Kathleen Moriarty writes:
>I agree with Eric’s assessment, this could be in a new draft as an extension.
Anyone want to work on this? I can contribute a bit by recycling the EtM
text, which sets out how to communicate a boolean flag (for "I speak extended
Sent from my mobile device
> On Mar 30, 2018, at 5:20 PM, Eric Rescorla wrote:
>
> Hi folks,
>
> TLS 1.3 has been approved by the IESG and it's on its way to the RFC Editor,
> so
> I don't really see this changing any time soon for the base RFC.
>
> I think there's some
Bill Frantz writes:
>We have always avoided the long form error messages in TLS because they can
>be of great help to attackers as well as debuggers.
That's why I said it was a debug-only capability, not an always-enabled on-by-
default capability.
>I think this
Hi folks,
TLS 1.3 has been approved by the IESG and it's on its way to the RFC
Editor, so
I don't really see this changing any time soon for the base RFC.
I think there's some debate about whether this is a good idea, but in any
case,
the right way to pursue it would be to publish a new draft,
On 3/30/18 at 7:35 PM, pgut...@cs.auckland.ac.nz (Peter Gutmann) wrote:
As you mention, debugging TLS is unnecessarily painful if there's a problem,
you typically just get a handshake-failed alert which is essentially no
information at all. Having a debug-mode capability to send back a
Hi Martin
> -Original Message-
> From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Martin Rex
> Sent: Thursday, March 29, 2018 4:47 AM
> To: Steve Fenter
> Cc: tls@ietf.org
> Subject: Re: [TLS] Breaking into TLS for enterprise "visibility" (don't do it)
>
>