m...@sap.com (Martin Rex) writes:
> If anyone really thinks that there should be a scheme where a
> server's hostname is no longer transfered in a cleartext (including
> TLS extension SNI), then first of all a *NEW* distinct URI method
> should be defined for that purpose, e.g. "httph://" as a
On Wed, Oct 17, 2018 at 4:41 PM Martin Rex wrote:
> Eric Rescorla wrote:
> > Martin Rex wrote:
> >
> > > Sean Turner wrote:
> > > >
> > > > This is the working group last call for the
> > > > "Issues and Requirements for SNI Encryption in TLS"
> > > > draft available at
> > > >
Eric Rescorla wrote:
> Martin Rex wrote:
>
> > Sean Turner wrote:
> > >
> > > This is the working group last call for the
> > > "Issues and Requirements for SNI Encryption in TLS"
> > > draft available at
> > > http://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/.
> > > Please review
On Wed, Oct 17, 2018 at 10:03 AM Martin Rex wrote:
> Sean Turner wrote:
> >
> > This is the working group last call for the
> > "Issues and Requirements for SNI Encryption in TLS"
> > draft available at
> > http://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/.
> > Please review the
On Wed, Oct 17, 2018 at 7:40 AM Benjamin Kaduk wrote:
> On Wed, Oct 17, 2018 at 06:18:27AM -0700, Eric Rescorla wrote:
> > I'm responding to Ben here, because I think it's worth adding some
> clarity.
> > However, I want to flag that I'm going to be rather short on time for the
> > next
> > few
Sean Turner wrote:
>
> This is the working group last call for the
> "Issues and Requirements for SNI Encryption in TLS"
> draft available at
> http://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/.
> Please review the document and send your comments to the list
> by 2359 UTC on 31
> On Oct 17, 2018, at 9:18 AM, Eric Rescorla wrote:
>> (1) provides a channel for DANE records that is reliable in the absence of
>> an attack
>
> I think this alone would be worthwhile -- and is the purpose I have always had
> in mind for the draft.
Well, a security mechanism that
Hiya,
I think this is more-or-less ready and I support
publication. My comments below, none of which are
show-stoppers but they might be worth a look.
Cheers,
S.
1. Shouldn't there be some mention of CT here somewhere?
Say if we have a good solution, but the hidden service's
cert is in CT
> On Oct 17, 2018, at 10:40, Benjamin Kaduk wrote:
>
> Seeing as you are busy the next few weeks, perhaps I can ask the chairs
> to go through the email history and summarize these substantial issues
> that have been raised -- I am not confident that I could reproduce them
> from memory,
On Wed, Oct 17, 2018 at 06:18:27AM -0700, Eric Rescorla wrote:
> I'm responding to Ben here, because I think it's worth adding some clarity.
> However, I want to flag that I'm going to be rather short on time for the
> next
> few week and not able to spend a lot of time replying to traffic on this
I'm responding to Ben here, because I think it's worth adding some clarity.
However, I want to flag that I'm going to be rather short on time for the
next
few week and not able to spend a lot of time replying to traffic on this
topic. Even more than usual, non-response to some point does not
On Wed, Oct 17, 2018 at 01:46:20AM -0400, Paul Wouters wrote:
> On Tue, 16 Oct 2018, Daniel Kahn Gillmor wrote:
>
> > That said, it sounds like negotiating the details of how to do this
> > pinning is the main blocker, and i'm sick of this proposal being blocked
> > (because i want it for
12 matches
Mail list logo
