On Wednesday, 21 February 2018 15:31:33 CET Eric Rescorla wrote:
> i think your general point is sound here, but I'll nitpick the statement
> that
> "if the server recognises an identity but is unable to verify corresponding
> binder".
>
> 1. The server only picks one identity so you if you send
On Thursday, 22 February 2018 00:22:35 CET Martin Thomson wrote:
> I think that the current behavior is fine, but we might add text to
> suggest that identities be self-authenticating to avoid this sort of
> enumeration. Note that in common practice, this sort of enumeration
> would be over an
-tl...@ietf.org; <tls@ietf.org>; IETF discussion list
Subject: Re: [TLS] external PSK identity enumeration Re: UPDATED Last Call:
(The Transport Layer Security (TLS) Protocol
Version 1.3) to Proposed Standard
I think that the current behavior is fine, but we might add text to
s
I think that the current behavior is fine, but we might add text to
suggest that identities be self-authenticating to avoid this sort of
enumeration. Note that in common practice, this sort of enumeration
would be over an infeasibly large space, it's only where identities
are more easily
i think your general point is sound here, but I'll nitpick the statement
that
"if the server recognises an identity but is unable to verify corresponding
binder".
1. The server only picks one identity so you if you send A, B, and C and you
get an abort, you don't know if it recognized one or all.
On Wednesday, 21 February 2018 15:21:58 CET Eric Rescorla wrote:
> On Wed, Feb 21, 2018 at 6:13 AM, Hubert Kario wrote:
> > On Friday, 16 February 2018 18:06:41 CET The IESG wrote:
> > > The IESG has received a request from the Transport Layer Security WG
> >
> > (tls)
> >
>
(fixing missed i...@ietf.org)
On Friday, 16 February 2018 18:06:41 CET The IESG wrote:
> The IESG has received a request from the Transport Layer Security WG (tls)
> to consider the following document: - 'The Transport Layer Security (TLS)
> Protocol Version 1.3'
>as Proposed Standard
The
On Wed, Feb 21, 2018 at 6:13 AM, Hubert Kario wrote:
> On Friday, 16 February 2018 18:06:41 CET The IESG wrote:
> > The IESG has received a request from the Transport Layer Security WG
> (tls)
> > to consider the following document: - 'The Transport Layer Security (TLS)
> >
On Friday, 16 February 2018 18:06:41 CET The IESG wrote:
> The IESG has received a request from the Transport Layer Security WG (tls)
> to consider the following document: - 'The Transport Layer Security (TLS)
> Protocol Version 1.3'
>as Proposed Standard
The current draft states that if the