On Jan 29, 2021, at 5:00 PM, Joseph Salowey wrote:
> DISCUSS: the EAP-TLS draft should also explain that session tickets may be
> sent either before or after the 0x00 octet. Does the packet flow look any
> different for the two cases? If so, what does that mean?
>
> [Joe] I believe the flow o
On Jan 29, 2021, at 5:35 PM, Jorge Vergara wrote:
>
> [Jorge] The diagrams in the draft mostly imply that the commitment message
> being the last thing sent, after any NewSessionTicket. As stated, this is
> problematic since the TLS stack may re-order these, and the NewSessionTicket
> may have
On Sat, Jan 30, 2021, at 10:38, David Benjamin wrote:
> How does NSS expose the late client authentication to the application?
> I thought NSS didn't support half-RTT at all when the server requests
> client certificates, but perhaps I misunderstood.
There are three states we use with respect to
On Sun, Jan 31, 2021 at 09:20:57AM -0500, Alan DeKok wrote:
> On Jan 29, 2021, at 5:00 PM, Joseph Salowey wrote:
> > DISCUSS: the EAP-TLS draft should also explain that session tickets may be
> > sent either before or after the 0x00 octet. Does the packet flow look any
> > different for the two
Hi Mohit,
The quoting in your note is not coming across usefully in my MUA, so I'm
trimming to (what I think are) just your remarks without other history.
On Fri, Jan 29, 2021 at 07:34:42PM +, Mohit Sethi M wrote:
> Hi Ben,
>
> RFC 5705 says:
>
>If no context is provided, it then comput
Hi Alan,
With my apologies to everyone on the thread for so many mails in
succession...
On Fri, Jan 29, 2021 at 02:09:09PM -0500, Alan DeKok wrote:
> On Jan 29, 2021, at 1:32 PM, Benjamin Kaduk wrote:
> > With respect to the exporter usage, I do see you had asked about using the
> > type-code as
Do you think this would be clearer:
The maximum validity period is set to 7 days unless
an application profile standard specifies a shorter
period.
spt
> On Jan 25, 2021, at 11:14, Russ Housley wrote:
>
> I have reviewed the recent update, and I notice one inconsistency.
>
> Section 2 s
On Sun, Jan 31, 2021 at 6:17 PM Benjamin Kaduk wrote:
> On Sun, Jan 31, 2021 at 09:20:57AM -0500, Alan DeKok wrote:
> > On Jan 29, 2021, at 5:00 PM, Joseph Salowey wrote:
> > > DISCUSS: the EAP-TLS draft should also explain that session tickets
> may be sent either before or after the 0x00 octet
Alan DeKok writes:
>OpenSSL has a feature SSL_MODE_AUTO_RETRY which makes it process TLS messages
>*after* the Finished message. i.e. the Session Ticket, etc. When an
>application calls SSL_Read(), all of the TLS data is processed, instead of
>just the "TLS finished" message. They've made this th
On Mon, Feb 01, 2021 at 06:21:16AM +, Peter Gutmann wrote:
> Alan DeKok writes:
>
> >OpenSSL has a feature SSL_MODE_AUTO_RETRY which makes it process TLS messages
> >*after* the Finished message. i.e. the Session Ticket, etc. When an
> >application calls SSL_Read(), all of the TLS data is pro
10 matches
Mail list logo
