Noted in the Shepherd write-up. spt
> On Apr 2, 2024, at 20:30, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > > Hiya, > > This is basically for the record and not an objection to proceeding. > > On 02/04/2024 17:34, Sean Turner wrote: >> This WGLC has concluded. There is consensus to move this document forward. >> The material change was to add a security consideration about forward >> secrecy guarantees being negated if the key material is leaked: >> https://github.com/tlswg/sslkeylogfile/pull/7/files >> We will not be asking the formal analysis folks to weigh in on this I-D; we >> all know the file’s content are the keys to the kingdom. >> Martin: If you can spin a new version, I can get the Shepherd write-up >> drafted. > > I like the addition in -01 but would still have preferred if we > weren't so awfully oblique about the consequences of running a > production system with this logging enabled. > > Were it up to me (and it's not) I'd suggest an additional addition > along the lines of: > > "Systems that enable logging as described here are (while logging > is enabled) unlikely to be consistent with requirements to make use > of state-of-the-art protections, as e.g. is called-for by GDPR > article 32 [1]" > > I suppose one could also re-do the above suggested text to refer > to RFC6919, section 3:-) [2] > > Again, I'm not objecting to proceeding, just bemoaning what I see > as us being so oddly timid in calling out real issues. > > Cheers, > S. > > [1] https://gdpr-info.eu/art-32-gdpr/ > [2] https://datatracker.ietf.org/doc/html/rfc6919#section-3 > >> spt >>> On Mar 28, 2024, at 09:24, Sean Turner <s...@sn3rd.com> wrote: >>> >>> Just a reminder that this WGLC ends soon! >>> >>> spt >>> >>>> On Mar 12, 2024, at 10:57, Sean Turner <s...@sn3rd.com> wrote: >>>> >>>> This is the working group last call for the SSLKEYLOGFILE Format for TLS >>>> Internet-Draft [1]. Please indicate if you think the I-D is ready to >>>> progress to the IESG and send any comments to the list by 31 March 2024. >>>> >>>> The GH repo for the I-D can be found at [2]. >>>> >>>> Thanks, >>>> >>>> Joe, Deirdre, and Sean >>>> >>>> [1] https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/ >>>> [2] https://github.com/tlswg/sslkeylogfile >>> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > <OpenPGP_0xE4D8E9F997A833DD.asc> _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls