Hi,This version mainly aims to clarify "Threat model" (Sec. 5.2) as the previous version was found to be challenging to use. Wei, please let me know if this is more understandable and useful. Please let me know if it is still not in actionable form for you, and in particular which subsection you find difficult. Thank you.
Two other (small) changes are: 1. What I think would be useful to discuss in meetings (Sec. 3.6) 2. Pointer to observation from ongoing formal analysis (as already shared on list) and open question on "cost" of ML-KEM thingy (Sec. 3.2.1.x). And not to go through another cycle of the debates, please note that the statement in Sec. 3.2.1.1 clearly points to Security Considerations, which clearly acknowledge potential limitations of the formal analysis.I welcome any further feedback, or what kind of guidance authors will find helpful. Thanks.
Best regards, -Usama -------- Forwarded Message --------Subject: New Version Notification for draft-usama-tls-fatt-extension-04.txt
Date: Tue, 14 Apr 2026 14:27:50 -0700 From: [email protected]To: Muhammad Sardar <[email protected]>, Muhammad Usama Sardar <[email protected]>
A new version of Internet-Draft draft-usama-tls-fatt-extension-04.txt has been
successfully submitted by Muhammad Usama Sardar and posted to the IETF repository. Name: draft-usama-tls-fatt-extension Revision: 04 Title: Extensions to TLS FATT Process Date: 2026-04-14 Group: Individual Submission Pages: 16 URL: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-04.txt Status: https://datatracker.ietf.org/doc/draft-usama-tls-fatt-extension/ HTML: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-04.htmlHTMLized: https://datatracker.ietf.org/doc/html/draft-usama-tls-fatt-extension Diff: https://author-tools.ietf.org/iddiff?url2=draft-usama-tls-fatt-extension-04
Abstract: This document applies only to non-trivial extensions of TLS, which require formal analysis. It proposes the authors specify a threat model and informal security goals in the Security Considerations section, as well as motivation and a protocol diagram in the draft. We also briefly present a few pain points of the team doing the formal analysis which -- we believe -- require refining the process: * Contacting FATT * Understanding the opposing goals * Response within reasonable time frame * Discussion at meeting * Provide protection against FATT-bypass by other TLS-related WGs * Process not being followed The IETF Secretariat
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
