Is removing HRR on the table? Maybe just opening a new socket would suffice?
thanks, Rob On Mon, Oct 24, 2022 at 13:08 Eric Rescorla <e...@rtfm.com> wrote: > Hi Folks, > > I have just published draft-ietf-tls-rfc8446bis-05, with > the following changes: > > * Update the extension table (Issue 1241) > * Clarify user_canceled (Issue 1208) > * Clarify 0-RTT cache side channels (Issue 1225) > * Require that message reinjection be done with the current hash. > Potentially a clarification and potentially a wire format > change depending on previous interpretation (Issue 1227) > > I landed a few current PRs without review. If people think I handled > these incorrectly or mis-merged, please flag that. > > This includes most of the outstanding issues and PRs. > The following remain: > > PRS > 1275 -- Clarifying unsolicited extensions > [Waiting for review from Kaduk] > 1270 -- The impact of excessive key updates > [Working on text with MT] > 1269 -- A new error for invalid tickets > [see below] > 1231 -- Update in light of RFC 8773 > [I missed this, but will get to it on my next pass] > > > SUBSTANTIVE ISSUES > 1223, 1224 -- Revising the HRR rules > 1278 -- There are no entries in the table for which TLS 1.3 > messages token binding goes in. > > > As preview of our discussion in London. > > I believe I can handle 1275, 1270, and 1231 at the editorial > level. > > I believe we should not land 1269. As noted in the issue there is > already an unknown_psk_identity, which captures this. I propose to > close this issue. > > We need to agree on what appears in the table for token binding. > I think this is mechanical. MT? DavidBen? Andrei? > > > This leaves us with 1223 and 1224. I agree that the HRR semantics > are a little confusing, but we don't seem to be making much > progress on revising them and given that 8446 is already > out, I think we should just publish this revision and then > if people get energy to address this issue we can do so later. > > > -Ekr > > > > > > > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls