I’m not seeing objections to this PR so please let us know by Friday (7 October) whether you see any issues with what’s been proposed.
spt > On Sep 22, 2016, at 20:42, Nick Sullivan <nicholas.sulli...@gmail.com> wrote: > > PR: https://github.com/tlswg/tls13-spec/pull/654 > > Hello, > > I'd like to propose a small to the Certificate message format to allow for > future extensibility of the protocol. > > This change adds a set of extensions to the Certificate message. With this > change, the Certificate message can now hold all extension messages that are > certificate-specific (rather than connection-specific). This change also > resolves the anomaly of OCSP messages appearing before certificates in the > handshake. > > Reasoning: > I've come to the conclusion that the current mechanism in TLS 1.3 for OCSP > and SCT is lacking forsight. OCSP and SCT are per-certificate metadata, not > per-connection metadata. By putting these responses in the > EncryptedExtensions, you limit these extensions to being shown once per > connection. This restricts future protocol extensions from using multiple > Certificate messages to support multiple certificates on the same connection. > An example of this is the post-handshake authentication proposal > (https://tools.ietf.org/html/draft-sullivan-tls-post-handshake-auth-00), > which currently requires a modified post-handshake Certificate message. This > proposed change would simplify the post-handshake auth proposal significantly > and generally make more sense as more certificate-specific extensions are > created. > > Nick > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls