Document: draft-usama-tls-fatt-extension-02.txt TBH, I don't find this draft that helpful. While there are some parts of it that seem like they might be unobjectionable, way too much of it seems to be concerned with litigating various disputes about specific past events. That's not a good starting point for reform.
More generally, this draft seems to envision some defined role in the WG process for "Verifiers" other than through the FATT. For example: The FATT process restricts the Verifier from contacting the FATT directly. We argue that the Verifier should be allowed to contact the FATT (at least the FATT person for a specific draft) because of the following reasons: I don't think this is advisable. In general, the IETF convention is that people participate as individuals and if they are to have specific roles (e.g., author), those roles are provided by the WG process, not by the nature of the person's work. I don't think we need the concept of a separate "Verifier" role any more than we have the concept of a separate "Implementor" role. We are all WG members. >From my perspective, the purpose of having a separate FATT is to ensure that in cases where the WG deems some formal analysis is needed, we have a structure for getting that. It does not, however, empower FATT members with extra authority, and that process takes place within the broad overall management of the chairs. -Ekr On Mon, Mar 2, 2026 at 4:52 PM Muhammad Usama Sardar < [email protected]> wrote: > Hi, > > I had previously requested a slot at meeting 125 for this. So I look > forward to discussion at the meeting. > > In the mean time, I would appreciate any thoughts or feedback. > > Changes compared to -01 are: > > - Protection of TLS proofs from outside adversaries 🙂 > - FATT process not being followed with examples of > - ML-KEM > - Key update > - Proposed document structure with example of > draft-wang-tls-service-affinity: this is WiP and needs more work. > > Chairs, please forward to the FATT who are not on list to get their > opinion, and when you have their opinion, please send it out on the list > for discussion. Don't wait until meeting for that! > > Aijun, I haven't seen any update on your draft until the cutoff. Do you > plan to pursue the draft? > > PAKE authors, could you please summarize the current state of your formal > analysis? Do you have any open questions that further formal analysis might > help? > Sincerely, > -Usama (on behalf of formal analysis team) > > > -------- Forwarded Message -------- > Subject: New Version Notification for > draft-usama-tls-fatt-extension-02.txt > Date: Mon, 2 Mar 2026 15:56:13 -0800 > From: [email protected] > To: Muhammad Sardar <[email protected]> > <[email protected]>, Muhammad Usama Sardar > <[email protected]> > <[email protected]> > > A new version of Internet-Draft draft-usama-tls-fatt-extension-02.txt has > been > successfully submitted by Muhammad Usama Sardar and posted to the > IETF repository. > > Name: draft-usama-tls-fatt-extension > Revision: 02 > Title: Extensions to TLS FATT Process > Date: 2026-03-02 > Group: Individual Submission > Pages: 14 > URL: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-02.txt > Status: https://datatracker.ietf.org/doc/draft-usama-tls-fatt-extension/ > HTML: > https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-02.html > HTMLized: > https://datatracker.ietf.org/doc/html/draft-usama-tls-fatt-extension > Diff: > https://author-tools.ietf.org/iddiff?url2=draft-usama-tls-fatt-extension-02 > > Abstract: > > This document applies only to non-trivial extensions of TLS, which > require formal analysis. It proposes the authors provide a threat > model and informal security goals in the Security Considerations > section, as well as motivation and a protocol diagram in the draft. > We also briefly present a few pain points of the team doing the > formal analysis which -- we believe -- require refining the process: > > * Contacting FATT > > * Understanding the opposing goals > > * No response from some authors > > * Slots at meeting > > * Provide protection against FATT-bypass by other TLS-related WGs > > * Process not being followed > > > > The IETF Secretariat > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
