Reviewer: Martin Thomson
Review result: Ready with Issues
This document addresses some of the less obvious aspects of how pre-shared keys
can be used in TLS. A lot of this advice isn't specific to TLS, but it is a
helpful document. For someone who might be deploying a protocol that relies on
On Tue, Nov 02, 2021 at 01:18:22PM +0100, alex.sch...@gmx.de wrote:
> my question addresses the negotiation of the "encrypt_then_mac" extension
> proposed in RFC 7366 and, specifically, two possible interpretations of such
> negotiation when using AEAD ciphers.
I think the source of the
Dear ladies and gentlemen,
my question addresses the negotiation of the "encrypt_then_mac" extension
proposed in RFC 7366 and, specifically, two possible interpretations of such
negotiation when using AEAD ciphers.
In summary, the client and server could interpret the negotiation of the
>Indeed it is hard to see how OpenSSL project governance and development
priorities are a subject matter for the IETF TLS and/or QUIC working
groups.
It's actually pretty easy to see. Many IETF participants work for companies
that depend on OpenSSL and the recent announcement has
On Wed, Nov 03, 2021 at 11:12:00AM +0100, Robin MARX wrote:
> I'm wondering if you could give a bit more details about the expected
> outcome of this meeting?
Indeed it is hard to see how OpenSSL project governance and development
priorities are a subject matter for the IETF TLS and/or QUIC
Reposted here (with permission) since I think it's important to get this on
the record for discussion on this list. It's always interesting to read about
protocol implementation details, especially if others can learn from them.
Peter.
-- Snip --
Please change your mind about your announced
* I'm wondering if you could give a bit more details about the expected
outcome of this meeting?
I have no plan, let’s see what the community thinks. (And this is not just me,
this started with some people reaching out to me.) Here are some potential
outcomes in my view:
* People get
Hello Rich,
I'm wondering if you could give a bit more details about the expected
outcome of this meeting?
IIUC, most people in the QUIC wg at least seem to be of the same opinion
that the OpenSSL plans are bad; I'm not sure IETF people (and even most
other QUIC implementers/users) need (more)
