Applying Generate Random Extensions And Sustain Extensibility (GREASE) to TLS Extensibility
draft-ietf-tls-grease-04
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2020-01-28
|
04 | (System) | RFC Editor state changed to AUTH48-DONE from TI |
2020-01-21
|
04 | (System) | RFC Editor state changed to TI from AUTH48-DONE |
2020-01-13
|
04 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2019-12-23
|
04 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2019-12-10
|
04 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2019-09-11
|
04 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2019-09-11
|
04 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2019-09-11
|
04 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2019-09-06
|
04 | (System) | IANA Action state changed to Waiting on Authors |
2019-08-29
|
04 | Francis Dupont | Request for Last Call review by GENART Completed: Ready. Reviewer: Francis Dupont. |
2019-08-27
|
04 | (System) | RFC Editor state changed to EDIT |
2019-08-27
|
04 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2019-08-27
|
04 | (System) | Announcement was received by RFC Editor |
2019-08-26
|
04 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2019-08-26
|
04 | Amy Vezza | IESG has approved the document |
2019-08-26
|
04 | Amy Vezza | Closed "Approve" ballot |
2019-08-26
|
04 | Amy Vezza | Ballot approval text was generated |
2019-08-26
|
04 | Benjamin Kaduk | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2019-08-25
|
04 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2019-08-25
|
04 | Benjamin Kaduk | [Ballot comment] A second TLS DE approved the registrations over the weekend, so there shouldn't be a need to hold this up anymore (though presumably … [Ballot comment] A second TLS DE approved the registrations over the weekend, so there shouldn't be a need to hold this up anymore (though presumably IANA will not notice until they come back to the office on Monday). |
2019-08-25
|
04 | Benjamin Kaduk | [Ballot Position Update] Position for Benjamin Kaduk has been changed to No Objection from Discuss |
2019-08-22
|
04 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2019-08-22
|
04 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2019-08-22
|
04 | David Benjamin | New version available: draft-ietf-tls-grease-04.txt |
2019-08-22
|
04 | (System) | New version approved |
2019-08-22
|
04 | (System) | Request for posting confirmation emailed to previous authors: David Benjamin |
2019-08-22
|
04 | David Benjamin | Uploaded new revision |
2019-08-22
|
03 | Cindy Morgan | IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
2019-08-22
|
03 | Benjamin Kaduk | [Ballot discuss] Holding off on approval until a second IANA expert chimes in. |
2019-08-22
|
03 | Benjamin Kaduk | [Ballot Position Update] Position for Benjamin Kaduk has been changed to Discuss from Yes |
2019-08-22
|
03 | Ignas Bagdonas | [Ballot Position Update] New position, No Objection, has been recorded for Ignas Bagdonas |
2019-08-22
|
03 | Éric Vyncke | [Ballot Position Update] New position, Yes, has been recorded for Éric Vyncke |
2019-08-21
|
03 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2019-08-21
|
03 | Alissa Cooper | [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper |
2019-08-21
|
03 | Warren Kumari | [Ballot comment] Thank you for a nicely written, and easy to understand document. |
2019-08-21
|
03 | Warren Kumari | [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari |
2019-08-21
|
03 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2019-08-21
|
04 | (System) | IANA Review state changed to IANA - Not OK from Version Changed - Review Needed |
2019-08-21
|
03 | Nagendra Nainar | Assignment of request for Telechat review by OPSDIR to Nagendra Kumar was rejected |
2019-08-21
|
03 | Martin Vigoureux | [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux |
2019-08-20
|
03 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2019-08-20
|
03 | Roman Danyliw | [Ballot comment] (1) Per the following: Section 3.1 says “Note that this requires no special processing on the client. Clients are already required to reject … [Ballot comment] (1) Per the following: Section 3.1 says “Note that this requires no special processing on the client. Clients are already required to reject unknown values selected by the server.” Section 4.1 says “Note that this requires no special processing on the server. Server are already required to reject unknown values selected by the client.” These statement don’t seem precisely right. Per Section 3.1, if a client understands GREASE enough to put it into a message to the server, and the server for some reason tries to negotiate this value, isn’t there ‘special processing' required in the client to the degree that it knows it shouldn’t accept the value it requested in the negotiation? (2) Section 7. Per “GREASE values may not be negotiated …”, is there a reason this isn’t “must not be negotiated”? |
2019-08-20
|
03 | Roman Danyliw | [Ballot Position Update] New position, No Objection, has been recorded for Roman Danyliw |
2019-08-20
|
03 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2019-08-19
|
03 | Adam Roach | [Ballot comment] Thanks for the work done on this -- it seems like it should be quite useful. I have one comment that applies across … [Ballot comment] Thanks for the work done on this -- it seems like it should be quite useful. I have one comment that applies across four sections of the document. --------------------------------------------------------------------------- §3.1: > Clients MUST reject GREASE values when negotiated by the server. In > particular, the client MUST fail the connection if a GREASE value > appears any in the following: ... > Note that this requires no special processing on the client. Clients > are already required to reject unknown values selected by the server. If the behavior is already defined in other documents, please don't reiterate it normatively here ("Clients MUST..."). I suggest rephrasing as "As required by Section x.y of [RFCxxxx], clients will reject GREASE values when..." --------------------------------------------------------------------------- §3.2: > Note that these requirements are restatements or corollaries of > existing server requirements in TLS. Same comment as above. --------------------------------------------------------------------------- §4.1: > Note that this requires no special processing on the server. Servers > are already required to reject unknown values selected by the client. Same comment as above. --------------------------------------------------------------------------- §4.2: > Note that these requirements are restatements or corollaries of > existing client requirements in TLS. Same comment as above. |
2019-08-19
|
03 | Adam Roach | [Ballot Position Update] New position, No Objection, has been recorded for Adam Roach |
2019-08-17
|
03 | Alexey Melnikov | [Ballot comment] I am looking forward to this being deployed. TLS 1.2 should be a Normative reference, despite being obsolete, as some of the requirements … [Ballot comment] I am looking forward to this being deployed. TLS 1.2 should be a Normative reference, despite being obsolete, as some of the requirements only apply to TLS 1.2. |
2019-08-17
|
03 | Alexey Melnikov | [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov |
2019-08-15
|
03 | Benjamin Kaduk | Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent … Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent extensibility failures in the TLS ecosystem. This document reserves some currently unused values for TLS implementations to advertise at random. Correctly implemented peers will ignore these values and interoperate. Peers that do not tolerate unknown values will fail to interoperate, revealing the mistake before it is widespread. The intended status is Informational, which is sufficient to assign the code points in the TLS registries. Technically, after the publication of RFC 8447 this draft does not need to be published as an RFC to perform these code point assignments but because GREASE was successfully used to uncover extensibility failures in the TLS ecosystems, other protocols could benefit from the same mechanism, and we hear it is easy to publish RFCs we figured we exercise the process to get this draft published. AD NOTE: Note that this has been successfully deployed for over a year; it's not really an "experiment" anymore but rather a useful thing that people do, both in TLS and elsewhere. This is informational in the sense that "here is a thing you can do, and some information about why you might want to do it". There's no real protocol -- you send some codepoints and expect the other endpoint to not change behavior as a result -- so it doesn't make sense as a proposed standard. I suppose one could argue that it is a BCP since it is for the health of the ecosystem, but that does not really feel like a good match. So to me, Informational is the right status. Review and Consensus David presented the draft multiple times to the WG. He has also presented the concept elsewhere; this happen to be my favorite: https://www.youtube.com/watch?v=_mE_JmwFi1Y The concept is well understood and was reviewed and adopted by the WG. But, there's not much to the draft so there was no controversy (thankfully). The draft's timeline is quite long but that is primarily because of the WG chairs as well as the slow progress of RFC 8447, which allowed an informational draft to do the assigments. Intellectual Property The DS confirmed with the author that any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. Other Considerations There are DOWNREFS in this draft. This entire document is one beig IANA consideration. The DS did consult IANA about GREASE and their suggestion was to check with the Registry DEs. The DS consulted with the DEs and they gave the thumbs up! GREASE is implemented by Chrome. |
2019-08-15
|
03 | Mirja Kühlewind | [Ballot comment] Sorry one more comment/question I forgot earlier: Why is this document informational? Shouldn't it be at least experimental? ------ previous comment ------ One … [Ballot comment] Sorry one more comment/question I forgot earlier: Why is this document informational? Shouldn't it be at least experimental? ------ previous comment ------ One comment/question: I think I didn't quite understand what a client is supposed to do if the connection fails with use of greasing values...? The security considerations seems to indicate that you should not try to re-connect without use of grease but rather just fail completely...? Also should you cache the information that greasing failed maybe? And a note on normative language: "Implementations sending multiple GREASE extensions in a single block thus must ensure the same value is not selected twice." Should this be a "MUST"? Also this is an interesting MUST: "... MUST correctly ignore unknown values..." While this is the whole point of the document, I assume this is already normatively specified in RFC8446 and therefore it could make sense to use non-formative language here... |
2019-08-15
|
03 | Mirja Kühlewind | Ballot comment text updated for Mirja Kühlewind |
2019-08-15
|
03 | Mirja Kühlewind | [Ballot comment] Sorry one more comment/question I forgot earlier: Why is this document informational? Should it be at least experimental? ------ previous comment ------ One … [Ballot comment] Sorry one more comment/question I forgot earlier: Why is this document informational? Should it be at least experimental? ------ previous comment ------ One comment/question: I think I didn't quite understand what a client is supposed to do if the connection fails with use of greasing values...? The security considerations seems to indicate that you should not try to re-connect without use of grease but rather just fail completely...? Also should you cache the information that greasing failed maybe? And a note on normative language: "Implementations sending multiple GREASE extensions in a single block thus must ensure the same value is not selected twice." Should this be a "MUST"? Also this is an interesting MUST: "... MUST correctly ignore unknown values..." While this is the whole point of the document, I assume this is already normatively specified in RFC8446 and therefore it could make sense to use non-formative language here... |
2019-08-15
|
03 | Mirja Kühlewind | Ballot comment text updated for Mirja Kühlewind |
2019-08-15
|
03 | Mirja Kühlewind | [Ballot comment] One comment/question: I think I didn't quite understand what a client is supposed to do if the connection fails with use of greasing … [Ballot comment] One comment/question: I think I didn't quite understand what a client is supposed to do if the connection fails with use of greasing values...? The security considerations seems to indicate that you should not try to re-connect without use of grease but rather just fail completely...? Also should you cache the information that greasing failed maybe? And a note on normative language: "Implementations sending multiple GREASE extensions in a single block thus must ensure the same value is not selected twice." Should this be a "MUST"? Also this is an interesting MUST: "... MUST correctly ignore unknown values..." While this is the whole point of the document, I assume this is already normatively specified in RFC8446 and therefore it could make sense to use non-formative language here... |
2019-08-15
|
03 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2019-08-15
|
03 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Carl Wallace. |
2019-08-13
|
03 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Nagendra Kumar |
2019-08-13
|
03 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Nagendra Kumar |
2019-08-12
|
03 | Cindy Morgan | Placed on agenda for telechat - 2019-08-22 |
2019-08-12
|
03 | Benjamin Kaduk | IESG state changed to IESG Evaluation from Waiting for Writeup |
2019-08-12
|
03 | Benjamin Kaduk | Ballot has been issued |
2019-08-12
|
03 | Benjamin Kaduk | [Ballot Position Update] New position, Yes, has been recorded for Benjamin Kaduk |
2019-08-12
|
03 | Benjamin Kaduk | Created "Approve" ballot |
2019-08-12
|
03 | Benjamin Kaduk | Ballot writeup was changed |
2019-08-12
|
03 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-tls-grease-03. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-tls-grease-03. If any part of this review is inaccurate, please let us know. The IANA Functions Operator understands that, upon approval of this document, there are four actions which we must complete. First, in the TLS Cipher Suites registry on the Transport Layer Security (TLS) Parameters registry page located at: https://www.iana.org/assignments/tls-parameters/ sixteen new registrations are to be made as follows: +---------------+-------------+---------+-------------+-------------+ | Value | Description | DTLS-OK | Recommended | Reference | +---------------+-------------+---------+-------------+-------------+ | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x0A,0x0A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x1A,0x1A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x2A,0x2A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x3A,0x3A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x4A,0x4A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x5A,0x5A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x6A,0x6A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x7A,0x7A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x8A,0x8A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0x9A,0x9A} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0xAA,0xAA} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0xBA,0xBA} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0xCA,0xCA} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0xDA,0xDA} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0xEA,0xEA} | | | | | | {TBD} | Reserved | Y | N |[ RFC-to-be ]| | {0xFA,0xFA} | | | | | +---------------+-------------+---------+-------------+-------------+ IANA understands that the TLS Cipher Suite numbers, below the { TBD } are suggested values based on earlier interoperability testing. IANA will attempt to use these values. As this requests registrations in a Specification Required (see RFC 8126) registry, the IESG-designated experts for the TLS Cipher Suite have asked that you send a review request to the mailing list tls-reg-review@ietf.org. Expert review will need to be completed before your document can be approved for publication as an RFC. Second, in the TLS Supported Groups registry also on the Transport Layer Security (TLS) Parameters registry page located at: https://www.iana.org/assignments/tls-parameters/ sixteen new registrations are to be made as follows: +------------+-------------+---------+-------------+----------------+ | Value | Description | DTLS-OK | Recommended | Reference | +------------+-------------+---------+-------------+----------------+ | {TBD} 2570 | Reserved | Y | N | [RFC-to-be] | | | | | | | | {TBD} 6682 | Reserved | Y | N | [RFC-to-be] | | | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 10794 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 14906 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 19018 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 23130 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 27242 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 31354 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 35466 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 39578 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 43690 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 47802 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 51914 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 56026 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 60138 | | | | | | {TBD} | Reserved | Y | N | [RFC-to-be] | | 64250 | | | | | +------------+-------------+---------+-------------+----------------+ IANA understands that the TLS Supported Group numbers, below the { TBD } are suggested values based on earlier interoperability testing. IANA will attempt to use these values. As this also requests registrations in a Specification Required (see RFC 8126) registry, the IESG-designated experts for the TLS Supported Group registry have asked that you send a review request to the mailing list tls-reg-review@ietf.org. Expert review will need to be completed before your document can be approved for publication as an RFC. Third, in the TLS ExtensionType Values registry on the Transport Layer Security (TLS) Extensions registry page located at: https://www.iana.org/assignments/tls-extensiontype-values/ sixteen, new ExtensionType values will be registered as follows: +----------+--------------+-----------+-------------+---------------+ | Value | Extension | TLS 1.3 | Recommended | Reference | | | name | | | | +----------+--------------+-----------+-------------+---------------+ | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 2570 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 6682 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 10794 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 14906 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 19018 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 23130 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 27242 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 31354 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 35466 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 39578 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 43690 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 47802 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 51914 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 56026 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 60138 | | NST | | | | {TBD} | Reserved | CH, CR, | N | [RFC-to-be] | | 64250 | | NST | | | +----------+--------------+-----------+-------------+---------------+ IANA understands that the TLS ExtensionType values, below the { TBD } are suggested values based on earlier interoperability testing. IANA will attempt to use these values. As this also requests registrations in a Specification Required (see RFC 8126) registry, the IESG-designated experts for the TLS ExtensionType registry have asked that you send a review request to the mailing list tls-reg-review@ietf.org. Expert review will need to be completed before your document can be approved for publication as an RFC. Fourth, in the TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs registry also on the Transport Layer Security (TLS) Extensions registry page located at: https://www.iana.org/assignments/tls-extensiontype-values/ sixteen, new Protocol IDs will be registered as follows: +----------+-------------------------+-----------------+ | Protocol | Identification Sequence | Reference | +----------+-------------------------+-----------------+ | Reserved | {TBD} 0x0A 0x0A | [RFC-to-be] | | Reserved | {TBD} 0x1A 0x1A | [RFC-to-be] | | Reserved | {TBD} 0x2A 0x2A | [RFC-to-be] | | Reserved | {TBD} 0x3A 0x3A | [RFC-to-be] | | Reserved | {TBD} 0x4A 0x4A | [RFC-to-be] | | Reserved | {TBD} 0x5A 0x5A | [RFC-to-be] | | Reserved | {TBD} 0x6A 0x6A | [RFC-to-be] | | Reserved | {TBD} 0x7A 0x7A | [RFC-to-be] | | Reserved | {TBD} 0x8A 0x8A | [RFC-to-be] | | Reserved | {TBD} 0x9A 0x9A | [RFC-to-be] | | Reserved | {TBD} 0xAA 0xAA | [RFC-to-be] | | Reserved | {TBD} 0xBA 0xBA | [RFC-to-be] | | Reserved | {TBD} 0xCA 0xCA | [RFC-to-be] | | Reserved | {TBD} 0xDA 0xDA | [RFC-to-be] | | Reserved | {TBD} 0xEA 0xEA | [RFC-to-be] | | Reserved | {TBD} 0xFA 0xFA | [RFC-to-be] | +----------+-------------------------+-----------------+ IANA understands that the Protocol IDs, next to the { TBD } are suggested values based on earlier interoperability testing. IANA will attempt to use these values. As this also requests registrations in a Specification Required (see RFC 8126) registry, the IESG-designated experts for the TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs registry have asked that you send a review request to the mailing list tls-reg-review@ietf.org. Expert review will need to be completed before your document can be approved for publication as an RFC. The IANA Functions Operator understands that these are the only actions required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed. Thank you, Sabrina Tanamal Senior IANA Services Specialist |
2019-08-12
|
03 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2019-08-12
|
03 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2019-08-01
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Francis Dupont |
2019-08-01
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Francis Dupont |
2019-08-01
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Carl Wallace |
2019-08-01
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Carl Wallace |
2019-07-29
|
03 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2019-07-29
|
03 | Amy Vezza | The following Last Call announcement was sent out (ends 2019-08-12): From: The IESG To: IETF-Announce CC: draft-ietf-tls-grease@ietf.org, tls-chairs@ietf.org, Sean Turner , tls@ietf.org, … The following Last Call announcement was sent out (ends 2019-08-12): From: The IESG To: IETF-Announce CC: draft-ietf-tls-grease@ietf.org, tls-chairs@ietf.org, Sean Turner , tls@ietf.org, sean@sn3rd.com, kaduk@mit.edu Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Applying GREASE to TLS Extensibility) to Informational RFC The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Applying GREASE to TLS Extensibility' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2019-08-12. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes GREASE (Generate Random Extensions And Sustain Extensibility), a mechanism to prevent extensibility failures in the TLS ecosystem. It reserves a set of TLS protocol values that may be advertised to ensure peers correctly handle unknown values. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tls-grease/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tls-grease/ballot/ No IPR declarations have been submitted directly on this I-D. |
2019-07-29
|
03 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2019-07-29
|
03 | Benjamin Kaduk | Last call was requested |
2019-07-29
|
03 | Benjamin Kaduk | Last call announcement was generated |
2019-07-29
|
03 | Benjamin Kaduk | Ballot approval text was generated |
2019-07-29
|
03 | Benjamin Kaduk | Ballot writeup was generated |
2019-07-29
|
03 | Benjamin Kaduk | IESG state changed to Last Call Requested from AD Evaluation |
2019-07-29
|
03 | David Benjamin | New version available: draft-ietf-tls-grease-03.txt |
2019-07-29
|
03 | (System) | New version approved |
2019-07-29
|
03 | (System) | Request for posting confirmation emailed to previous authors: David Benjamin |
2019-07-29
|
03 | David Benjamin | Uploaded new revision |
2019-07-02
|
02 | Benjamin Kaduk | IESG state changed to AD Evaluation from Publication Requested |
2019-02-26
|
02 | Sean Turner | Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent … Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent extensibility failures in the TLS ecosystem. This document reserves some currently unused values for TLS implementations to advertise at random. Correctly implemented peers will ignore these values and interoperate. Peers that do not tolerate unknown values will fail to interoperate, revealing the mistake before it is widespread. The intended status is Informational, which is sufficient to assign the code points in the TLS registries. Technically, after the publication of RFC 8447 this draft does not need to be published as an RFC to perform these code point assignments but because GREASE was successfully used to uncover extensibility failures in the TLS ecosystems, other protocols could benefit from the same mechanism, and we hear it is easy to publish RFCs we figured we exercise the process to get this draft published. Review and Consensus David presented the draft multiple times to the WG. He has also presented the concept elsewhere; this happen to be my favorite: https://www.youtube.com/watch?v=_mE_JmwFi1Y The concept is well understood and was reviewed and adopted by the WG. But, there's not much to the draft so there was no controversy (thankfully). The draft's timeline is quite long but that is primarily because of the WG chairs as well as the slow progress of RFC 8447, which allowed an informational draft to do the assigments. Intellectual Property The DS confirmed with the author that any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. Other Considerations There are DOWNREFS in this draft. This entire document is one beig IANA consideration. The DS did consult IANA about GREASE and their suggestion was to check with the Registry DEs. The DS consulted with the DEs and they gave the thumbs up! GREASE is implemented by Chrome. |
2019-02-26
|
02 | Sean Turner | Responsible AD changed to Benjamin Kaduk |
2019-02-26
|
02 | Sean Turner | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2019-02-26
|
02 | Sean Turner | IESG state changed to Publication Requested from I-D Exists |
2019-02-26
|
02 | Sean Turner | IESG process started in state Publication Requested |
2019-02-26
|
02 | Sean Turner | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2019-01-24
|
02 | Sean Turner | IETF WG state changed to In WG Last Call from WG Document |
2019-01-17
|
02 | Sean Turner | Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent … Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent extensibility failures in the TLS ecosystem. This document reserves some currently unused values for TLS implementations to advertise at random. Correctly implemented peers will ignore these values and interoperate. Peers that do not tolerate unknown values will fail to interoperate, revealing the mistake before it is widespread. The intended status is Informational, which is sufficient to assign the code points in the TLS registries. Technically, after the publication of RFC 8447 this draft does not need to be published as an RFC to perform these code point assignments but because GREASE was successfully used to uncover extensibility failures in the TLS ecosystems, other protocols could benefit from the same mechanism, and we hear it is easy to publish RFCs we figured we exercise the process to get this draft published. Review and Consensus David presented the draft multiple times to the WG. He has also presented the concept elsewhere; this happen to be my favorite: https://www.youtube.com/watch?v=_mE_JmwFi1Y The concept is well understood and was reviewed and adopted by the WG. But, there's not much to the draft so there was no controversy (thankfully). The draft's timeline is quite long but that is primarily because of the WG chairs as well as the slow progress of RFC 8447, which allowed an informational draft to do the assigments. Intellectual Property The DS confirmed with the author that any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. Other Considerations There are DOWNREFS in this draft. This entire document is one beig IANA consideration. The DS did consult IANA about GREASE and their suggestion was to check with the Registry DEs. The DS consulted with the DEs and they gave the thumbs up! GREASE is implemented by Chrome. |
2019-01-16
|
02 | Sean Turner | Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent … Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent extensibility failures in the TLS ecosystem. This document reserves some currently unused values for TLS implementations to advertise at random. Correctly implemented peers will ignore these values and interoperate. Peers that do not tolerate unknown values will fail to interoperate, revealing the mistake before it is widespread. The intended status is Informational, which is sufficient to assign the code points in the TLS registries. Technically, after the publication of RFC 8447 this draft does not need to be published as an RFC to perform these code point assignments but because GREASE was successfully used to uncover extensibility failures in the TLS ecosystems, other protocols could benefit from the same mechanism, and we hear it is easy to publish RFCs we figured we exercise the process to get this draft published. Review and Consensus David presented the draft multiple times to the WG. He has also presented the concept elsewhere; this happen to be my favorite: https://www.youtube.com/watch?v=_mE_JmwFi1Y The concept is well understood and was reviewed and adopted by the WG. But, there's no much to the draft so there was no controversy (thankfully). The draft's timeline is quite long but that is primarily because of the WG chairs as well as the slow progress of RFC 8447, which allowed an informational draft to do the assigments. Intellectual Property The DS confirmed with the author that any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. Other Considerations There are DOWNREFS in this draft. This entire document is one beig IANA consideration. The DS did consult IANA about GREASE and their suggestion was to check with the Registry DEs. The DS consulted with the DEs and they gave the thumbs up! GREASE is implemented by Chrome. |
2019-01-16
|
02 | Sean Turner | Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent … Summary Sean Turner is the DS. Ben Kaduk is the responsible AD. The GREASE (Generate Random Extensions And Sustain Extensibility) mechanism is intended to prevent extensibility failures in the TLS ecosystem. This document reserves some currently unused values for TLS implementations to advertise at random. Correctly implemented peers will ignore these values and interoperate. Peers that do not tolerate unknown values will fail to interoperate, revealing the mistake before it is widespread. The intended status is Informational, which is sufficient to assign the code points in the TLS registries. Technically, after the publication of RFC 8447 this draft does not need to be published as an RFC to perform these code point assignments but because GREASE was successfully used to uncover extensibility failures in the TLS ecosystems, other protocols could benefit from the same mechanism, and we hear it is easy to publish RFCs we figured we exercise the process to get this draft published. Review and Consensus David presented the draft multiple times to the WG. He has also presented the concept elsewhere; this happen to be my favorite: https://www.youtube.com/watch?v=_mE_JmwFi1Y The concept is well understood and was reviewed and adopted by the WG. But, there's no much to the draft so there was no controversy (thankfully). The draft's timeline is quite long but that is primarily because of the WG chairs as well as the slow progress of RFC 8447, which allowed an informational draft to do the assigments. Intellectual Property To be confirmed: The DS confirmed with the author that any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. Other Considerations There are DOWNREFS in this draft. This entire document is one beig IANA consideration. The DS did consult IANA about GREASE and their suggestion was to check with the Registry DEs. The DS consulted with the DEs and they gave the thumbs up! GREASE is implemented by Chrome. |
2019-01-16
|
02 | Sean Turner | Changed document URLs from: [] to: repository https://github.com/tlswg/draft-ietf-tls-grease |
2019-01-16
|
02 | Sean Turner | Changed consensus to Yes from Unknown |
2019-01-16
|
02 | Sean Turner | Intended Status changed to Informational from None |
2019-01-16
|
02 | Sean Turner | Notification list changed to Sean Turner <sean@sn3rd.com> |
2019-01-16
|
02 | Sean Turner | Document shepherd changed to Sean Turner |
2019-01-16
|
02 | David Benjamin | New version available: draft-ietf-tls-grease-02.txt |
2019-01-16
|
02 | (System) | New version approved |
2019-01-16
|
02 | (System) | Request for posting confirmation emailed to previous authors: David Benjamin |
2019-01-16
|
02 | David Benjamin | Uploaded new revision |
2018-12-08
|
01 | (System) | Document has expired |
2018-06-06
|
01 | David Benjamin | New version available: draft-ietf-tls-grease-01.txt |
2018-06-06
|
01 | (System) | New version approved |
2018-06-06
|
01 | (System) | Request for posting confirmation emailed to previous authors: David Benjamin |
2018-06-06
|
01 | David Benjamin | Uploaded new revision |
2017-07-22
|
00 | (System) | Document has expired |
2017-01-18
|
00 | (System) | This document now replaces draft-davidben-tls-grease instead of None |
2017-01-18
|
00 | David Benjamin | New version available: draft-ietf-tls-grease-00.txt |
2017-01-18
|
00 | (System) | New version approved |
2017-01-18
|
00 | David Benjamin | Request for posting confirmation emailed to submitter and authors: "David Benjamin" |
2017-01-18
|
00 | David Benjamin | Uploaded new revision |