Dear list, are there any news about the draft-ietf-tls-dtls-connection-id and the IANA registration of the connection_id?
According https://datatracker.ietf.org/doc/draft-ietf-tls-dtls-connection-id the draft expired on April 23, 2020 and according https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml the assigned value expired on 2020-07-02. I still very interested in this extension, it makes coap over dtls 1.2 a very powerful technology for the cloud and NB IoT. Currently two pending threats are discussed, see the PRs in https://github.com/tlswg/dtls-conn-id . One of both is in my opinion a general one using UDP, several countermeasures are discussed, including RRC. Let me add, that in my opinion, it's also about to chose cid for the right use-case, and not generally. That would mostly eliminated the DDoS threat, if the use-case doesn't offer an amplification. The other one requires in my opinion a remark about not using the option of RFC 6347 to generate an alert on invalid MACs, if the cid is used. Potentially, if of any interest at all, an additional remark about AES-CBC, the CID length and "lucky 13" maybe added, though the cid changes the 13. For me this looks much more, that the authors are too busy with other work and not that this draft doesn't make sense anymore. Therefore I would appreciate, if the temporary IANA registration for the connection_id could be extended by an additional year. Best regards Achim Kraus _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
