Re: [TLS] A use of flags

2019-04-01 Thread Hubert Kario
On Friday, 29 March 2019 10:24:44 CEST Martin Thomson wrote: > On Thu, Mar 28, 2019, at 14:46, Hubert Kario wrote: > > what about resumption and renegotiation? > > No certificates in resumption. > > No resumption in TLS 1.3 (and I don't care about TLS 1.2 any more). then say explicitly that it's

Re: [TLS] A use of flags

2019-03-29 Thread Martin Thomson
On Fri, Mar 29, 2019, at 11:18, Andrei Popov wrote: > > No resumption in TLS 1.3... > You probably mean no renegotiation in TLS 1.3. Of course, thank you. Not nearly enough sleep this week. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman

Re: [TLS] A use of flags

2019-03-29 Thread Andrei Popov
> No resumption in TLS 1.3... You probably mean no renegotiation in TLS 1.3. -Original Message- From: TLS On Behalf Of Martin Thomson Sent: Friday, March 29, 2019 10:25 AM To: Hubert Kario ; tls@ietf.org Subject: Re: [TLS] A use of flags On Thu, Mar 28, 2019, at 14:46, Hubert Ka

Re: [TLS] A use of flags

2019-03-29 Thread Martin Thomson
On Thu, Mar 28, 2019, at 14:46, Hubert Kario wrote: > what about resumption and renegotiation? No certificates in resumption. No resumption in TLS 1.3 (and I don't care about TLS 1.2 any more). ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mai

Re: [TLS] A use of flags

2019-03-28 Thread Hubert Kario
On Wednesday, 27 March 2019 15:35:21 CET Martin Thomson wrote: > Inspired by a few side discussions and Yoav's new draft, I have the pleasure > of announcing the first proposal to use that mechanism: > > https://tools.ietf.org/html/draft-thomson-tls-sic-00 in the situation when the server or cli

Re: [TLS] A use of flags

2019-03-27 Thread David Benjamin
Is the concern that servers which never renegotiate and do not send any renegotiation_info are being flagged on ratings systems? That is desired behavior. See the final paragraph of section 4.3 . Those servers should be sending an empty renegotiation

Re: [TLS] A use of flags

2019-03-27 Thread Salz, Rich
I would like to define a flag that says "no renegotiation allowed" This has come up (for pre 1.3 of course) a couple of times, that while you can signal "defaut" or "only secure" renegotiation, you can't signal "no renegotiation" in a way that is visible purely on the wire, to things like SSLLa

[TLS] A use of flags

2019-03-27 Thread Martin Thomson
Inspired by a few side discussions and Yoav's new draft, I have the pleasure of announcing the first proposal to use that mechanism: https://tools.ietf.org/html/draft-thomson-tls-sic-00 I'm sure that there are plenty of opportunities to bike shed on the flags format, but it's definitely useful