Hiya, First, thanks all for all your ongoing work on TLS1.3. I'm sure we're all aware that this is important stuff that needs to be, and is being, done carefully with due attention to security analysis.
Early in the process we had some brief discussion of pausing towards the end of the work to give folks a chance to do analyses of the security and other properties of TLS1.3 just before publication of the RFC. Chatting with the chairs in Prague and with various others since, we think we've reached the point where we need to start executing that bit of the plan, since doing such analyses also takes time and we don't want to add a big delay if we can avoid it. So we're organising a workshop on just that topic to be co-located with NDSS in San Diego in late February 2016. The call for papers is at [1], please read that and circulate to folks who you think could produce useful analyses that can help the WG get an even higher quality TLS1.3 out the door. I'm sure some of you will be wondering about invites to this workshop etc. We'll have to see how many submissions we get and the level of interest and figure out logistics etc closer to time, but this clearly does need a bunch of folks in the room who are important contributors to the WG but who won't be submitting papers. I'll work with the workshop programme committee and the WG chairs to figure out how best to handle that, via invites, remote access if possible etc. More on that as we figure it out. (Feel free to send me and/or the WG chairs your thoughts and offers for help on that.) And just to clarify a possible process question - this workshop will provide input - we're hoping that'll be very high quality input but the normal WG consensus process will be used to process that input in all the usual ways. Think of TRON as being a mega-big design team on steroids if that helps. (Lousy imagery, I know:-) If the workshop indicates that TLS1.3 is fine then that's fairly obviously great, if there are significant new issues identified though, those will need to be brought to this list, and to meetings at IETF95, for resolution via our normal process. Cheers, S. [1] https://www.internetsociety.org/events/ndss-symposium-2016/tron-workshop-call-papers _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
