[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-17 Thread David Benjamin
On Sun, Nov 17, 2024 at 12:05 PM Ilari Liusvaara wrote: > On Sun, Nov 17, 2024 at 07:54:17AM -0500, David Benjamin wrote: > > On Sat, Nov 16, 2024 at 10:40 AM Ilari Liusvaara < > ilariliusva...@welho.com> > > wrote: > > > > > On Wed, Nov 13, 2024 at 01:39:43PM -0500, David Benjamin wrote: > > > >

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-17 Thread Ilari Liusvaara
On Sun, Nov 17, 2024 at 07:54:17AM -0500, David Benjamin wrote: > On Sat, Nov 16, 2024 at 10:40 AM Ilari Liusvaara > wrote: > > > On Wed, Nov 13, 2024 at 01:39:43PM -0500, David Benjamin wrote: > > A thought: This is now a protocol change, but what if we defined a "oops" > extension that simply

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-17 Thread Stephen Farrell
Hiya, Given David's presentation and subsequent list discussion, it seems extraordinarily clear that a bis document is needed here;-) On 17/11/2024 12:54, David Benjamin wrote: A thought: This is now a protocol change, but what if we defined a "oops" extension that simply adds a dummy post-Fin

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-17 Thread David Benjamin
On Sat, Nov 16, 2024 at 10:40 AM Ilari Liusvaara wrote: > On Wed, Nov 13, 2024 at 01:39:43PM -0500, David Benjamin wrote: > > > > Not to say that every implementor would have noticed every issue (I'm > sure > > I overlooked some issues too), but I think DTLS's biggest challenge has > > always bee

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-17 Thread Ilari Liusvaara
On Wed, Nov 13, 2024 at 01:39:43PM -0500, David Benjamin wrote: > > Not to say that every implementor would have noticed every issue (I'm sure > I overlooked some issues too), but I think DTLS's biggest challenge has > always been the relatively little attention it receives compared to TLS. - Whe

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-14 Thread Joseph Salowey
Hi Folks, There are a few instances of messages that we are trying to avoid on this thread. We have contacted the posters, but we would like to remind folks to try to keep the discussion civil and not send messages that are trying to incite a combative response or messages that are singling out pa

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-14 Thread David Adrian
> You mean "Google is putting massive amounts of pressure on people to try and make sure that DTLS loses to QUIC" Ah yes, that is why a Googler is actively implementing DTLS 1.3, spurring this entire thread. To meet the “DTLS loses to QUIC” OKR. On Wed, Nov 13, 2024 at 9:06 PM Peter Gutmann wrot

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread John Mattsson
, resea...@bensmyth.com Cc: Andrei Popov , Joseph Salowey , IETF TLS Subject: [TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis Ben Smyth writes: >Datagram TLS over UDP (Userdata Datagram Protocol) is losing to Quic[k UDP >Internet Connections] You mean "Google is putting massive amounts of p

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread Achim Kraus
Hello Peter, > Just thinking out loud here but could the transport folks define some sort of > reliable-UDP transport mechanism that you could then run whatever you like > over? The benefit using DTLS/UDP instead of TLS/TCP is in my experience, that the application decides for each "application

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread Peter Gutmann
Christian Huitema writes: >That chimes with David Benjamin's analysis about the "whole mess of >transport-related concerns that just don't apply to TLS". The expertise for >that is in the transport area, not in the TLS WG. LDAP was once described as "a bunch of networking types trying to reinven

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread Christian Huitema
On 11/13/2024 6:06 PM, Peter Gutmann wrote: Ben Smyth writes: Datagram TLS over UDP (Userdata Datagram Protocol) is losing to Quic[k UDP Internet Connections] QUIC is not an acronym, see RFC 9000. You mean "Google is putting massive amounts of pressure on people to try and make sure that DT

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread Peter Gutmann
Ben Smyth writes: >Datagram TLS over UDP (Userdata Datagram Protocol) is losing to Quic[k UDP >Internet Connections] You mean "Google is putting massive amounts of pressure on people to try and make sure that DTLS loses to QUIC" (or as one dev put it, "QUIC doesn't deliver but no-one will say so

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread David Adrian
WebRTC uses DTLS and is the driver for DTLS in BoringSSL. Post-quantum DTLS necessitates DTLS1.3. On Wed, Nov 13, 2024 at 3:00 PM Ben Smyth wrote: > On Wed, 13 Nov 2024, 19:39 David Benjamin, wrote: > >> FWIW, I did not read Watson's comment in any negative way and agree with >> him. (And every

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread Ben Smyth
On Wed, 13 Nov 2024, 19:39 David Benjamin, wrote: > FWIW, I did not read Watson's comment in any negative way and agree with > him. (And everyone else. I think my feelings are "meh, let's just fix it" > and "sure, whatever we can get".) > > Not to say that every implementor would have noticed eve

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread David Benjamin
FWIW, I did not read Watson's comment in any negative way and agree with him. (And everyone else. I think my feelings are "meh, let's just fix it" and "sure, whatever we can get".) Not to say that every implementor would have noticed every issue (I'm sure I overlooked some issues too), but I think

[TLS] Re: [EXTERNAL] Re: DTLS 1.3 bis

2024-11-13 Thread Andrei Popov
David’s analysis is excellent; as a likely future implementor of DTLS 1.3 I’m glad these spec bugs have been discovered. To what extent formal analysis would be helpful here is not obvious. I don’t recall: did we have interoperable implementations prior to shipping the DTLS 1.3 spec? Cheers,