Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-04-11 Thread Eric Rescorla
On Tue, Apr 11, 2017 at 11:27 AM, Benjamin Kaduk wrote: > > Yeah, I guess I snuck that fix into #936. So much for keeping things > separate... > > > Page 113 still has the “[[NOTE: TLS 1.3 needs a new channel binding > > definition that has not yet been defined.]]”, which

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-04-11 Thread Benjamin Kaduk
On 04/11/2017 12:32 PM, Eric Rescorla wrote: > > It was already mentioned that the “major differences from TLS 1.2” > > section should not be a changelog, but I agree with that. > > Yes, this is on my plate. > > > > Should Figure 4 (“message flow for a zero round trip handshake”) > > include a “+

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-04-11 Thread Eric Rescorla
> It was already mentioned that the “major differences from TLS 1.2” > section should not be a changelog, but I agree with that. Yes, this is on my plate. > Should Figure 4 (“message flow for a zero round trip handshake”) > include a “+ early_data” for the server’s flight? (The legend for >

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-04-04 Thread Benjamin Kaduk
On 03/31/2017 08:40 AM, Hubert Kario wrote: > On Tuesday, 28 March 2017 08:23:33 CEST Kaduk, Ben wrote: >> On 3/13/17, 12:30, "Sean Turner" wrote: >> Do we want to add some commentary about the extant SHA1 collisions when we >> say that {rsa_pkcs1,dsa,ecdsa}_sha1 are only SHOULD

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Eric Rescorla
On Fri, Mar 31, 2017 at 9:12 AM, Dr Stephen Henson < li...@drh-consultancy.co.uk> wrote: > On 27/03/2017 08:47, Olivier Levillain wrote: > > > > For a longer version, post-handshake records of type Handshake can be of > > three kinds: > > - NewSessionTicket (sent by the server, and that can

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Dr Stephen Henson
On 27/03/2017 08:47, Olivier Levillain wrote: > > For a longer version, post-handshake records of type Handshake can be of > three kinds: > - NewSessionTicket (sent by the server, and that can safely be ignored > entirely by clients) > - KeyUpdate (sent by either party, requiring only a bit of

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Hubert Kario
On Tuesday, 28 March 2017 08:23:33 CEST Kaduk, Ben wrote: > On 3/13/17, 12:30, "Sean Turner" wrote: > Do we want to add some commentary about the extant SHA1 collisions when we > say that {rsa_pkcs1,dsa,ecdsa}_sha1 are only SHOULD NOT? There still are non-insignificant number of

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Eric Rescorla
Yes, we discussed this at IETF 98 and had rough consensus. I'll be merging this PR this week -Ekr On Fri, Mar 31, 2017 at 6:57 AM, Olivier Levillain < olivier.levill...@ssi.gouv.fr> wrote: > Hi, > > > I think there is at least another issue that still needs to be > > discussed: how to properly

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-31 Thread Olivier Levillain
Hi, > I think there is at least another issue that still needs to be > discussed: how to properly handle post-handshake handshake messages. > > The subject has also been raised several times on GitHub > (https://github.com/tlswg/tls13-spec/pull/680, >

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-28 Thread Kyle Nekritz
behalf of Dave Garrett <davemgarr...@gmail.com> Sent: Tuesday, March 28, 2017 4:42 PM To: tls@ietf.org Subject: Re: [TLS] WGLC: draft-ietf-tls-tls13-19   On Tuesday, March 28, 2017 02:23:33 am Kaduk, Ben wrote: > Should Alert.level be Alert.legacy_level? Yep. Trivial to fix, so

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-28 Thread Dave Garrett
On Tuesday, March 28, 2017 02:23:33 am Kaduk, Ben wrote: > Should Alert.level be Alert.legacy_level? Yep. Trivial to fix, so quick PR filed for it. Dave ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-28 Thread Kaduk, Ben
On 3/13/17, 12:30, "Sean Turner" wrote: This is a working group last call announcement for draft-ietf-tls-tls13-19, to run through March 27. Please send your reviews to the list as soon as possible so we can prepare for any discussion of open issues at IETF 98 in Chicago.

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-27 Thread Olivier Levillain
Hi list, I think there is at least another issue that still needs to be discussed: how to properly handle post-handshake handshake messages. The subject has also been raised several times on GitHub (https://github.com/tlswg/tls13-spec/pull/680, https://github.com/tlswg/tls13-spec/pull/676,

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-19 Thread Dave Garrett
Yes, a proper "differences from TLS 1.2" section needs to be written to replace the draft changelog. Dave On Tuesday, March 14, 2017 05:31:18 am Yoav Nir wrote: > Hi. > > I will give the entire document a more thorough read, but I wanted to comment > on section 1.2 earlier. Its title is

Re: [TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-13 Thread Eric Rescorla
Note to Ilari: I have already taken your email as WGLC comments, so no need to re-send. -Ekr On Mon, Mar 13, 2017 at 10:30 AM, Sean Turner wrote: > This is a working group last call announcement for > draft-ietf-tls-tls13-19, to run through March 27. Please send your reviews

[TLS] WGLC: draft-ietf-tls-tls13-19

2017-03-13 Thread Sean Turner
This is a working group last call announcement for draft-ietf-tls-tls13-19, to run through March 27. Please send your reviews to the list as soon as possible so we can prepare for any discussion of open issues at IETF 98 in Chicago. Thanks, J ___