Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Eric Rescorla
On Fri, Mar 31, 2017 at 9:12 AM, Dr Stephen Henson < li...@drh-consultancy.co.uk> wrote: > On 27/03/2017 08:47, Olivier Levillain wrote: > > > > For a longer version, post-handshake records of type Handshake can be of > > three kinds: > > - NewSessionTicket (sent by the server, and that can

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Dr Stephen Henson
On 27/03/2017 08:47, Olivier Levillain wrote: > > For a longer version, post-handshake records of type Handshake can be of > three kinds: > - NewSessionTicket (sent by the server, and that can safely be ignored > entirely by clients) > - KeyUpdate (sent by either party, requiring only a bit of

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Hubert Kario
On Tuesday, 28 March 2017 08:23:33 CEST Kaduk, Ben wrote: > On 3/13/17, 12:30, "Sean Turner" wrote: > Do we want to add some commentary about the extant SHA1 collisions when we > say that {rsa_pkcs1,dsa,ecdsa}_sha1 are only SHOULD NOT? There still are non-insignificant number of

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Eric Rescorla
Yes, we discussed this at IETF 98 and had rough consensus. I'll be merging this PR this week -Ekr On Fri, Mar 31, 2017 at 6:57 AM, Olivier Levillain < olivier.levill...@ssi.gouv.fr> wrote: > Hi, > > > I think there is at least another issue that still needs to be > > discussed: how to properly

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Olivier Levillain
Hi, > I think there is at least another issue that still needs to be > discussed: how to properly handle post-handshake handshake messages. > > The subject has also been raised several times on GitHub > (https://github.com/tlswg/tls13-spec/pull/680, >