Thanks Stephen, opened 4 issues, https://github.com/yaronf/I-D/issues?q=is%3Aissue+is%3Aopen+label%3ABCP195
Yaron On 5/27/22, 16:51, "Uta on behalf of Stephen Farrell" <uta-boun...@ietf.org on behalf of stephen.farr...@cs.tcd.ie> wrote: Hiya, I had a read of this. Seems to me to be in fine shape but a couple of comments below. If those have already been discussed, apologies, and do ignore 'em. I don't think any of my comments need addressing before publication, but figured it was no harm sending 'em anyway:-) - section 3.2: I wondered why no mention of MTA-STS or DANE? Could/should we say that MTA implementations SHOULD include support for such strictness? - 4.2: there's been some cfrg [1] discussion (but not much and without so far reaching a conclusion) on deterministic signatures (RFC6979) and fault injection attacks. I wonder if we want to say anything about that? It might be worth just adding a reference that describes the problem, but I don't think we can expect the cfrg discussion to have resolved before this gets published. Those attacks are probably not that important for a typical TLS server but more interesting for small devices with TLS servers so maybe it's a bit too niche a concern to include? - 7.4: is it still true that "many TLS implementations reuse Diffie-Hellman and Elliptic Curve Diffie-Hellman exponents across multiple connections"? If not, then maybe s/many/some/ or cast the sentence into the past tense? - refs: is rfc6125 still the right reference given the -bis work? - refs: The 2015 date for the bettercrypto.org seems wrong. I guess that site has been updated since? It says 2018 on their front page anyway, but I'm not sure what'd be the right reference. Cheers, S. [1] https://datatracker.ietf.org/meeting/113/materials/slides-113-cfrg-signatures-deterministic-vs-randomized-00 _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta