Folks,
I've just submitted draft-ietf-tls-tls13-15.
The major change in this document is the new negotiation syntax as
discussed in Berlin. There are also a number of small tweaks (see
ChangeLog below).
Remaining significant issues:
#588: The computation of the resumption context with external PSKs.
Also, connected with this, should we require that the client
prove knowledge of the PSK when offering a PSK.
#443: 0-RTT with server signing. This is possible with the new syntax
but I didn't specify it in #15.
#580: receive_generation for KeyUpdate [CHAIRS: please bring to closure]
Also a few smaller ones I will be bringing to the list shortly.
Note to implementors:
NSS is currently at draft-14 (Firefox is at draft-13). We intend to
implement draft-15 immediately (hopefully in the next week) and would
welcome interop testing with anyone who is interested.
As usual, comments welcome.
-Ekr
- New negotiation syntax as discussed in Berlin (*)
- Require CertificateRequest.context to be empty during handshake (*)
- Forbid empty tickets (*)
- Forbid application data messages in between post-handshake messages
from the same flight (*)
- Clean up alert guidance (*)
- Clearer guidance on what is needed for TLS 1.2.
- Guidance on 0-RTT time windows.
- Rename a bunch of fields.
- Remove old PRNG text.
- Explicitly require checking that handshake records not span
key changes.
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
