[TLS] Genart last call review of draft-ietf-tls-tls13-24

Reviewer: Dale Worley Review result: Ready with Nits I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

On Fri, Mar 2, 2018 at 12:21 AM, Nikos Mavrogiannopoulos wrote: > On Thu, 2018-03-01 at 10:49 -0500, David A. Cooper wrote: > > > > I believe you are misinterpreting the text, but agree that it could > > be > > made more clear. > > > > Suppose that the ClientHello includes a

[TLS] I-D Action: draft-ietf-tls-tls13-25.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : The Transport Layer Security (TLS) Protocol Version 1.3 Author : Eric Rescorla Filename

Re: [TLS] New Version Notification for draft-rhrd-tls-tls13-visibility-01.txt

With no dis-respect to Russ or Ralph (but with zero acceptance/respect for the main concept espoused by this draft)... I request that the WG chairs not waste yet more time on agenda items dealing with proposals for breaking TLS - a working group that spends so many f2f hours (yes, hours,

[TLS] New Version Notification for draft-rhrd-tls-tls13-visibility-01.txt

A few minutes at the TLS WG session in London have been requested to talk about this draft. Russ > From: internet-dra...@ietf.org > Subject: New Version Notification for draft-rhrd-tls-tls13-visibility-01.txt > Date: March 2, 2018 at 3:58:35 PM EST > To: "Ralph Droms" ,

[TLS] A personal IETF draft on using Identity as raw public key for TLS has been uploaded to TLS data tracker

Dear all We have uploaded a personal draft on using identity as raw public key for TLS/DTLS to TLS group website just now. A pdf version is also attached in this email. Your comments are appreciated. Dr Yanjiang Yang, who is author of the draft, will attend the coming IETF 101 meeting. You

Re: [TLS] Possible timing attack on TLS 1.3 padding mechanism

Hi, > On 2 Mar 2018, at 08:32, Nikos Mavrogiannopoulos wrote: > >> On Thu, 2018-03-01 at 21:52 +, Paterson, Kenny wrote: >> Hi, >> >> I've been analysing the record protocol spec for TLS 1.3 a bit, >> specifically the new padding mechanism. I think there's a possible >>

Re: [TLS] Possible timing attack on TLS 1.3 padding mechanism

On Thu, 2018-03-01 at 21:52 +, Paterson, Kenny wrote: > Hi, > > I've been analysing the record protocol spec for TLS 1.3 a bit, > specifically the new padding mechanism. I think there's a possible > timing attack on a naïve implementation of de-padding. Maybe this is > already known to people

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

On Thu, 2018-03-01 at 10:49 -0500, David A. Cooper wrote: > > I believe you are misinterpreting the text, but agree that it could > be > made more clear. > > Suppose that the ClientHello includes a supported_versions > extensions > that contains two values, TLS 1.4 and TLS 1.0, and the server