Re: [TLS] DTLS 1.3

On Mon, Jul 04, 2016 at 01:56:01PM -0700, Eric Rescorla wrote: > On Mon, Jul 4, 2016 at 1:46 PM, Ilari Liusvaara > wrote: > > I think the obvious way is: > > > > - Cookies from HelloVerifyRequest go to legacy cookie field. > > - Cookies from HelloRetryRequest go to

Re: [TLS] DTLS 1.3

Hi Nikos, when it comes to optimizing the record layer then it basically boils down to the question about how middleboxes react to this type of change. In the IoT context the story is a bit easier since there greenfield deployments with new radio technologies where these types of middleboxes are

Re: [TLS] DTLS 1.3

On 04/07/16 20:54, Nikos Mavrogiannopoulos wrote: > > where id is sent by the server to the client either via an extension, or > by simply assuming that the client will copy and keep the ID seen at the > server packets (it doesn't really matter that this ID is unprotected as > it doesn't

Re: [TLS] DTLS 1.3

On Mon, Jul 04, 2016 at 03:54:19PM -0400, Nikos Mavrogiannopoulos wrote: > - Original Message - > > Hi all, > > > > I have made an attempt to integrate DTLS 1.3 into the TLS 1.3 document > > and you can find the result at https://github.com/tlswg/tls13-spec/pull/512 > > > > I have worked

Re: [TLS] DTLS 1.3

On Mon, Jul 04, 2016 at 09:45:38PM +0200, Hannes Tschofenig wrote: > Hi Ilari, > > thanks for your super quick response. > > On 07/04/2016 04:03 PM, Ilari Liusvaara wrote: > > On Mon, Jul 04, 2016 at 12:21:22PM +0200, Hannes Tschofenig wrote: > >> Hi all, > >> > >> I have made an attempt to

Re: [TLS] DTLS 1.3

Hi Ilari, thanks for your super quick response. On 07/04/2016 04:03 PM, Ilari Liusvaara wrote: > On Mon, Jul 04, 2016 at 12:21:22PM +0200, Hannes Tschofenig wrote: >> Hi all, >> >> I have made an attempt to integrate DTLS 1.3 into the TLS 1.3 document >> and you can find the result at

Re: [TLS] PR #23 for RFC4492bis

> On 4 Jul 2016, at 7:12 PM, David Benjamin wrote: > > On Mon, Jul 4, 2016 at 7:59 AM Yoav Nir > wrote: > > > On 4 Jul 2016, at 5:06 PM, Ilari Liusvaara > >

Re: [TLS] DTLS 1.3

On Mon, Jul 04, 2016 at 12:21:22PM +0200, Hannes Tschofenig wrote: > Hi all, > > I have made an attempt to integrate DTLS 1.3 into the TLS 1.3 document > and you can find the result at https://github.com/tlswg/tls13-spec/pull/512 > > I have worked on a prototype implementation of DTLS 1.3 and if

Re: [TLS] Remove EncryptedExtensions from 0-RTT

On Mon, Jul 4, 2016 at 5:51 AM, Ilari Liusvaara wrote: > On Sun, Jul 03, 2016 at 06:00:25PM -0700, Eric Rescorla wrote: > > I believe that this is the right design. > > > > The primary proposed use for EncryptedExtensions in the 0-RTT flight is > for > > EncryptedSNI.

Re: [TLS] More hello entropy? (was: PR 508: Move downgrade sentinel to end)

On Sun, Jul 03, 2016 at 09:22:27PM -0400, Dave Garrett wrote: > On Sunday, July 03, 2016 07:02:05 pm Eric Rescorla wrote: > > OTOH, those bytes will be more unique over time (because they are > > guaranteed not to repeat for a very long time after the second has passed), > > so intuitively this

Re: [TLS] Remove EncryptedExtensions from 0-RTT

On Sun, Jul 03, 2016 at 06:00:25PM -0700, Eric Rescorla wrote: > I believe that this is the right design. > > The primary proposed use for EncryptedExtensions in the 0-RTT flight is for > EncryptedSNI. However, I don't believe that they are actually that useful in > this case because the design

[TLS] PR #23 for RFC4492bis

Hi Based on an email exchange with Nikos Mavrogiannopoulos, I’ve submitted a PR. https://github.com/tlswg/rfc4492bis/pull/23 If there are no objections, I will accept it and submit version -08 this Friday. Thanks Yoav ___ TLS mailing list

[TLS] DTLS 1.3

Hi all, I have made an attempt to integrate DTLS 1.3 into the TLS 1.3 document and you can find the result at https://github.com/tlswg/tls13-spec/pull/512 I have worked on a prototype implementation of DTLS 1.3 and if someone else has something working by the time of the Hackathon in Berlin