> On Jan 14, 2019, at 5:39 PM, John Levine <[email protected]> wrote:
>
> now that RFC 8314 has defined the tls clause, why not put the data
> where the spec says?
Speaking of TLS handshake data in headers, while the "cipher" and
"group" are sufficient for TLS 1.2, where the cipher includes at
least the public key algorithm name. They are noticeably inadequate
for TLS 1.3, because the cipher includes only the bulk encryption
algorithm and PRF, but not signature algorithm. And there can be
two signature algorithms (one in each direction) when client certs
are in use. And I like to log the RSA key bit size or ECDSA curve
name. Hence the some elaborate Received header comment from the
upcoming Postfix release:
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
SHA256
client-signature ECDSA (P-256) client-digest SHA256)
Only hte "TLS_AES_256_GCM_SHA384" and "X25519" parts are covered by
the RFC. Don't whether anyone would care to formalize clauses for
the other parts...
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
