I've updated the draft in response to a bunch of these comments and
scheduled some for update when I enter my own review comments which
are still in the "marked up document stage"
> > EncryptedExtensions.
> > : responses to any extensions that are not required to
> > determine the cryptographic
[I trimmed a couple things that already had sub-threads spun off;
leaving in others even where I don't have a comment right now]
On 10/17/2016 01:10 PM, Ilari Liusvaara wrote:
>
>> Finally, the client and server exchange Authentication messages. TLS
>> uses the same set of messages every time that
On Monday, 17 October 2016 21:10:30 CEST Ilari Liusvaara wrote:
> > ## Decoding Errors
> >
> > TLS defines two generic alerts (see {{alert-protocol}}) to use upon
> > failure to parse a message. Peers which receive a message which cannot be
> > parsed according to the syntax (e.g., have a length e
On Mon, Oct 17, 2016 at 03:18:34PM -0400, Dave Garrett wrote:
> On Monday, October 17, 2016 02:10:30 pm Ilari Liusvaara wrote:
> > > %%% Authentication Messages
> >
> > > If sent by a server, the signature algorithm MUST be one offered in the
> > > client's "signature_algorithms" extension unless
On Monday, October 17, 2016 02:10:30 pm Ilari Liusvaara wrote:
> > %%% Authentication Messages
>
> > If sent by a server, the signature algorithm MUST be one offered in the
> > client's "signature_algorithms" extension unless no valid certificate chain
> > can be
> > produced without unsupported
Did a new review of the document, given that stuff from the older
review got addressed.
Consulted the older review when making this, but not the issue lists:
> EncryptedExtensions.
> : responses to any extensions that are not required to
> determine the cryptographic parameters. [{{encrypted-e