Hi. At IETF 108 a question was raised about The TLS Flags extension. What payloads on the server side can include this extension?
The “candidates” are ServerHello, EncryptedExtensions, Certificate, and NewSessionTicket. The only one that is controversial here (I think) is ServerHello, because it is not encrypted. Looking at the current list of extensions, I see that only 6 can go in ServerHello: password_salt tls_cert_with_extern_psk supported_ekt_ciphers pre_shared_key supported_versions key_share Of those, only one would be (if it hadn’t already been standardized) a candidate for the TLS-Flags extension: tls_cert_with_extern_psk. The RFC describes it with “The “tls_cert_with_extern_psk" extension is essentially a flag to use the external PSK in the key schedule”. I don’t think it’s unreasonable to think that at some point there’s going to be another flag-like extension that will need to be signalled in ServerHello. So the question for the group is, do we allow the flags extension (and the flags themselves) to be in ServerHello, or do we prohibit them for now, and if ever an extension does need to signal in ServerHello, it can update the TLS-Flags RFC at that time? My vote would be to allow it in all places, and trust the process not to place flags that should be encrypted in payloads that aren’t, but either way, we need working group consensus. Thanks Yoav
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls