There seemed to be support for draft-sullivan-tls-exported-authentication (
https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-00)
in Seoul. Since there has not been much discussion of this draft on the
list we are giving the working group a chance to review the draft before
ca
And it is done. I fluffed one change: NSS supports exporters now.
I'll catch that when there is cause to generate a new version.
PRs and issues can be opened here:
https://github.com/tlswg/draft-ietf-tls-tls13-vectors
The editor's copy is here: https://tlswg.github.io/draft-ietf-tls-tls13-vector
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security of the IETF.
Title : Example Handshake Traces for TLS 1.3
Author : Martin Thomson
Filename: draft-ietf-tls-t
On 4 January 2017 at 15:29, Ilari Liusvaara wrote:
>> Naively, if s1 and s2 share cert and private key, and ignore the SNI, it
>> seems like redirecting a full handshake would work. But I didn't think
>> about it very hard.
>
> Actually, I think it would work if you merely have cross-valid
> sele
On Tue, Jan 03, 2017 at 06:14:23PM -0600, Benjamin Kaduk wrote:
> On 12/30/2016 06:44 AM, Ilari Liusvaara wrote:
> > On Thu, Dec 29, 2016 at 02:45:53PM -0800, Adam Langley wrote:
> >>
> >> An attacker could redirect a 0-RTT handshake that was destined to S1
> >> and feed it to S2. If S2 ignores the
On 4 January 2017 at 12:02, Benjamin Kaduk wrote:
> I also had the sense that ekr noted that we didn't want to do this in the
> core spec.
> So, could you point me more clearly at what you would want to change in the
> core spec that would allow doing the thing you want to see done in a future
> d
I also had the sense that ekr noted that we didn't want to do this in
the core spec.
So, could you point me more clearly at what you would want to change in
the core spec that would allow doing the thing you want to see done in a
future document? (Is it just removing "i.e., when a PSK is not in us
On 12/30/2016 06:44 AM, Ilari Liusvaara wrote:
> On Thu, Dec 29, 2016 at 02:45:53PM -0800, Adam Langley wrote:
>>
>> An attacker could redirect a 0-RTT handshake that was destined to S1
>> and feed it to S2. If S2 ignores the SNI value (common) it could
>> accept and process the 0-RTT data even tho
I appears that we’ve got enough consensus/interest to adopt
draft-davidben-tls-grease based on this thread:
https://mailarchive.ietf.org/arch/msg/tls/NnNMMRygtXzPXMg3d6WlSBrsZ7w
David,
Please submit draft-ietf-tls-grease at your earliest convenience. I’ll set up
a tlswg repo in just a sec.
Th
I appears that we’ve got enough consensus/interest to adopt
draft-thomson-tls-tls13-vectors based on this thread:
https://mailarchive.ietf.org/arch/msg/tls/LOS06OPDeLOrdtE8QoBLXEHO51s
Martin,
Please submit draft-ietf-tls-tls13-vectors at your earliest convenience. I’ll
set up a tlswg repo in j
10 matches
Mail list logo