Re: [TLS] Integrity bounds in DTLS

Continuing the trend where I am the only one to post to this thread... I just posted a proposal: https://github.com/tlswg/dtls13-spec/pull/147 This is essentially a transcription of the work done for QUIC to DTLS. There is one major change, in the addition of TLS_AES_128_CCM_8_SHA256. QUIC

Re: [TLS] [Cfrg] NIST crypto group and HKDF (and therefore TLS 1.3)

Hi Torsten, The HKDF is one of the approved KDFs for being used together with an approved key exchange as specified in 56C. At this moment, a standalone HKDF is not approved yet. Draft version 2 of SP 800-133 (Section 6.3, item# 3:

[TLS] I-D Action: draft-ietf-tls-md5-sha1-deprecate-03.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : Deprecating MD5 and SHA-1 signature hashes in TLS 1.2 Authors : Loganaden Velvindron