[TLS] Interest in draft-sullivan-tls-exported-authentication

There seemed to be support for draft-sullivan-tls-exported-authentication ( https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-00) in Seoul. Since there has not been much discussion of this draft on the list we are giving the working group a chance to review the draft before ca

Re: [TLS] adopted: draft-thomson-tls-tls13-vectors

And it is done. I fluffed one change: NSS supports exporters now. I'll catch that when there is cause to generate a new version. PRs and issues can be opened here: https://github.com/tlswg/draft-ietf-tls-tls13-vectors The editor's copy is here: https://tlswg.github.io/draft-ietf-tls-tls13-vector

[TLS] I-D Action: draft-ietf-tls-tls13-vectors-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security of the IETF. Title : Example Handshake Traces for TLS 1.3 Author : Martin Thomson Filename: draft-ietf-tls-t

Re: [TLS] cross-domain cache sharing and 0rtt

On 4 January 2017 at 15:29, Ilari Liusvaara wrote: >> Naively, if s1 and s2 share cert and private key, and ignore the SNI, it >> seems like redirecting a full handshake would work. But I didn't think >> about it very hard. > > Actually, I think it would work if you merely have cross-valid > sele

Re: [TLS] cross-domain cache sharing and 0rtt

On Tue, Jan 03, 2017 at 06:14:23PM -0600, Benjamin Kaduk wrote: > On 12/30/2016 06:44 AM, Ilari Liusvaara wrote: > > On Thu, Dec 29, 2016 at 02:45:53PM -0800, Adam Langley wrote: > >> > >> An attacker could redirect a 0-RTT handshake that was destined to S1 > >> and feed it to S2. If S2 ignores the

Re: [TLS] Using both External PSK and (EC)DH in TLS 1.3

On 4 January 2017 at 12:02, Benjamin Kaduk wrote: > I also had the sense that ekr noted that we didn't want to do this in the > core spec. > So, could you point me more clearly at what you would want to change in the > core spec that would allow doing the thing you want to see done in a future > d

Re: [TLS] Using both External PSK and (EC)DH in TLS 1.3

I also had the sense that ekr noted that we didn't want to do this in the core spec. So, could you point me more clearly at what you would want to change in the core spec that would allow doing the thing you want to see done in a future document? (Is it just removing "i.e., when a PSK is not in us

Re: [TLS] cross-domain cache sharing and 0rtt

On 12/30/2016 06:44 AM, Ilari Liusvaara wrote: > On Thu, Dec 29, 2016 at 02:45:53PM -0800, Adam Langley wrote: >> >> An attacker could redirect a 0-RTT handshake that was destined to S1 >> and feed it to S2. If S2 ignores the SNI value (common) it could >> accept and process the 0-RTT data even tho

[TLS] adopted: draft-davidben-tls-grease

I appears that we’ve got enough consensus/interest to adopt draft-davidben-tls-grease based on this thread: https://mailarchive.ietf.org/arch/msg/tls/NnNMMRygtXzPXMg3d6WlSBrsZ7w David, Please submit draft-ietf-tls-grease at your earliest convenience. I’ll set up a tlswg repo in just a sec. Th

[TLS] adopted: draft-thomson-tls-tls13-vectors

I appears that we’ve got enough consensus/interest to adopt draft-thomson-tls-tls13-vectors based on this thread: https://mailarchive.ietf.org/arch/msg/tls/LOS06OPDeLOrdtE8QoBLXEHO51s Martin, Please submit draft-ietf-tls-tls13-vectors at your earliest convenience. I’ll set up a tlswg repo in j