Hi Rory,
I echo Watson and Martin, lets discuss this in the HTTP WG.
As for a very brief technical response. In general I'm supportive of the
idea of more agility of the static table but I think my motivations would
be different than the ones behind this proposal. For me, I'd like more
domain-spe
On Wed, Sep 27, 2023, at 01:32, Hewitt, Rory wrote:
> Apologies if I should respond directly to the mailing list - my old W3C
> profile has disappeared and I'm trying to get it back...
Just on this point. Watson added the HTTP working group, which I think is the
right thing to do here. The mai
Internet-Draft draft-ietf-tls-svcb-ech-00.txt is now available. It is a work
item of the Transport Layer Security (TLS) WG of the IETF.
Title: Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings
Authors: Ben Schwartz
Mike Bishop
Erik Nygren
Name:
Hello,
Today we made public the new approach for attacking RSA key exchange in
TLS,
and RSA based encryption in general (many multiple bugs we discovered
were caused by side channels in numerical library, which makes OAEP
implementations also vulnerable).
As usual, the recommendation is not to
Hi all,
A while back, we discussed using a DNS hint to predict key shares and
reduce HelloRetryRequest, but this was dropped due to downgrade issues. In
thinking through post-quantum KEMs and the various transitions we'll have
in the future, I realized we actually need to address those downgrade
i
Hey Watson,
Apologies if I should respond directly to the mailing list - my old W3C profile
has disappeared and I'm trying to get it back...
If the consensus is that the SETTINGS frame is the best place for it, that's
fine. Initially I decided on a new TLS extension because it seemed simpler an
Thanks! Both points sound good to me.
I pushed these changes to the main branch, I guess we'll wait to accumulate
more (hopefully small) changes before publishing a new version.
thanks,
Nimrod
On Thu, 21 Sept 2023 at 18:24, Thomas Fossati
wrote:
> Hi,
>
> Maybe I am completely confused but It
