Re: [TLS] draft-ietf-tls-rfc4492bis-15 and the X25519 significant bit.

The change was slightly more involved than just striking the paragraph, so I've put together a PR here. It makes that section much shorter: https://github.com/tlswg/rfc4492bis/pull/38 On Wed, Mar 15, 2017 at 4:29 PM Eric Rescorla wrote: > This seems like compelling logic. The

Re: [TLS] draft-ietf-tls-rfc4492bis-15 and the X25519 significant bit.

This seems like compelling logic. The fingerprinting concern doesn't seem that serious in any case. -Ekr On Wed, Mar 15, 2017 at 1:25 PM, David Benjamin wrote: > draft-ietf-tls-rfc4492bis-15, section 5.11, contains the following text: > >Since there are some

[TLS] draft-ietf-tls-rfc4492bis-15 and the X25519 significant bit.

draft-ietf-tls-rfc4492bis-15, section 5.11, contains the following text: Since there are some implementation of the X25519 function that impose this restriction on their input and others that don't, implementations of X25519 in TLS SHOULD reject public keys when the high-order bit of

Re: [TLS] Interest in draft-sullivan-tls-exported-authentication

Hi Brian, Thanks for your comments. Answers inline. On Mon, Mar 13, 2017 at 8:13 PM Brian Sniffen wrote: > Can you help me understand what this means? > > servers that are authoritative for multiple domains the same > connection but do not have a certificate

Re: [TLS] Review of draft-ietf-tls-rfc4492bis-15

LGTM > On 15 Mar 2017, at 21:32, David Benjamin wrote: > > How's this look? https://github.com/tlswg/rfc4492bis/pull/37 > > > On Wed, Mar 15, 2017 at 2:45 PM Yoav Nir >

Re: [TLS] Review of draft-ietf-tls-rfc4492bis-15

How's this look? https://github.com/tlswg/rfc4492bis/pull/37 On Wed, Mar 15, 2017 at 2:45 PM Yoav Nir wrote: > There is (going to be a re-spin). There already is a PR there. > > If you can make a PR to solve your issue, that would be great. > > On 15 Mar 2017, at 19:20,

Re: [TLS] Review of draft-ietf-tls-rfc4492bis-15

There is (going to be a re-spin). There already is a PR there. If you can make a PR to solve your issue, that would be great. > On 15 Mar 2017, at 19:20, David Benjamin wrote: > > If there's to be a respin anyway, I have another small editorial comment: >

Re: [TLS] Review of draft-ietf-tls-rfc4492bis-15

If there's to be a respin anyway, I have another small editorial comment: https://github.com/tlswg/rfc4492bis/issues/36 On Wed, Mar 15, 2017 at 11:22 AM Eric Rescorla wrote: > FWIW, there's a lot here, but I think it's all essentially editorial, so > it shouldn't > be that hard

Re: [TLS] Review of draft-ietf-tls-rfc4492bis-15

FWIW, there's a lot here, but I think it's all essentially editorial, so it shouldn't be that hard to clean up. -Ekr On Wed, Mar 15, 2017 at 8:07 AM, Stephen Farrell wrote: > > Thanks Eric, > > Let's see what folks say in response to this and I can post > anything

Re: [TLS] Review of draft-ietf-tls-rfc4492bis-15

Thanks Eric, Let's see what folks say in response to this and I can post anything not immediately resolved as a DISCUSS ballot. We can then process that in the coming week or two, and you can take over the DISCUSS for whatever's not resolved by the swap-over in Chicago. Or if someone else wants

[TLS] Review of draft-ietf-tls-rfc4492bis-15

Sorry for the late review of this document. I just got to it this week. I'm sending this as comments rather than issues/PR due to how late it is in the proces. I have two high-level comments: - This document seems to still have a bunch of material about static DH (especially static DH

Re: [TLS] Kathleen Moriarty's Yes on draft-ietf-tls-rfc4492bis-15: (with COMMENT)

> On 15 Mar 2017, at 3:07, Sean Turner wrote: > > >> On Mar 14, 2017, at 18:57, Martin Thomson wrote: >> >> On 15 March 2017 at 09:05, Yoav Nir wrote: >>> A secure hash function such as the SHA-256, SHA-384, and SHA-512 >>>