A few nits. I'm relatively new to this mailing list, so apologies if any of
these have been brought up before.
- It's not clear to me whether a server should declare _all_ named groups it supports
in tls-supported-groups, or only the ones it prefers. The name of the service parameter,
as well as the text in section 3.2, suggests the former, but other places in the text
speak of a server's "preferences".
- If a server includes a named group in tls-supported-groups, is it then
obliged to accept a client's key_share for that named group, or may it still
respond with a HelloRetryRequest?
- Section 1: the sentence
"Named groups in this subset may be used in one, while named groups outside
the subset requires a HelloRetryRequest and two round trips."
would be easier to understand (at least for me) if it were phrased as
"Named groups in this subset can be used in one round trip, while named
groups outside the subset require a HelloRetryRequest and hence two round trips."
- Section 3.3: what should a client do if there are several named groups in
common? Should it send a key_share for the first match, or for its preferred
one, or for all matches?
- Section 3.4: in the second item of the list, the word "temporary" should be
"temporarily".
- Section 4: the structure of this section would be clearer if the second and
third paragraphs were formatted as list items rather than top-level paragraphs.
- Section 4: the two last sentences in the third paragraph contain important
information for server implementors; I suggest promoting these to a separate
section on server behavior, following section 3.3 on client behavior.
- Section 4, final paragraph: there is a gap between the first sentence
(which speaks of reducing the risk of downgrade attacks) and the rest of this
paragraph (which discusses other reasons why a client may ignore
tls-supported-groups). I suggest moving that rest (which isn't security
related) elsewhere, e.g. to section 3.3.
Marc Penninga
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
