Being new to this community, can I actually ask for the analysis of the ‘hundred’s of applications’ which lead to the evolution of TLS 1.3 the way it is today? Was it captured somewhere or shall I reconstruct this history from all the discussions in the mailing lists?
Thank you in advance > Le 3 oct. 2017 à 00:48, Stephen Farrell <stephen.farr...@cs.tcd.ie> a écrit : > > > Russ, > > On 02/10/17 22:43, Russ Housley wrote: >>> For starters, though, I'd be interested answers from the authors to >>> two quick questions, though I suspect I can guess 'em: >>> >>> 1. TLS1.3 has had significant formal analysis. Did the authors or >>> other proponents here do any such work and if so can you send a >>> pointer to your results? If not, then I believe the onus is on the >>> folks who want to break TLS to do that work themselves if they want >>> to make a serious proposal and it is not ok IMO to try put that >>> work onto the community who have been working hard for years to >>> make TLS stronger. >> >> I would be willing to work with the people that did the formal >> analysis to show the impact of including the extension, and making >> changes to the extension that are indicated by that analysis. >> > > IMO, that's not a good answer. When improving the security > properties of the protocol it may suffice. When weakening > the protocol, I strongly believe the onus is on you to have > done that work ahead of time, so that the damage you are > proposing the Internet suffers is clear and known and not > discovered years later. > >>> 2. Which of the hundreds of applications making use of TLS did you >>> analyse before proposing this? If only a handful, then same comment >>> wrt where the onus ought lie. >> >> Just like TLS 1.3 has been implemented and tested with many >> applications during its development, I would expect the same to >> happen in those environments where there is interest in making use of >> this extension. > > The TLS WG has spent an awful lot of effort on (I think) > every single semantic difference between TLS1.2 and TLS1.3. > (Ortt for example.) You are now asking that everyone else > do work to figure out how your proposal damages their uses > of TLS so that this supposed use case is dealt with. I think > you and other proponents of breaking TLS need to spend that > effort yourselves. (This is because as you know there is no > way to limit the damage of your proposal to only the use-cases > that are the claimed targets for this bad idea.) > > So yes, those answers are as I expected and are just as > unsurprisingly, utterly unsatisfactory. > > S. > >> >> Russ >> >> > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
