

This document does a good job of documenting current practice, and hence I support (and my thanks to Martin for addressing an issue I communicated to him off-list). I think that timestamping and/or autosegmenting entries in the file format would be a useful extension (current implementations, such

Re: [TLS] Adoption Call for draft-davidben-tls-key-share-prediction

I support adoption of this document. Y(J)S ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

[TLS]Re: I-D Action: draft-ietf-tls-svcb-ech-04.txt

Bootstrapping is REALLY not appropriate, since this is not TLS with ECH enabling itself, but rather a DNS mechanism enabling ECH. But the document is ready for LC. Y(J)S -Original Message- From: Salz, Rich Sent: Tuesday, August 20, 2024 8:00 PM To: tls@ietf.org Subject: [TLS]Re: I-D A

[TLS] Re: [EXTERNAL] Re: 2nd Working Group Last Call for The SSLKEYLOGFILE Formatfor TLS

All, I fully support standardizing the SSLKEYLOGFILE Format. While it is a debugging tool, that doesn’t mean it doesn’t have to be standardized. Where I work we maintain a large set of protocol analysis tools used to verify correct operation of various programs, and document variant behaviors.

[TLS] Re: [EXTERNAL] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

> Even with Recommended=N, I can imagine many managers reacting to a > presentation on "YOU NEED TO USE PQC LIKE ML-KEM BECAUSE ELSE..." by googling > "deploy ML-KEM now" and being recommended this rather than a safer hybrid[1]. > I am not convinced that such a person, if given more knowledge, "

[TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

I support adoption of pure PQC KEMs drafts with Intended status: Informational (meaning that the IETF is not recommending using). Any IPR that can be asserted against Kyber can be asserted against already adopted hybrid methods incorporating Kyber. If anything, one may attempt to argue that hybri

[TLS] Re: FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

ecessarily negative) usages I don't see any explanation, let alone consensus. Y(J)S -Original Message- From: Stephen Farrell Sent: Thursday, July 3, 2025 4:57 PM To: Yaakov Stein ; Subject: Re: [TLS] FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.t

[TLS] Re: [EXTERNAL] Re: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

Watson, * Your document argues that ECH isn't good because it simultaneously can be defeated by flow behavior classification and that it defeats flow based allocation required for QoS. These can't both be right. Not what I said. I said that 90% of the flows (the common and in general benig

[TLS] Re: [EXTERNAL] Re: I-D Action: draft-ietf-tls-wkech-08.txt

Stephen, Small nit regarding the definition : Zone factory (ZF): an entity that has write-access to the DNS and similar text in the intro. First, it leaves unclear what THE DNS means (although clear from later on that you are talking about the authoritative DNS server) and so you mean write

[TLS] Re: FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

all other traffic. Once again, if this level of control over client's traffic is not possible, one should rethink if the "admins" should be able to peek into the SNI at all. Regards, Raghu Saxena [0] https://www.saxrag.com/tech/reversing/2025/06/01/BAWiFi.html On 7/2/25 10:

[TLS] Re: [EXTERNAL] Re: Re: FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

/544717/security-awareness-studies-prove-once-again-that-users-are-the-weakest-link-in-the-security-chain.html Y(J)S From: Rob Sayre Sent: Saturday, July 12, 2025 4:24 AM To: TLS@ietf.org; Yaakov Stein Subject: [EXTERNAL] Re: [TLS] Re: FW: New Version Notification for draft-stein-tls-ech-considered

[TLS] Re: [EXTERNAL] Re: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

st, ECH is completely innocuous. ECH is merely a highly efficient method of hiding the actual attacks from network-based security mechanisms. Y(J)S From: Salz, Rich Sent: Thursday, July 3, 2025 6:39 PM To: Yaakov Stein ; Subject: Re: [EXTERNAL] Re: New Version Notification for draft-ste

[TLS] Re: FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

- From: Stephen Farrell Sent: Thursday, July 3, 2025 4:24 PM To: Yaakov Stein ; Subject: Re: [TLS] FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt Hiya, On 02/07/2025 15:43, Yaakov Stein wrote: > Just in case anyone missed this ... I see nothing new

[TLS] Re: [EXTERNAL] Re: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

g the more serious malware detection issue, I assume that you expect me to rely on the RFC 3514 marking in the IP header? Y(J)S From: Salz, Rich Sent: Wednesday, July 2, 2025 6:28 PM To: Yaakov Stein ; Subject: [EXTERNAL] Re: New Version Notification for draft-stein-tls-ech-considered-harm

[TLS] FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt

Just in case anyone missed this ... Y(J)S -Original Message- From: internet-dra...@ietf.org Sent: Tuesday, July 1, 2025 4:52 PM To: Yaakov Stein ; Yaakov Stein Subject: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt A new version of Internet-Draft draft