[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] New drafts: adding input to the TLS master secret

To: Paul Hoffman <paul.hoffman@xxxxxxxx>
Subject: Re: [TLS] New drafts: adding input to the TLS master secret
From: Dean Anderson <dean@xxxxxxx>
Date: Sat, 30 Jan 2010 17:13:41 -0500 (EST)
Cc: tls@xxxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces@xxxxxxxx

On Fri, 29 Jan 2010, Paul Hoffman wrote:

> The first document changes the TLS/DTLS master secret calculation when
> there are particular kinds of extensions present. Of course, it does
> not change the calculation when those extensions are not present, and
> there are no extensions yet that would kick in the change.

Unless I misunderstand what you plan to change, te master secret
calculation is a core subject of TLS and thus the TLS Working Group
activity.

I am concerned that this is an out-of-WG framework change that
effectively alters WG standards on the master secret calculation and
impacts subsequent extensions; and that as it is outside of the WG
standards process.  Independent submissions are not allowed on WG
subject matter. It would seem to me that the RFC editor ought to reject
this independent submission because it is related to WG activity, and
amounts to an end-run around WG decision-making on master secret
calculation and how TLS extensions affect core facilities. Merely
bringing such work to the attention of the WG before independent
submission seems to be insufficient to comply with the requirement that
Working Groups decide on standards in their chartered area.

Changing the master secret calculation in a nonstandard way is a
proprietary change.  The WG gives approval by accepting the document,
reviewing it, and deciding on it. Saying "Hey WG, look at this" isn't
sufficient.  Putting an "RFC"  imprimatur on your change via independent
submission doesn't alter the fact of WG non-standardization, but merely
confuses both implementers and the public, and constrains WG decisions
in the future. But of course, that's why the RFC editor is supposed to
reject independent submissions that overlap WG work.

		--Dean

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 256 5494

_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] New drafts: adding input to the TLS master secret
  - From: Paul Hoffman

References:
- [TLS] New drafts: adding input to the TLS master secret
  - From: Paul Hoffman

Prev by Date: Re: [TLS] Metadiscussion on changes in draft-ietf-tls-renegotiation
Next by Date: Re: [TLS] New drafts: adding input to the TLS master secret
Previous by thread: Re: [TLS] New drafts: adding input to the TLS master secret
Next by thread: Re: [TLS] New drafts: adding input to the TLS master secret
Index(es):
- Date
- Thread