Re: [TLS] Call for Adoption: TLS 1.3 Extension for Certificate-based Authentication with an External Pre-Shared Key

2019-02-14 Thread Sankalp Bagaria
Hi, I support the adoption of this draft. I would like to see it develop.. Thanks, Sankalp Bagaria. > > > Message: 3 > Date: Mon, 11 Feb 2019 08:40:41 -0800 > From: "Peter Yee" > To: "'Christopher Wood'" , > Subject: Re: [TLS] Call for Adoption: TLS 1.3 Extension for > Certificate-bas

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread David Benjamin
On Thu, Feb 14, 2019 at 2:25 PM Roelof DuToit wrote: > On Thu, 14 Feb 2019 15:13:11 -0500 *David Benjamin > >* wrote > > On Thu, Feb 14, 2019 at 1:46 PM Roelof DuToit wrote: > >> On Thu, 14 Feb 2019 13:00:16 -0500 *David Benjamin >> >* wrote >> >> On Wed, Feb 13, 2019 at 7:37

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread Roelof DuToit
On Thu, 14 Feb 2019 15:13:11 -0500 David Benjamin wrote On Thu, Feb 14, 2019 at 1:46 PM Roelof DuToit wrote: On Thu, 14 Feb 2019 13:00:16 -0500 David Benjamin wrote On Wed, Feb 13, 2019 at 7:37 PM Roel

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread David Benjamin
On Thu, Feb 14, 2019 at 1:46 PM Roelof DuToit wrote: > > > > On Thu, 14 Feb 2019 13:00:16 -0500 *David Benjamin > >* wrote > > On Wed, Feb 13, 2019 at 7:37 PM Roelof DuToit wrote: > >> >> Questions for PR [1]: >> >> * Regarding this text: >> The client MUST NOT use the server-provided

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread Stephen Farrell
Hiya, On 14/02/2019 19:21, David Benjamin wrote: > On Wed, Feb 13, 2019 at 6:24 PM Stephen Farrell > wrote: > > I have been using air quotes for a reason... :-P My personal view on these > things is very far from positive. That's what I thought. You're right there anyway:-) > > The intent wa

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread Roelof DuToit
On Thu, 14 Feb 2019 13:00:16 -0500 David Benjamin wrote On Wed, Feb 13, 2019 at 7:37 PM Roelof DuToit wrote: Questions for PR [1]: * Regarding this text: The client MUST NOT use the server-provided retry keys until the handshake completes successfully.

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread Stephen Farrell
Hiya, On 14/02/2019 19:26, Salz, Rich wrote: >> That just says you can't report it as successful. > > "MUST NOT surface" seems like bad phrasing then. > > > * I'm blanking on better wording. I wanted to keep the wording > independent of whether your TLS stack knows how to open transport c

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread Salz, Rich
> That just says you can't report it as successful. "MUST NOT surface" seems like bad phrasing then. * I'm blanking on better wording. I wanted to keep the wording independent of whether your TLS stack knows how to open transport connections or not, which changes things a bunch, which cons

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread David Benjamin
On Wed, Feb 13, 2019 at 6:24 PM Stephen Farrell wrote: > On 13/02/2019 23:55, David Benjamin wrote: > > On Wed, Feb 13, 2019 at 5:00 PM Stephen Farrell < > stephen.farr...@cs.tcd.ie> > > wrote: > > That text isn't prescribing any particular behavior. > > Then delete it:-) > It's just describin

Re: [TLS] ESNI PRs #124 and #125: Improving ESNI Robustness and GREASE

2019-02-14 Thread David Benjamin
On Wed, Feb 13, 2019 at 7:37 PM Roelof DuToit wrote: > Questions for PR [1]: > > * Regarding this text: > The client MUST NOT use the server-provided retry keys until the handshake > completes successfully. On success, it MUST NOT overwrite the DNS-provided > keys with the retry keys. It MUST use