On Thu, Apr 23, 2020, at 11:24, Eric Rescorla wrote: > On Wed, Apr 22, 2020 at 4:54 PM Martin Thomson <m...@lowentropy.net> wrote: > > I prefer Ekr's solution, but I would go with that being a recommendation > > (SHOULD) as opposed to a requirement (MUST). > > Can you clarify where you think we should say SHOULD? The security considerations seems right. After the list of improvements over DTLS 1.2 CID. You would say that an endpoint that is asked to provide a CID SHOULD provide one in every record (with the compact header, etc...). If it does not, then it might be possible for an attacker to use that record to confirm guesses about linkability between two paths. Also, omitting the CID might make it hard to route datagrams. With all of this, you might want a section heading for all the CID stuff. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] DTLS 1.3 AEAD additional data Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additional data Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additional data Hanno Becker
- Re: [TLS] DTLS 1.3 AEAD additional data Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additional data Hanno Becker
- Re: [TLS] DTLS 1.3 AEAD additional ... Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additio... Hanno Becker
- Re: [TLS] DTLS 1.3 AEAD additio... Martin Thomson
- Re: [TLS] DTLS 1.3 AEAD additio... Christopher Wood
- Re: [TLS] DTLS 1.3 AEAD additio... Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additio... Martin Thomson
- Re: [TLS] DTLS 1.3 AEAD additio... Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additio... Hanno Becker
- Re: [TLS] DTLS 1.3 AEAD additio... Martin Thomson
- Re: [TLS] DTLS 1.3 AEAD additio... Hanno Becker
- Re: [TLS] DTLS 1.3 AEAD additio... Martin Thomson
- Re: [TLS] DTLS 1.3 AEAD additio... Eric Rescorla
- Re: [TLS] DTLS 1.3 AEAD additio... Christopher Wood
- Re: [TLS] DTLS 1.3 AEAD additio... Thomas Fossati
- Re: [TLS] DTLS 1.3 AEAD additio... Thomas Fossati
- Re: [TLS] DTLS 1.3 AEAD additio... Thomas Fossati