Transport Layer Security (TLS) False Start
draft-ietf-tls-falsestart-02
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2016-07-14
|
02 | Jean Mahoney | Closed request for Last Call review by GENART with state 'No Response' |
2016-07-05
|
02 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2016-06-29
|
02 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2016-06-20
|
02 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2016-05-23
|
02 | (System) | RFC Editor state changed to EDIT |
2016-05-23
|
02 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2016-05-23
|
02 | (System) | Announcement was received by RFC Editor |
2016-05-23
|
02 | (System) | IANA Action state changed to No IC |
2016-05-23
|
02 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2016-05-23
|
02 | Amy Vezza | IESG has approved the document |
2016-05-23
|
02 | Amy Vezza | Closed "Approve" ballot |
2016-05-23
|
02 | Amy Vezza | Ballot approval text was generated |
2016-05-23
|
02 | Amy Vezza | Ballot writeup was changed |
2016-05-19
|
02 | Amy Vezza | IESG state changed to Approved-announcement to be sent from IESG Evaluation |
2016-05-19
|
02 | Stephen Farrell | RFC Editor Note was changed |
2016-05-19
|
02 | Stephen Farrell | RFC Editor Note was changed |
2016-05-19
|
02 | Stephen Farrell | RFC Editor Note for ballot was generated |
2016-05-19
|
02 | Stephen Farrell | RFC Editor Note for ballot was generated |
2016-05-19
|
02 | Stephen Farrell | Ballot writeup was changed |
2016-05-19
|
02 | Alexey Melnikov | [Ballot comment] Informational sounds like a better fit, but I don't mind either way. |
2016-05-19
|
02 | Alexey Melnikov | Ballot comment text updated for Alexey Melnikov |
2016-05-19
|
02 | Stephen Farrell | Intended Status changed to Informational from Experimental |
2016-05-18
|
02 | Amanda Baber | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2016-05-18
|
02 | Ben Campbell | [Ballot comment] I concur with the "what is the experiment?" comments. |
2016-05-18
|
02 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2016-05-18
|
02 | Alia Atlas | [Ballot comment] For Stephen, yes, I noticed :-) In support of Kathleen's comment and based on the shepherd's write-up, why is this experimental and what … [Ballot comment] For Stephen, yes, I noticed :-) In support of Kathleen's comment and based on the shepherd's write-up, why is this experimental and what is the experiment? |
2016-05-18
|
02 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2016-05-18
|
02 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2016-05-18
|
02 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2016-05-18
|
02 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2016-05-17
|
02 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2016-05-17
|
02 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2016-05-17
|
02 | Kathleen Moriarty | [Ballot comment] I'm a little confused by the experimental status given the shepherd write up. This is just a comment though... |
2016-05-17
|
02 | Kathleen Moriarty | [Ballot Position Update] New position, No Objection, has been recorded for Kathleen Moriarty |
2016-05-17
|
02 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2016-05-17
|
02 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2016-05-16
|
02 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded for Alexey Melnikov |
2016-05-11
|
02 | Bodo Moeller | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2016-05-11
|
02 | Bodo Moeller | New version available: draft-ietf-tls-falsestart-02.txt |
2016-05-09
|
01 | Gunter Van de Velde | Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Fred Baker. |
2016-04-28
|
01 | Stephen Farrell | Placed on agenda for telechat - 2016-05-19 |
2016-04-28
|
01 | Stephen Farrell | Ballot has been issued |
2016-04-28
|
01 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2016-04-28
|
01 | Stephen Farrell | Created "Approve" ballot |
2016-04-28
|
01 | Stephen Farrell | Changed consensus to Yes from Unknown |
2016-04-28
|
01 | Stephen Farrell | IESG state changed to IESG Evaluation from Waiting for Writeup |
2016-04-28
|
01 | Stephen Farrell | Ballot writeup was changed |
2016-04-20
|
01 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2016-04-18
|
01 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2016-04-18
|
01 | Sabrina Tanamal | (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-tls-falsestart-01.txt, which is currently in Last Call, and has the following comments: We understand that this … (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-tls-falsestart-01.txt, which is currently in Last Call, and has the following comments: We understand that this document doesn't require any IANA actions. While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, IANA does not object. If this assessment is not accurate, please respond as soon as possible. Thank you, Sabrina Tanamal IANA Specialist ICANN |
2016-04-14
|
01 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Charlie Kaufman. |
2016-04-12
|
01 | Jean Mahoney | Request for Last Call review by GENART is assigned to Fernando Gont |
2016-04-12
|
01 | Jean Mahoney | Request for Last Call review by GENART is assigned to Fernando Gont |
2016-04-10
|
01 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Fred Baker |
2016-04-10
|
01 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Fred Baker |
2016-04-07
|
01 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Charlie Kaufman |
2016-04-07
|
01 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Charlie Kaufman |
2016-04-06
|
01 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2016-04-06
|
01 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: "Sean Turner" , draft-ietf-tls-falsestart@ietf.org, tls@ietf.org, stephen.farrell@cs.tcd.ie, sean@sn3rd.com, … The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: "Sean Turner" , draft-ietf-tls-falsestart@ietf.org, tls@ietf.org, stephen.farrell@cs.tcd.ie, sean@sn3rd.com, tls-chairs@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Transport Layer Security (TLS) False Start) to Experimental RFC The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Transport Layer Security (TLS) False Start' as Experimental RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2016-04-20. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies an optional behavior of TLS client implementations, dubbed False Start. It affects only protocol timing, not on-the-wire protocol data, and can be implemented unilaterally. A TLS False Start reduces handshake latency to one round trip. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tls-falsestart/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tls-falsestart/ballot/ No IPR declarations have been submitted directly on this I-D. The reference to RFC2616 should probably be updated to 7230. |
2016-04-06
|
01 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested |
2016-04-06
|
01 | Stephen Farrell | Last call was requested |
2016-04-06
|
01 | Stephen Farrell | Ballot approval text was generated |
2016-04-06
|
01 | Stephen Farrell | Ballot writeup was generated |
2016-04-06
|
01 | Stephen Farrell | IESG state changed to Last Call Requested from AD Evaluation |
2016-04-06
|
01 | Stephen Farrell | Last call announcement was changed |
2016-04-06
|
01 | Stephen Farrell | Last call announcement was generated |
2016-03-22
|
01 | Stephen Farrell | IESG state changed to AD Evaluation from Publication Requested |
2016-03-21
|
01 | Sean Turner | 1. Summary "False Start” was an attempt to reduce the latency impact of HTTPS based on the simple premise that the client send application data … 1. Summary "False Start” was an attempt to reduce the latency impact of HTTPS based on the simple premise that the client send application data earlier in the handshake; to be precise clients send application data before they have received and verified the server's "Finished” message. Initial measurements showed a 30% reduction in latency [0] I could paraphrase more of s2, but the authors explained the timing and the implications at the end of s2. Note that this “experiment” was supported by Chrome, FF, IE, OpenSSL, NSS, and others. Some additional details: - Chrome 20 disable it except for sites that enabled NPN. - Firefox has (or at some point had) an NPN requirement to enable False Start. - Safari as an additional example without the NPN requirement: http://opensource.apple.com/source/Security/Security-55471/libsecurity_ssl/lib/sslTransport.c - While there were patches to enable False Start with OpenSSL, it's not clear it was ever part of an official release. As far as where you should point your fingers: - Sean Turner is the document shepherd, and; - Stephen Farrell is the responsible Area Director. 2. Review and Consensus There wasn’t a whole lot of discussion, primarily because "False Start” the implementation issues were worked out by the browsers and the WG didn’t adopt this draft until long after (Nov-2014). The draft was adopted because it documents existing practices and provides security considerations [0]; the comments in the WG adoption thread were incorporated in the -01 WG version. The WG’s deliberations resulted in a number of changes that more accurately reflect deployments (i.e., dropping server-side False Start) as well as restricting its use to pre-TLS1.3 (see s5.2) and cipher suites (see s5.3). One reviewer wanted all (FF-)DHE cipher suites removed because they believe that the downgrade protections defined in [1] are in adequate. To solve address this issue, the “False Start” draft requires whitelists as well as large groups/curves. [0] https://mailarchive.ietf.org/arch/msg/tls/RLklpxmZ3BQRBIqWgfeUcCLhgx0 [1] https://datatracker.ietf.org/doc/draft-ietf-tls-negotiated-ff-dhe/ 3. Intellectual Property All disclosed as confirmed by the authors on 20160302. 4. Other Points: There are no IANA considerations for this draft. |
2016-03-21
|
01 | Sean Turner | Responsible AD changed to Stephen Farrell |
2016-03-21
|
01 | Sean Turner | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2016-03-21
|
01 | Sean Turner | IESG state changed to Publication Requested |
2016-03-21
|
01 | Sean Turner | IESG process started in state Publication Requested |
2016-03-21
|
01 | Sean Turner | Changed document writeup |
2016-02-21
|
01 | Sean Turner | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2016-01-21
|
01 | Sean Turner | IETF WG state changed to In WG Last Call from WG Document |
2016-01-12
|
01 | Sean Turner | Notification list changed to "Sean Turner" <sean@sn3rd.com> |
2016-01-12
|
01 | Sean Turner | Document shepherd changed to Sean Turner |
2015-11-02
|
01 | Bodo Moeller | New version available: draft-ietf-tls-falsestart-01.txt |
2015-10-14
|
00 | (System) | Notify list changed from "Sean Turner" to (None) |
2015-10-05
|
00 | Sean Turner | Intended Status changed to Experimental from None |
2015-07-31
|
00 | Sean Turner | Notification list changed to "Sean Turner" <turners@ieca.com> |
2015-07-31
|
00 | Sean Turner | Document shepherd changed to Sean Turner |
2015-05-10
|
00 | Sean Turner | This document now replaces draft-bmoeller-tls-falsestart instead of None |
2015-05-07
|
00 | Bodo Moeller | New version available: draft-ietf-tls-falsestart-00.txt |