W dniu 04.01.2018 o 11:46, Mateusz Jończyk pisze: > W dniu 03.01.2018 o 18:05, Benjamin Kaduk pisze: >> On 01/03/2018 10:17 AM, Mateusz Jończyk wrote: >>> Judging from TLS1.3's problems with middleboxes, content filtering isn't so >>> rare, especially in the corporate world. >>> >>> The provider of filtering services (for example OpenDNS) / middlebox >>> manufacturer would have to recognize if the client supports this mechanism. >>> Having support for TLS1.3 could be one such flag. >> >> Cherry-picking this one part just for enhanced clarity: I do not think >> support for TLS 1.3 can or should be such a flag -- there does not seem >> sufficient reason to block TLS 1.3 finalization for this proposal. > > I would like to ask You to add just this one flag: > access_administratively_disabled to TLS 1.3. This will allow graceful upgrade > to > full proposed functionality of the access_administratively_disabled mechanism. > > I will try to submit an Internet Draft for the full mechanism till the end of > this week. >
I have sent a pull request: https://github.com/tlswg/tls13-spec/pull/1134 Added access_denied_by_intermediary AlertDescription Network intermediaries (for example ISPs) may always block traffic by using e.g. access_denied. Make it more explicit by adding access_denied_by_intermediary. This will make censorship more transparent. Greetings, Mateusz Jończyk _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
