Re: [TLS] PR #624: Remove Supplemental Auth from TLS 1.3

2016-09-03 Thread Andrei Popov
Yes, I think so. Cheers, Andrei From: Eric Rescorla [mailto:e...@rtfm.com] Sent: Saturday, September 3, 2016 4:07 PM To: Andrei Popov Cc: tls@ietf.org Subject: Re: [TLS] PR #624: Remove Supplemental Auth from TLS 1.3 Thanks for flagging this. Looks like it can just

Re: [TLS] PR #624: Remove Supplemental Auth from TLS 1.3

2016-09-03 Thread Eric Rescorla
Thanks for flagging this. Looks like it can just go right before Certificate in the client's second flight... -Ekr On Sat, Sep 3, 2016 at 2:44 PM, Andrei Popov wrote: > Hi Eric, > > > > MS TLS stack uses the user_mapping extension (to map TLS clients to > Windows

Re: [TLS] PR #624: Remove Supplemental Auth from TLS 1.3

2016-09-03 Thread Andrei Popov
Hi Eric, MS TLS stack uses the user_mapping extension (to map TLS clients to Windows domain users). We do not implement client/server_authz. Cheers, Andrei From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Eric Rescorla Sent: Saturday, September 3, 2016 12:54 PM To: tls@ietf.org Subject:

[TLS] PR #624: Remove Supplemental Auth from TLS 1.3

2016-09-03 Thread Eric Rescorla
https://github.com/tlswg/tls13-spec/pull/624 We currently have code points assigned for user_mapping [RFC4681] client_authz [RFC5878] server_authz [RFC5878] These aren't well-specified for use in TLS 1.3 and my sense is that they are barely used. Any objections to just banning them? If not,

Re: [TLS] SHA-3 in SignatureScheme

2016-09-03 Thread Yoav Nir
> On 2 Sep 2016, at 10:28 PM, Blumenthal, Uri - 0553 - MITLL > wrote: > We have SHA-256 and SHA-384. > > No. By the same token we have AES-128, AES-256, ECDHE over P256, etc. > > I support adding SHA-3 to the core. > > Alternatively, feel free to throw ChaCha out and

Re: [TLS] TLS 1.3 -> TLS 2.0?

2016-09-03 Thread Colm MacCárthaigh
On Tue, Aug 30, 2016 at 11:19 AM, Dave Garrett wrote: > I think it's time we just renamed TLS 1.3 to TLS 2.0. +0.7 -- Colm ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] TLS 1.3 -> TLS 2.0?

2016-09-03 Thread Peter Gutmann
Dave Garrett writes: >The HTTP/2 spec explicitly refers to TLS 1.3 and up as not needing the >security restrictions on TLS 1.2 it lays out. Given that LTS fixes all (known) problems in TLS 1.2 and earlier (hey, if you know of weaknesses/attacks, say so now), it doesn't