On Fri, Mar 6, 2026 at 9:20 AM Sean Turner <[email protected]> wrote: > snipping down the list > > On Feb 3, 2026, at 15:08, Muhammad Usama Sardar < > [email protected]> wrote: > > # *Known implementation* > > The only public implementation currently known to us is Cloudflare's > opaque-ea [0], which as acknowledged [1] by Cloudflare, is a partial > implementation of RFC9261. It implements TLS messages here [2] and is based > on mint [3] - a minimal TLS 1.3 stack for learning purposes. Is there any > other open-source implementation? > > For future, could we please reference the implementations within the RFCs > (either in text or in "additional resources" in datatracker) to avoid the > trouble to find it? > > The developers are ultimately aiming at code that they will use in > production. > > The shepherd write-up for the I-D that became RFC 6261 noted that there > were two implementations: > https://datatracker.ietf.org/doc/draft-ietf-tls-exported-authenticator/15/ > I checked my mail and I can’t find any reference to those implementations > and I can’t remember the names. > > As far as including the implementations in the RFC, pretty sure that’s not > normally done. >
I don't think we should change that. Note that even in cases where we require implementations to be listed, as for promotion above PS, that goes in a separate report, not in the RFC: https://www.rfc-editor.org/rfc/rfc2026#section-4.1.2 The Working Group chair is responsible for documenting the specific implementations which qualify the specification for Draft or Internet Standard status along with documentation about testing of the interoperation of these implementations. The documentation must include information about the support of each of the individual options and features. This documentation should be submitted to the Area Director with the protocol action request. (see Section 6 <https://www.rfc-editor.org/rfc/rfc2026#section-6>) -Ekr ## *Formal analysis in ProVerif* > > I am trying to understand the security considerations of RFC9261. It > acknowledges Karthik for suggestions on security considerations. Does > someone happen to recall whether he actually did some formal analysis in > ProVerif or was it based on his intuition? If the former, could someone > point me to the analysis? I did check reftls repo [4] which does not > contain it. I also checked his personal repos [5] but could not find > something relevant. > > I know some formal analysis was done in Tamarin but I would like to > compare my ProVerif model with his model, if he had one. > > For future, could we please reference the formal analysis within the RFCs > (either in text or in "additional resources" in datatracker) to avoid the > trouble to find it? > > I think the best bet here is a direct (offlist) message to Karthik to ask > him. > > spt > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
