Re: [TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-14 Thread Ilari Liusvaara
On Fri, Oct 14, 2016 at 05:10:01PM +0200, Hubert Kario wrote: > On Thursday, 13 October 2016 23:33:19 CEST Ilari Liusvaara wrote: > > Ok, dumped the handshake using wireshark. Wireshark seems to think > > the SNI with two lengths is perfectly sane. > > that's because wireshark doesn't perform

Re: [TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-13 Thread Kazuho Oku
Hi Ilari, Thank you for trying picotls, and thank you very much for notifying me of the issues you found. I have fixed three issues you reported (i.e. SNI decode error, EC group check error, PKCS not included in Signature Algorithms). Regarding the crash, is your implementation available to

Re: [TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-13 Thread Kazuho Oku
Hi Martin, 2016-10-13 16:07 GMT+09:00 Martin Thomson : > Thanks Kazuho! > > Experiences like your own are critical at this stage. It is encouraging to > see that there were so few problems. > > As for the key schedule, EKR and I have discussed taking a dump from one of >

Re: [TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-13 Thread Eric Rescorla
Kazuho, Thanks for the feedback. This is very helpful. On Wed, Oct 12, 2016 at 11:17 PM, Kazuho Oku wrote: > > I wrote my implementation by going through the draft. While writing my > code, I did not refer to other implementations except for looking into > OpenSSL to see if

Re: [TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-13 Thread Ilari Liusvaara
On Thu, Oct 13, 2016 at 03:17:32PM +0900, Kazuho Oku wrote: > TLDR: the spec. was clear and easy to implement, but some test vectors > and clarification on what constitutes a Handshake Context would have > helped. > > FWIW, please let me share my experience of implementing TLS 1.3. > > This

Re: [TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-13 Thread Martin Thomson
Thanks Kazuho! Experiences like your own are critical at this stage. It is encouraging to see that there were so few problems. As for the key schedule, EKR and I have discussed taking a dump from one of our many test cases and putting that in a draft, including private keys and all the

[TLS] Newcomer’s Implementation Experience of TLS 1.3 Draft 16

2016-10-13 Thread Kazuho Oku
TLDR: the spec. was clear and easy to implement, but some test vectors and clarification on what constitutes a Handshake Context would have helped. FWIW, please let me share my experience of implementing TLS 1.3. This month, I have written a TLS 1.3 implementation (named picotls, available at