John:
Okay, I misread the first note. Sorry for the noise.
Russ
> On Apr 1, 2019, at 5:29 PM, John Mattsson wrote:
>
> Hi Russ,
>
> I was not talking about certificates at all. My comment was about using both
> external_identity and one of its derived ImportedIdentity in OfferedPsks
>
>
Thank you for your comments!
I've opened a PR to address them:
https://github.com/tlswg/certificate-compression/pull/25
On Sat, Mar 30, 2019 at 2:26 AM John Mattsson
wrote:
> Two short comments:
>
> - Would be good to mention that the document does not specify any
> preset dictionaries.
>
Hi Russ,
I was not talking about certificates at all. My comment was about using both
external_identity and one of its derived ImportedIdentity in OfferedPsks
draft-wood-tls-external-psk-importer-01:
struct {
opaque external_identity<1...2^16-1>;
opaque label<0..2^8-1>;
On Mon, Apr 1, 2019, at 12:40, Hubert Kario wrote:
> > > would possibly reduce the size of is ServerHello or EncryptedExtensions
> >
> > Those are messages where we have size pressure.
>
> why? in what use case?
QUIC. We have 3600 bytes to play with in that flight. And Certificate is often
more
John:
>
> The draft should make clear if the External PSK and external identity can be
> used together with the imported identities.
I think that draft-ietf-tls-tls13-cert-with-extern-psk would be needed with TLS
1,3 for the certificate-based authentication to be used with an external PSK.
Rus
The following errata report has been submitted for RFC8446,
"The Transport Layer Security (TLS) Protocol Version 1.3".
--
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5682
--
Type: Technical
Rep
Hi,
Thanks for trying to solve this problem! Not having a way to use the same
external PSK for different cipher suites is definitely a thing missing from TLS
1.3.
As I stated during the wg session, 3GPP have a few use cases that use PSK-ECDHE
between phone and core network. Contrary to what I
Hello all,
I know that draft-ietf-tls-certificate-compression is (almost?) in last
call, so I apologize for jumping in so late.
I would like to propose adding an additional codepoint to the
Certificate Compression Algorithm IDs registry, for Zstd (RFC 8478).
Briefly, Zstandard seems like a
Minutes from last week's TLS meetings in Prague are now online [1].
They're also copied at the end of this message. Please have a look and
send any issues to the list.
Many thanks to Richard Barnes and Robin Wilton for taking notes!
Best,
Chris, Joe, and Sean
[1] https://datatracker.ietf.org/doc
On Friday, 29 March 2019 10:24:44 CEST Martin Thomson wrote:
> On Thu, Mar 28, 2019, at 14:46, Hubert Kario wrote:
> > what about resumption and renegotiation?
>
> No certificates in resumption.
>
> No resumption in TLS 1.3 (and I don't care about TLS 1.2 any more).
then say explicitly that it's
On Friday, 29 March 2019 10:23:51 CEST Martin Thomson wrote:
> On Thu, Mar 28, 2019, at 14:54, Hubert Kario wrote:
> > what about making sure that the legacy and flags remain in-sync? we will
> > have to send the legacy encoding for many years to come, so only thing it
> > would possibly reduce the
11 matches
Mail list logo
