Re: [TLS] Industry Concerns about TLS 1.3

nalini.elk...@insidethestack.com writes: > [ Unknown encryption status ] > [ Unknown signature status ] > > > >>> >>> What I am saying,  in relation to your "Delivering a stable product"  >>> comment is that over time various industries have learned what it takes to >>> "Deliver a stable

Re: [TLS] Industry Concerns about TLS 1.3

On Thu, Sep 22, 2016 at 03:29:42PM -0400, Dave Garrett wrote: > > Yes, all of these other channels are protected using TLS... which you > do not control in any way. Also, many sites/services already prioritize > FS cipher suites, so the deprecation of plain RSA key exchange doesn't > actually

Re: [TLS] Industry Concerns about TLS 1.3

What I mean is that we have Many MITM solutions today and they are able to be a good source for troubleshooting/diagnostics, in limited situations or perspectives.This lack of scope, depth and detail are what drove us to install the packet collection infrastructures (debugging networks I

Re: [TLS] Proposed Change to Certificate message (#654)

On Sat, Sep 24, 2016 at 09:31:51PM +1000, Martin Thomson wrote: > On 24 September 2016 at 19:17, Ilari Liusvaara > wrote: > > It occured to me that certain extensions might be considered to be per- > > chain. Like e.g. type of the certificate. Where do extensions like

Re: [TLS] Proposed Change to Certificate message (#654)

On Fri, Sep 23, 2016 at 11:05:10PM +, Nick Sullivan wrote: > Thanks for the suggestions. I've restructured my PR to include an array of > SingleCertificate objects in the Certificate structure. It occured to me that certain extensions might be considered to be per- chain. Like e.g. type of