Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

I support adoption, and am happy to review. Best, Bas On Wed, Dec 6, 2023 at 6:34 AM Deirdre Connolly wrote: > At the TLS meeting at IETF 118 there was significant support for the draft > 'TLS 1.2 is in Feature Freeze' ( > https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

I consider Section 3 "Implications for post-quantum cryptography" misplaced. I suggest to delete the section The motivation for the draft is unrelated to developments with PQC. Ciao Hannes Am 11.12.2023 um 11:59 schrieb Bas Westerbaan: I support adoption, and am happy to review. Best,  

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

I support adoption, and am happy to review. Best, Dennis On 06/12/2023 12:50, Salz, Rich wrote: At the TLS meeting at IETF 118 there was significant support for the draft 'TLS 1.2 is in Feature Freeze' (https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/

Re: [TLS] Call to Move RFC 8773 from Experimental to Standards Track

RFC 8773 S3: > In the near term, this document describes a TLS 1.3 extension to protect today's communications from the future invention of a large-scale quantum computer by providing a strong external PSK as an input to the TLS 1.3 key schedule while preserving the authentication provided by

Re: [TLS] Call to Move RFC 8773 from Experimental to Standards Track

Hi Russ, Seem like good suggested updates. Russ Housley wrote: >Can you point me to the 3GPP document that makes use of RFC 8773? It should >probably be referenced in Section 3.1 >as another example along with >[I-D.ietf-emu-bootstrapped-tls]. Hi, Section 5.3 of TS 33.222 specifies "Shared ke

Re: [TLS] Privacy and PSK identifiers (was Re: Call to Move RFC 8773 from Experimental to Standards Track)

Thanks Christian, I think all of the suggested solutions are viable with different tradeoffs. Actually, I think it is hard to find special cases where none of the solutions work. >One approach is to encrypt the PSK identifier using the public key of >the destination. That works nicely if we sup

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

* I consider Section 3 "Implications for post-quantum cryptography" misplaced. I suggest to delete the section * The motivation for the draft is unrelated to developments with PQC. The point is to explain to people that we are going to need PQ crypto, and it *will not be a 1.2 enhancemen

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Hi Rich, that is implied by a "feature freeze". No reason to highlight PQC (even though it is a hype topic right now). Ciao Hannes Am 11.12.2023 um 17:18 schrieb Salz, Rich: * I consider Section 3 "Implications for post-quantum cryptography" misplaced. I suggest to delete the sectio

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Tue, Dec 5, 2023, 9:34 PM Deirdre Connolly wrote: > At the TLS meeting at IETF 118 there was significant support for the draft > 'TLS 1.2 is in Feature Freeze' ( > https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This > call is to confirm this on the list. Please indicate if y

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

* that is implied by a "feature freeze". No reason to highlight PQC (even though it is a hype topic right now). Yes, to both of these. But I still think it should be explicitly called out. If the WG thinks otherwise, then fine, the document is that much shorter :) _

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

The draft itself is an exercise in clear communication, and mentioning PQC explicitly fits with that. Thus I agree with Rich to keep it. Best, Bas On Mon, Dec 11, 2023 at 6:18 PM Salz, Rich wrote: > >- that is implied by a "feature freeze". No reason to highlight PQC >(even though it

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Ditto +1 to Rich From: TLS on behalf of Bas Westerbaan Date: Monday, 11 December 2023 at 18:21 To: Salz, Rich Cc: Hannes Tschofenig , TLS@ietf.org Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze' The draft itself is an exercise in clear communication, and mentioning PQC explici

Re: [TLS] Call to Move RFC 8773 from Experimental to Standards Track

John: > > But now when I look at TS 33.222 personally, I see that Section 5.3 actually > uses HTTP Digest for the Shared key-based client authentication, not TLS PSK > authentication. Thanks for getting back to me on this. Russ___ TLS mailing list TL

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Wed, Dec 06, 2023 at 12:33:52AM -0500, Deirdre Connolly wrote: > At the TLS meeting at IETF 118 there was significant support for the draft > 'TLS 1.2 is in Feature Freeze' ( > https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This call > is to confirm this on the list. Please i

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Viktor Dukhovni wrote: > I do however wonder why this requires a draft formalising the stance? > [...] > Is the draft actually necessary? It is a good way to avoid continually discussing the matter. So, yes, it will save time: by documenting IETF consensus. thanks, Rob PS - I have to say, not i

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Mon, Dec 11, 2023 at 12:32:36PM -0800, Rob Sayre wrote: > PS - I have to say, not in this message, but sometimes it seems like the > goal of TLS 1.2 advocates is weaker encryption. So, for them, the flaws in > TLS 1.2 that the draft describes are desirable. If that's the case, > participants ar

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Viktor Dukhovni wrote: > For what it is worth, my agenda/perspective has never been to weaken encryption. Right, I wrote that your message was not something that advocated weakened encryption. > Given that TLS 1.2 will be around for quite some time Not clear. > Whatever else we do, we should n

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Mon, Dec 11, 2023 at 02:40:41PM -0800, Rob Sayre wrote: > > Given that TLS 1.2 will be around for quite some time > > Not clear. As a data point, I've had no luck so far with encouraging the email operators of domain-registry.bg to upgrade their primary MX from TLS 1.0 to at least TLS 1.2. :-

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

I don't think that quite captures the tradeoffs. Sure, TLS 1.2 will be around for quite some time, but that *does not mean it is worth adding new features to TLS 1.2*. Those two statements are not directly related. Protocol changes generally require both client and server changes to take effect. P

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Mon, Dec 11, 2023 at 06:38:05PM -0500, David Benjamin wrote: > Protocol changes generally require both client and server changes to take > effect. Pre-existing deployments, by simply pre-existing, will not have > those changes. If we add, say, post-quantum options for TLS 1.2, it will > benefit

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

In all the rush to jump on the bandwagon, no-one has yet answered the question I posed earlier: For anyone who's already moved to TLS 1.3 the draft is irrelevant, and for people who have to keep supporting TLS 1.2 gear more or less indefinitely it makes their job hard if not impossible. So what's

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Mon, Dec 11, 2023 at 5:15 PM Peter Gutmann wrote: > > In all the rush to jump on the bandwagon, no-one has yet answered the question > I posed earlier: For anyone who's already moved to TLS 1.3 the draft is > irrelevant, and for people who have to keep supporting TLS 1.2 gear more or > less ind

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Watson Ladd writes: >How does a feature freeze make it impossible to keep supporting TLS 1.2 as >is? Because if there's some tweak required for some reason (I don't know what that could be since I can't predict the future) the draft seems to prohibit it. Peter.

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Rob Sayre writes: >>Given that TLS 1.2 will be around for quite some time >Not clear. Absolutely clear. I work with stuff with 20-30 year deployment and life cycles. I'm fairly certain TLS 1.2 will still be around when the WebTLS world is debating the merits of TLS 1.64 vs. TLS 1.65. (This is

Re: [TLS] ECH: Changes to IANA consideration section

I am going to go ahead and forward this. Note that since the “Comments” column isn’t a thing until we get 8447bis through the door the note will follow. spt > On Dec 6, 2023, at 14:46, Sean Turner wrote: > > Okay a new proposal the ech_outer_extensions registration: > - Set "TLS 1.3" column to

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Mon, Dec 11, 2023 at 07:51:13PM -0800, Rob Sayre wrote: > > Absolutely clear. I work with stuff with 20-30 year deployment and > > life cycles. I'm fairly certain TLS 1.2 will still be around when > > the WebTLS world is debating the merits of TLS 1.64 vs. TLS 1.65. > > I have to say, I am s

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Peter, I'm curious. Are those embedded devices or IoT type of appliances where the firmware has a TLS library that will never be updated ? On Tue, 12 Dec 2023 at 05:30, Peter Gutmann wrote: > > Rob Sayre writes: > > >>Given that TLS 1.2 will be around for quite some time > >Not clear. > > Abso