On 4/25/16, 8:27 AM, "Russ Housley" wrote:
>
>On Apr 25, 2016, at 11:19 AM, Paul Wouters wrote:
>
>> On Mon, 25 Apr 2016, Sean Turner wrote:
>>
>>> draft-shore-tls-dnssec-chain-extension was originally discussed at
>>>IETF 93 [0], and the authors have been biding their time while the WG
>>>thras
On Tuesday, April 26, 2016 11:20:40 am Hannes Tschofenig wrote:
> If you are already paying the price of the asymmetric crypto (in terms
> of flash usage/CPU speed/RAM utilization then just switch to a raw
> public key or a certificate based ciphersuite (since there is very
> little additional over
I recently reviewed draft-guballa-tls-terminology-03. Comments below.
OVERALL
I'm sympathetic to concerns that TLS terminology may not be as precise
as one would like, but IMO this document doesn't make things significantly
clearer and in some cases makes it worse. Specifically:
- (D)TLS is inten
My 5 cents.
For the IoT environment this ciphersuite is not very useful.
If you want the best possible performance, lowest RAM utilization and
use as little flash as possible then you go for a plain PSK ciphersuite
(without DH/ECDHE).
If you are already paying the price of the asymmetric crypto
On Mon, 2016-04-25 at 08:17 -0700, Sean Turner wrote:
> All,
>
> draft-mattsson-tls-ecdhe-psk-aead includes some cipher suites that
> are needed for TLS1.3. We need to get these officially registered so
> the chairs would like to hear whether there is WG support for
> adopting draft-mattsson-tls-
Yes, adopt. We need something approximately like this and I think
that it can proceed well ahead of TLS 1.3. (Dave's nit seems
reasonable, but adoption lets us fix that in the working group.)
On 26 April 2016 at 05:31, Andrei Popov wrote:
> I support adoption of this draft. No reason to limit E
Just to make note on-list, I support adoption of the draft. I've already cited
it in the current TLS 1.3 draft as a normative reference, and thus consider it
required for completion of the new version.
One objection to part of the current draft, though, which I think needs
changing. It currentl
