Re: [TLS] 3rd WGLC: draft-ietf-tls-tls13

Thanks for the abundant generosity of patience, but I didn't mean that I wanted to add a note to the text of the I-D, there's been enough delay and I'm excited to see this progress. I just meant "add a note" in my e-mail ;-) Though I do like your terse note, it's right to the point. On Sun, Jan

Re: [TLS] The future devices that will break TLS 1.4

The research that this is built on isn't especially new: https://arxiv.org/abs/1607.01639 The interesting observation in that paper is that the results are obtained only from the subset of malware that uses its own TLS configuration. Those that used the Windows stack in a default configuration

Re: [TLS] 3rd WGLC: draft-ietf-tls-tls13

Hi Colm, Thanks for your note. This seems straightforward to handle before IETF-LC. Maybe something like: "Note: many application layer protocols implicitly assume that replays are handled at lower levels. Tailure to observe these precautions may exposes your application to serious risks which

Re: [TLS] 3rd WGLC: draft-ietf-tls-tls13

Back during the previous last call, I felt really guilty about bringing up the 0-RTT stuff so late. Even though it turned out that middle boxes turned out to be a bigger problem to deal with anyway, I just want to say that I'm really grateful for the 0-RTT related changes in the document and for

Re: [TLS] 3rd WGLC: draft-ietf-tls-tls13

Ship it -- Tony Arcieri ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] The future devices that will break TLS 1.4

On Sat, Jan 13, 2018 at 12:02 AM, Hanno Böck wrote: > > The question I want to ask: What can we do *now* to stop this from > happening when TLS 1.4 will be deployed? I have the feeling GREASE > won't be enough... Sidebar: TLS 4 ;) -- Tony Arcieri