Re: [TLS] draft-ietf-tls-tls13 posted

2016-10-27 14:30 GMT+09:00 Eric Rescorla : > > > On Thu, Oct 27, 2016 at 4:27 PM, Kazuho Oku wrote: >> >> Hi, >> >> Thank you for posting draft-18, and thank you for the simplification of >> RMS. >> >> I have finished implementing resumption and early-data in

[TLS] Working Group Last Call for draft-ietf-tls-tls13-18

This is a working group last call announcement for draft-ietf-tls-tls13-18, to run through November 20. If possible, we would like to receive comments on the list by November 13 so they can be discussed at the meeting in Seoul. We hope to address any substantive issues raised during that process

Re: [TLS] SNI and Resumption/0-RTT

Picking a message somewhat at random to reply to with some more-general observations... On 10/24/2016 05:48 PM, Victor Vasiliev wrote: > I believe that an ability to resume across different server_name values > specified in the subjectAltName of a certificate will have a positive > performance

Re: [TLS] Deprecating alert levels

Hi list, I recently saw a related CVE regarding OpenSSL on oss-security mailing list: CVE-2016-8610. The original mail is http://seclists.org/oss-sec/2016/q4/224. As I understand it, the idea is to send a continuous flow of unauthenticated, warning-level alerts in the middle of the initial