On Sun, Nov 20, 2016 at 5:42 PM, Yuhong Bao <yuhongbao_...@hotmail.com> wrote:
> I can't help but notice the text: > "Versions of TLS before 1.3 supported compression with the list of > supported compression methods being sent in this field. For every TLS 1.3 > ClientHello, this vector MUST contain exactly one byte set to zero, which > corresponds to the “null” compression method in prior versions of TLS. If a > TLS 1.3 ClientHello is received with any other value in this field, the > server MUST abort the handshake with an “illegal_parameter” alert. Note > that TLS 1.3 servers might receive TLS 1.2 or prior ClientHellos which > contain other compression methods and MUST follow the procedures for the > appropriate prior version of TLS." > IMO, the compression methods section of ClientHello should be ignored as > mentioned by Martin Rex. I'm not seeing any good reason for this. We don't want anyone to offer compression and it's not like it's difficult for 1.3 implementations to not offer it. It may be too late for that, but RC4 IMO should be a SHOULD NOT not a MUST > NOT. > One reason for that is that it is not broken the way that say 56-bit > encryption is. > The IETF has already decided this issue: https://tools.ietf.org/rfcmarkup?doc=7465 -Ekr > From: TLS <tls-boun...@ietf.org> on behalf of Joseph Salowey < > j...@salowey.net> > Sent: Wednesday, October 26, 2016 7:56 PM > To: tls@ietf.org > Subject: [TLS] Working Group Last Call for draft-ietf-tls-tls13-18 > > > This is a working group last call announcement > for draft-ietf-tls-tls13-18, to run through November 20. If possible, > we would like to receive comments on the list by November 13 so they > can be discussed at the meeting in Seoul. We hope to address > any substantive issues raised during that process shortly thereafter. > > > In order to allow for cryptographic review, we will delay submission of > the draft to the IESG until the end of January 2017; there will be an > opportunity to address any issues discovered by the cryptographic > community prior to submission to the IESG. > > > Cheers, > > > Joe > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
