Re: [TLS] I-D Action: draft-rescorla-tls-ctls-04.txt

2020-03-09 Thread Martin Thomson
On Tue, Mar 10, 2020, at 14:17, Watson Ladd wrote: > One thing I noticed from my reading is there is no gain from knowing > an extension will be present if one doesn't also know the value. That is only true if the extension has a value. (See also flags) > I could imagine SNI being very useful

Re: [TLS] I-D Action: draft-rescorla-tls-ctls-04.txt

2020-03-09 Thread Watson Ladd
One thing I noticed from my reading is there is no gain from knowing an extension will be present if one doesn't also know the value. I could imagine SNI being very useful to include, and knowing the order of extension values permits their omission, keeping only the length. This does mean very

Re: [TLS] tls-external-psk-guidance // Draft for a suggestion of string encoding for manually typing a PSK is available

2020-03-09 Thread Björn Haase
Hello to all, in the process of the discussions of the external PSK guidance document, it was considered to suggest an encoding for PSK for applications that need to enter the key by manual typing. Presently such applications might be tempted to allow for strings such as "banana" as PSK which

[TLS] I-D Action: draft-ietf-tls-esni-06.txt

2020-03-09 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : Encrypted Server Name Indication for TLS 1.3 Authors : Eric Rescorla

[TLS] I-D Action: draft-rescorla-tls-ctls-04.txt

2020-03-09 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : Compact TLS 1.3 Authors : Eric Rescorla Richard Barnes

[TLS] Fwd: New Version Notification for draft-dt-tls-external-psk-guidance-00.txt

2020-03-09 Thread Christopher Wood
This document is the first checkpoint for the External PSK design team started a few weeks back. Feedback in the form of comments, edits, or PRs [1] is welcome! Thanks, Chris (no hat) [1] https://github.com/tlswg/external-psk-design-team - Original message - From:

[TLS] I-D Action: draft-ietf-tls-subcerts-07.txt

2020-03-09 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : Delegated Credentials for TLS Authors : Richard Barnes Subodh Iyengar

Re: [TLS] draft-ietf-tls-dtls13-35

2020-03-09 Thread Eric Rescorla
Oops, and 37 because I missed a spot. On Mon, Mar 9, 2020 at 9:36 AM Eric Rescorla wrote: > And -36 is now out, with some more editorial changes and changing the ACK > code point to avoid collisions. > > On Sat, Mar 7, 2020 at 2:24 PM Eric Rescorla wrote: > >> Hi folks, >> >> I have just

[TLS] I-D Action: draft-ietf-tls-dtls13-37.txt

2020-03-09 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : The Datagram Transport Layer Security (DTLS) Protocol Version 1.3 Authors : Eric Rescorla

Re: [TLS] draft-ietf-tls-dtls13-35

2020-03-09 Thread Eric Rescorla
And -36 is now out, with some more editorial changes and changing the ACK code point to avoid collisions. On Sat, Mar 7, 2020 at 2:24 PM Eric Rescorla wrote: > Hi folks, > > I have just submitted -35. > > This makes the following notable changes: > > - Fix contradictory text around the legacy

[TLS] I-D Action: draft-ietf-tls-dtls13-36.txt

2020-03-09 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : The Datagram Transport Layer Security (DTLS) Protocol Version 1.3 Authors : Eric Rescorla

Re: [TLS] three ECHO issues

2020-03-09 Thread Ilari Liusvaara
On Sun, Mar 08, 2020 at 07:13:05PM -0700, Christian Huitema wrote: > On 3/8/2020 10:14 AM, Stephen Farrell wrote: > > > I'm questioning whether that's a good goal or not. In my > > analysis of the various extensions, only SNI and ALPN seem > > to offer immediate value. > > Uh, No. First, we do

Re: [TLS] three ECHO issues

2020-03-09 Thread Eric Rescorla
I tend to agree. there's an open issue in the spec about this and I've sort of come to the conclusion that it's going to be pretty easy to determine just by sending your own ECH with the same key id and looking at what comes back. On Mon, Mar 9, 2020 at 8:32 AM Christopher Wood wrote: > On Mon,

Re: [TLS] three ECHO issues

2020-03-09 Thread Christopher Wood
On Mon, Mar 9, 2020, at 8:23 AM, Ben Schwartz wrote: > > > On Mon, Mar 9, 2020 at 6:49 AM Stephen Farrell > wrote: > > > > Hiya, > > > > On 09/03/2020 02:13, Christian Huitema wrote: > > > On 3/8/2020 10:14 AM, Stephen Farrell wrote: > > > > > >> I'm questioning whether that's a good

Re: [TLS] three ECHO issues

2020-03-09 Thread Stephen Farrell
Hiya, On 09/03/2020 02:13, Christian Huitema wrote: > On 3/8/2020 10:14 AM, Stephen Farrell wrote: > >> I'm questioning whether that's a good goal or not. In my >> analysis of the various extensions, only SNI and ALPN seem >> to offer immediate value. > > Uh, No. First, we do have