Hubert Kario wrote:
>
> there are attacks, like BEAST, that TLS 1.0 is vulnerable to that
> TLS 1.1 and TLS 1.2 are not - that's a fact there are ciphersuites
> that are invulnerable to Lucky13 and similar style of attacks that
> can not be used with TLS 1.0 or TLS 1.1 - that's a fact
BEAST is
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security WG of the IETF.
Title : Importing External PSKs for TLS
Authors : David Benjamin
Christopher A.
On Tue, May 14, 2019 at 2:27 PM Hubert Kario wrote:
> On Tuesday, 14 May 2019 20:09:36 CEST Daniel Migault wrote:
> > section 2:
> >
> > I am wondering whether SHOULD NOT could be replaced by MUST NOT. On the
> > one hand, deprecation should be smooth, but on the other hand I am
> reading
> >
On Tuesday, 14 May 2019 20:16:17 CEST Loganaden Velvindron wrote:
> On Tue, May 14, 2019 at 3:24 PM Hubert Kario wrote:
> > On Tuesday, 14 May 2019 08:34:38 CEST Loganaden Velvindron wrote:
> > > Latest draft is here:
> > > https://www.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-04.txt
>
On Tuesday, 14 May 2019 20:09:36 CEST Daniel Migault wrote:
> section 2:
>
> I am wondering whether SHOULD NOT could be replaced by MUST NOT. On the
> one hand, deprecation should be smooth, but on the other hand I am reading
> that rfc6194 and rfc6151 already started the deprecation. I would
On Tue, May 14, 2019 at 3:24 PM Hubert Kario wrote:
> On Tuesday, 14 May 2019 08:34:38 CEST Loganaden Velvindron wrote:
> > Latest draft is here:
> > https://www.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-04.txt
>
> why did you drop SHA-1 from Section 4 and 5?
>
> It was done following
On Tuesday, 14 May 2019 16:52:49 CEST Martin Rex wrote:
> Hubert Kario wrote:
> > Martin Rex wrote:
> >> Hubert Kario wrote:
> >>> MD5 was deprecated and removed by basically every library
> >>> and can't be used in TLS 1.2, I specifically meant SHA1
> >>
> >> MD5 deprecated ? Nope, glaring
Hi,
Please find some comments.
Yours,
Daniel
Introduction
I would suggest a reference to rfc6194 for sha1 digest as well as for
hmac-sha1.
I believe more text in the introduction may be needed to expose how the
document impacts TLS 1.2.
Typically, the impacted structure is HashAlgorithm,
On Tue, May 14, 2019 at 12:33 PM David Benjamin
wrote:
> > which exact piece of popular software actually still does that?
>> > It ain't curl, it ain't Chrome, it ain't Firefox.
>>
>> It definitely was implemented in Chrome and Firefox, which is how this
>> poor document got onto standards
Hubert Kario wrote:
> Martin Rex wrote:
>> Hubert Kario wrote:
>>> MD5 was deprecated and removed by basically every library
>>> and can't be used in TLS 1.2, I specifically meant SHA1
>>
>> MD5 deprecated ? Nope, glaring emtpy:
>>
Hi Joe,
> request to our AD
is there an "expected date" for that requested assignment of early code-points?
I tried to find something on the IANA page, but wasn't successful.
Mit freundlichen Grüßen / Best regards
Achim Kraus
(INST/ECS4)
Bosch Software Innovations GmbH | Stuttgarter
On Tuesday, 14 May 2019 08:34:38 CEST Loganaden Velvindron wrote:
> Latest draft is here:
> https://www.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-04.txt
why did you drop SHA-1 from Section 4 and 5?
the note about SHA-1 in HMAC applies to ciphersuites, to state explicitly that
[comments in-line]
On Fri, May 10, 2019 at 5:47 AM Martin Thomson wrote:
> It might pay to spend more time on explaining what you are trying to do.
>
> The goal appears to be to remove a dependency on signature schemes that
> include these weaker hash functions. But the introduction just says
13 matches
Mail list logo
