Ack - thanks for letting us know, Eric. Sandy
> On Jan 30, 2026, at 2:33 PM, Eric Rescorla <[email protected]> wrote: > > There isn't anything you can do at this time. > > On Fri, Jan 30, 2026 at 2:32 PM Sandy Ginoza <[email protected]> > wrote: > Greetings, > > Please let us know how we can help advance this document to publication. > > Thanks, > Sandy Ginoza > RFC Production Center > > > > > On Jan 14, 2026, at 5:03 PM, Sandy Ginoza <[email protected]> > > wrote: > > > > Hi Eric, > > > > This is a friendly reminder that we await your review. Please let us know > > if there are any further issues that need to be addressed before you > > continue with your review. > > > > Please note that we updated the date to reflect January 2026 but have made > > no other changes since the update described below. > > > > Thanks, > > Sandy Ginoza > > RFC Production Center > > > > > > > >> On Dec 22, 2025, at 3:38 PM, Sandy Ginoza <[email protected]> > >> wrote: > >> > >> Hi Eric, > >> > >> As requested, we have re-reviewed the updates to text that was untouched > >> from RFC 8446. In keeping with that style, we reverted many of the > >> updates that were introduced in the new text as well. Corrections remain > >> in place. The entries for ACM Proceedings have also been reverted, but > >> other updates remain. > >> > >> Please review the files and reply to the questions sent previously (they > >> are still relevant). And, please provide the update "related to PKCS > >> v1.5” that Paul mentioned. > >> > >> > >> The current set of file are available here: > >> https://www.rfc-editor.org/authors/rfc9846.md > >> https://www.rfc-editor.org/authors/rfc9846.txt > >> https://www.rfc-editor.org/authors/rfc9846.html > >> https://www.rfc-editor.org/authors/rfc9846.pdf > >> > >> > >> Comprehensive diffs: > >> https://www.rfc-editor.org/authors/rfc9846-diff.html > >> https://www.rfc-editor.org/authors/rfc9846-rfcdiff.html > >> > >> Markdown diffs: > >> https://www.rfc-editor.org/authors/rfc9846-md-diff.html > >> https://www.rfc-editor.org/authors/rfc9846-md-rfcdiff.html > >> > >> > >> Thank you, > >> Sandy Ginoza > >> RFC Production Center > >> > >> > >> > >>> On Dec 16, 2025, at 5:16 PM, Eric Rescorla <[email protected]> wrote: > >>> > >>> Hi, > >>> > >>> I've taken an initial look at this version of the document and I see that > >>> in a number > >>> of cases references which were present in RFC 8446 have been changed. > >>> For example: > >>> > >>> RFC8446: > >>> > >>> [Kraw16] Krawczyk, H., "A Unilateral-to-Mutual Authentication > >>> Compiler for Key Exchange (with Applications to Client > >>> Authentication in TLS 1.3", Proceedings of ACM CCS 2016, > >>> October 2016, <https://eprint.iacr.org/2016/711>. > >>> > >>> RFC9846-to-be: > >>> [Kraw10] Krawczyk, H., "Cryptographic Extraction and Key > >>> Derivation: The HKDF Scheme", Cryptology ePrint Archive, > >>> Paper 2010/264, 2010, <https://eprint.iacr.org/2010/264>. > >>> > >>> This is a regression. The situation here is that this paper was published > >>> in > >>> ACM CCS (a top 4 conference) but the proceedings aren't public, and so > >>> the link is to ePrint, which is public. It's misleading to have the > >>> citation > >>> be to ePrint as if this wasn't peer reviewed published work. It's of > >>> course > >>> possible that this isn't exactly the paper that was presented at > >>> CCS, but I think this is generally the right practice. There are quite a > >>> few of these > >>> and I think we should reverse them to match RFC 8446. > >>> > >>> In addition, some spot-checking finds other places where there are minor > >>> edits in > >>> this document to text which is otherwise unchanged from RFC 8446, > >>> especially > >>> around commas. I think there should be a fairly strong presumption that > >>> the > >>> text in 8446 is correct and shouldn't be changed unless there is a real > >>> error, > >>> as opposed to just that upon repeated copy-edit someone thinks it reads > >>> better. > >>> > >>> Can the RPC please go through its proposed changes to identify variances > >>> from RFC 8446 in text that is otherwise unchanged and reconsider whether > >>> those changes are in fact necessary? > >>> > >>> Thanks, > >>> -Ekr > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> On Tue, Dec 16, 2025 at 6:17 AM Paul Wouters <[email protected]> > >>> wrote: > >>> This document requires a small change applied to it related to PKCS v1.5 > >>> Eric has the change for this. > >>> > >>> Paul > >>> > >>> > >>> > >>> On Tue, Dec 16, 2025 at 12:06 AM <[email protected]> wrote: > >>> Authors, > >>> > >>> While reviewing this document during AUTH48, please resolve (as > >>> necessary) > >>> the following questions, which are also in the source file. > >>> > >>> 1) <!-- [rfced] Please insert any keywords (beyond those that appear in > >>> the title) for use on https://www.rfc-editor.org/search. --> > >>> > >>> > >>> 2) <!-- [rfced] The document header indicates it obsoletes and updates > >>> the > >>> following RFCs: > >>> > >>> Obsoletes: 8446 > >>> Updates: 5705, 6066, 7627, 8422 > >>> > >>> In the body of the document, we see the text below. Note that the > >>> mentions of updates seem consistent with the document header. However, > >>> the text specifies that it obsoletes more than just RFC 8446, likely > >>> because RFC 8446 obsoleted those documents. Please review and let us > >>> know how/if the header can be consistent with the body of the document. > >>> > >>> a) Abstract: Note that we removed 8422 from the obsoletes list because > >>> this doc seemingly updates it. > >>> > >>> This document updates RFCs 5705, 6066, 7627, and 8422 and obsoletes > >>> RFCs 5077, 5246, 6961, 8422, and 8446. > >>> > >>> > >>> b) Introduction: > >>> > >>> This document supersedes and obsoletes previous versions of TLS, > >>> including version 1.2 [RFC5246]. It also obsoletes the TLS ticket > >>> mechanism defined in [RFC5077] and replaces it with the mechanism > >>> defined in Section 2.2. Because TLS 1.3 changes the way keys are > >>> derived, it updates [RFC5705] as described in Section 7.5. It also > >>> changes how Online Certificate Status Protocol (OCSP) messages are > >>> carried and therefore updates [RFC6066] and obsoletes [RFC6961] as > >>> described in Section 4.4.2.1. > >>> > >>> --> > >>> > >>> > >>> 3) <!--[rfced] The following RFCs have been obsoleted as follows. May > >>> they > >>> be replaced with the obsoleting RFC? > >>> > >>> RFC 6347 has been obsoleted by RFC 9147 > >>> RFC 6962 has been obsoleted by RFC 9162 > >>> RFC 7507 has been obsoleted by RFC 8996 > >>> --> > >>> > >>> > >>> 4) <!-- [rfced] This reference appears to match the information for the > >>> following Internet-Draft: > >>> https://datatracker.ietf.org/doc/draft-hickman-netscape-ssl/ > >>> > >>> May we update this reference to point to this I-D? > >>> > >>> Current: > >>> [SSL2] Hickman, K., "The SSL Protocol", 9 February 1995. > >>> > >>> Perhaps: > >>> [SSL2] Elgamal, T. and K. E. Hickman, "The SSL Protocol", Work in > >>> Progress, Internet-Draft, draft-hickman-netscape-ssl-00, > >>> 19 April 1995, <https://datatracker.ietf.org/doc/html/ > >>> draft-hickman-netscape-ssl-00>. > >>> --> > >>> > >>> > >>> 5) <!-- [rfced] We updated [I-D.ietf-tls-esni] to [PRE-RFC9849] for now. > >>> We will make the final updates in RFCXML. > >>> > >>> --> > >>> > >>> > >>> 6) <!--[rfced] As "requiring" and "should" seem to contradict in this > >>> statement, may we remove "should" from the text below? > >>> > >>> Original: > >>> * Clarify behavior around "user_canceled", requiring that > >>> "close_notify" be sent and that "user_canceled" should be ignored. > >>> > >>> Perhaps: > >>> * Clarify behavior around "user_canceled", requiring that > >>> "close_notify" be sent and that "user_canceled" be ignored. > >>> --> > >>> > >>> > >>> 7) <!--[rfced] FYI - We have updated Figure 1 to fit the 72-character > >>> limit. Please review and let us know if any further updates are needed. > >>> --> > >>> > >>> > >>> 8) <!--[rfced] The SVG in Figures 1 and 4 are outputting a solid circle > >>> for > >>> this text, while the figure displays *. Please review. One possible fix > >>> would be to move the legend outside of the figure. Please review and let > >>> us know how this may be updated. > >>> > >>> Original: > >>> * Indicates optional or situation-dependent > >>> messages/extensions that are not always sent. > >>> --> > >>> > >>> > >>> 9) <!--[rfced] Table 1 > >>> > >>> a) FYI - We have updated the citation for "record_size_limit" from > >>> [RFC8849] to [RFC8449], as [RFC8449] defines the extension and [RFC8849] > >>> does not have any mention of it. > >>> > >>> Original: > >>> record_size_limit [RFC8849] > >>> > >>> Current: > >>> record_size_limit [RFC8449] > >>> > >>> > >>> b) We note that RFC 9345 uses "delegated_credential" rather than > >>> "delegated_credentials" (no "s"). May we update the extension to reflect > >>> RFC 9345? > >>> > >>> Current: > >>> delegated_credentials {{RFC9345}} > >>> --> > >>> > >>> > >>> 10) <!-- [rfced] Table 2 extends one character line beyond the width > >>> limit. > >>> We will play with this in the RFCXML file, but please let us know if you > >>> see a good way to break the lines differently. > >>> --> > >>> > >>> > >>> 11) <!--[rfced] We believe the intention of this line to note that the > >>> asterisk has a specific meaning when present. Please note that we will > >>> update the XML to treat this as <dl>. Currently, kramdown treats this as > >>> a bulleted list item, and definition list yields the following: > >>> > >>> *: Only included if present. > >>> --> > >>> > >>> > >>> 12) <!--[rfced] May we rephrase the definition of this error alert to > >>> improve readability and provide clarity? > >>> > >>> Original: > >>> unrecognized_name: Sent by servers when no server exists identified > >>> by the name provided by the client via the "server_name" extension > >>> (see [RFC6066]). > >>> > >>> Perhaps: > >>> unrecognized_name: Sent by servers when no server that can be identified > >>> by the name provided by the client via the "server_name" extension > >>> (see [RFC6066]) exists. > >>> --> > >>> > >>> > >>> 13) <!--[rfced] In Section 9.1, may we format these two items into an > >>> unordered list? > >>> > >>> Original: > >>> In the absence of an application profile standard specifying > >>> otherwise: > >>> > >>> A TLS-compliant application MUST implement the TLS_AES_128_GCM_SHA256 > >>> [GCM] cipher suite and SHOULD implement the TLS_AES_256_GCM_SHA384 > >>> [GCM] and TLS_CHACHA20_POLY1305_SHA256 [RFC8439] cipher suites (see > >>> Appendix B.4). > >>> > >>> A TLS-compliant application MUST support digital signatures with > >>> rsa_pkcs1_sha256 (for certificates), rsa_pss_rsae_sha256 (for > >>> CertificateVerify and certificates), and ecdsa_secp256r1_sha256. A > >>> TLS-compliant application MUST support key exchange with secp256r1 > >>> (NIST P-256) and SHOULD support key exchange with X25519 [RFC7748]. > >>> > >>> Perhaps: > >>> In the absence of an application profile standard specifying > >>> otherwise: > >>> > >>> * A TLS-compliant application MUST implement the TLS_AES_128_GCM_SHA256 > >>> [GCM] cipher suite and SHOULD implement the TLS_AES_256_GCM_SHA384 > >>> [GCM] and TLS_CHACHA20_POLY1305_SHA256 [RFC8439] cipher suites (see > >>> Appendix B.4). > >>> > >>> * A TLS-compliant application MUST support digital signatures with > >>> rsa_pkcs1_sha256 (for certificates), rsa_pss_rsae_sha256 (for > >>> CertificateVerify and certificates), and ecdsa_secp256r1_sha256. A > >>> TLS-compliant application MUST support key exchange with secp256r1 > >>> (NIST P-256) and SHOULD support key exchange with X25519 [RFC7748]. > >>> --> > >>> > >>> > >>> 14) <!--[rfced] FYI, we have updated the parenthetical text as follows to > >>> better describe the "TLS Supported Groups" registry. Please review and > >>> let us know of any objections. > >>> > >>> Original: > >>> This document updates two entries in the TLS Supported Groups > >>> registry (created under a different name by [RFC4492]; now maintained > >>> by [RFC8422]) and updated by [RFC7919] and [RFC8447]. > >>> > >>> Current: > >>> This document updates two entries in the "TLS Supported Groups" > >>> registry (created under a different name by [RFC4492]; now maintained > >>> by [RFC8422] and updated by [RFC7919] and [RFC8447]). > >>> --> > >>> > >>> > >>> 15) <!--[rfced] We note that some author comments are present in the > >>> markdown file. Please confirm that no updates related to these comments > >>> are > >>> outstanding. Note that the comments will be deleted prior to publication. > >>> > >>> {::comment}Cite IND-CPA?{:/comment} > >>> > >>> {::comment}Cite INT-CTXT?{:/comment} > >>> --> > >>> > >>> > >>> 16) <!--[rfced] FYI - We have updated some artwork to sourcecode. Please > >>> review and let us know if further updates are necessary. > >>> --> > >>> > >>> > >>> 17) <!-- [rfced] Please review whether any of the notes in this document > >>> should be in the <aside> element. It is defined as "a container for > >>> content that is semantically less important or tangential to the > >>> content that surrounds it" > >>> (https://authors.ietf.org/en/rfcxml-vocabulary#aside). > >>> --> > >>> > >>> > >>> 18) <!-- [rfced] FYI - We have added expansions for the following > >>> abbreviations per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please > >>> review each expansion in the document carefully to ensure correctness. > >>> > >>> Elliptic Curve Cryptography (ECC) > >>> Finite Field DHE (FFDHE) > >>> Internet of Things (IoT) > >>> --> > >>> > >>> > >>> 19) <!-- [rfced] Please review the "Inclusive Language" portion of the > >>> online Style Guide > >>> <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> > >>> and let us know if any changes are needed. Updates of this nature > >>> typically result in more precise language, which is helpful for readers. > >>> > >>> For example, please consider whether the following should be updated: > >>> dummy > >>> man-in-the-middle > >>> > >>> In addition, please consider whether "traditionally" should be updated > >>> for > >>> clarity. While the NIST website > >>> <https://web.archive.org/web/20250203031433/https://nvlpubs.nist.gov/nistpubs/ir/2021/NIST.IR.8366.pdf> > >>> > >>> indicates that this term is potentially biased, it is also ambiguous. > >>> "Tradition" is a subjective term, as it is not the same for everyone. > >>> --> > >>> > >>> > >>> 20) <!-- [rfced] FYI - we will convert the list of Contributors contained > >>> within <artwork> to be listed with the <contact> element once the file is > >>> converted to RFCXML. > >>> > >>> In addition, we will update the following reference entries that were a > >>> challenge to update in markdown. > >>> > >>> [BBFGKZ16] > >>> [BBK17] > >>> [CCG16] > >>> [CHECKOWAY] > >>> [CHSV16] > >>> [JSS15] > >>> [LXZFH16] > >>> [SLOTH] > >>> [CK01] > >>> [CLINIC] > >>> [DH76] > >>> [DOW92] > >>> [HCJC16] > >>> [RSA] > >>> [SIGMA] > >>> [FETCH] > >>> [SHS] > >>> [DSS] > >>> [ECDP] > >>> [KEYAGREEMENT] > >>> --> > >>> > >>> > >>> Thank you. > >>> Alanna Paloma and Sandy Ginoza > >>> RFC Production Center > >>> > >>> On Dec 15, 2025, at 8:57 PM, [email protected] wrote: > >>> > >>> *****IMPORTANT***** > >>> > >>> Updated 2025/12/15 > >>> > >>> RFC Author(s): > >>> > >>> Your document has now entered AUTH48. > >>> > >>> The document was edited in kramdown-rfc as part of the RPC pilot test > >>> (see > >>> https://www.rfc-editor.org/rpc/wiki/doku.php?id=pilot_test_kramdown_rfc). > >>> > >>> Please review the procedures for AUTH48 using kramdown-rfc: > >>> > >>> https://www.rfc-editor.org/rpc/wiki/doku.php?id=pilot_test_instructions_completing_auth48_using_kramdown > >>> > >>> Once your document has completed AUTH48, it will be published as > >>> an RFC. > >>> > >>> > >>> Files > >>> ----- > >>> > >>> The files are available here: > >>> https://www.rfc-editor.org/authors/rfc9846.md > >>> https://www.rfc-editor.org/authors/rfc9846.html > >>> https://www.rfc-editor.org/authors/rfc9846.pdf > >>> https://www.rfc-editor.org/authors/rfc9846.txt > >>> > >>> Diff file of the text: > >>> https://www.rfc-editor.org/authors/rfc9846-diff.html > >>> https://www.rfc-editor.org/authors/rfc9846-rfcdiff.html (side by side) > >>> > >>> Diff of the kramdown: > >>> https://www.rfc-editor.org/authors/rfc9846-md-diff.html > >>> https://www.rfc-editor.org/authors/rfc9846-md-rfcdiff.html (side by side) > >>> > >>> > >>> Tracking progress > >>> ----------------- > >>> > >>> The details of the AUTH48 status of your document are here: > >>> https://www.rfc-editor.org/auth48/rfc9846 > >>> > >>> Please let us know if you have any questions. > >>> > >>> Thank you for your cooperation, > >>> > >>> RFC Editor > >>> > >>> -------------------------------------- > >>> RFC 9846 (draft-ietf-tls-rfc8446bis-14) > >>> > >>> Title : The Transport Layer Security (TLS) Protocol Version 1.3 > >>> Author(s) : E. Rescorla > >>> WG Chair(s) : Joseph A. Salowey, Sean Turner, Deirdre Connolly > >>> > >>> Area Director(s) : Deb Cooley, Paul Wouters > >>> > >>> > >>> > >> > > > -- auth48archive mailing list -- [email protected] To unsubscribe send an email to [email protected]
