Re: [TLS] Genart last call review of draft-ietf-tls-tls13-24

Kathleen Moriarty writes: >I agree with Eric’s assessment, this could be in a new draft as an extension. Anyone want to work on this? I can contribute a bit by recycling the EtM text, which sets out how to communicate a boolean flag (for "I speak extended

Re: [TLS] Genart last call review of draft-ietf-tls-tls13-24

Sent from my mobile device > On Mar 30, 2018, at 5:20 PM, Eric Rescorla wrote: > > Hi folks, > > TLS 1.3 has been approved by the IESG and it's on its way to the RFC Editor, > so > I don't really see this changing any time soon for the base RFC. > > I think there's some

Re: [TLS] Genart last call review of draft-ietf-tls-tls13-24

Bill Frantz writes: >We have always avoided the long form error messages in TLS because they can >be of great help to attackers as well as debuggers. That's why I said it was a debug-only capability, not an always-enabled on-by- default capability. >I think this

Re: [TLS] Genart last call review of draft-ietf-tls-tls13-24

Hi folks, TLS 1.3 has been approved by the IESG and it's on its way to the RFC Editor, so I don't really see this changing any time soon for the base RFC. I think there's some debate about whether this is a good idea, but in any case, the right way to pursue it would be to publish a new draft,

Re: [TLS] Genart last call review of draft-ietf-tls-tls13-24

On 3/30/18 at 7:35 PM, pgut...@cs.auckland.ac.nz (Peter Gutmann) wrote: As you mention, debugging TLS is unnecessarily painful if there's a problem, you typically just get a handshake-failed alert which is essentially no information at all. Having a debug-mode capability to send back a

Re: [TLS] Breaking into TLS for enterprise "visibility" (don't do it)

Hi Martin > -Original Message- > From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Martin Rex > Sent: Thursday, March 29, 2018 4:47 AM > To: Steve Fenter > Cc: tls@ietf.org > Subject: Re: [TLS] Breaking into TLS for enterprise "visibility" (don't do it) > >