On Mon, Aug 3, 2015 at 8:44 AM, Daniel Kahn Gillmor <[email protected]> wrote:
> On Sun 2015-08-02 14:52:18 -0400, Eric Rescorla wrote: > > - ECDH_anon with P256 and Curve25519 > > - AES_128_GCM; AES_256_GCM; ChaCha/Poly1305 > > - SHA256 for the PRF > > - Session hash > > - No renegotiation [Banned in TLS 1.3] > > - No compression [Banned in TLS 1.3] > > - RFC5705 tickets [or PSK in 1.3] > > This rough cut doesn't include TLS Extractors or TLS Unique. If it's > going to satisfy the the session ID capacity of > draft-bittau-tcpinc-tcpeno it needs to include one of these mechanisms > at least, right? Good catch. Yes, it needs some sort of channel binding support, however TLS-Unique does not appear on the wire, so it didn't seem to be part of the profile (hence my omitting it). I agree, however, that the document should describe this clearly. -Ekr
_______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
