Bernard Aboba wrote: > Thank you for your detailed comments. > > I have produced an updated version of the document to address these and > other IETF last call comments: > http://www.drizzle.com/~aboba/EMU/draft-simon-emu-rfc2716bis-12.txt
Except as noted below those look fine. And since the things below are ok too, I've no remaining issues with this draft. Regards, Stephen. > - 2.1.3 3rd para says "verify the hash" without saying which hash. > > [BA] I presume we're talking about the Finished message, no? Do we need to > state that explicitly? I'd just say "verify the finished message" but its a nit. > - 2.1.5 is "may be desirable" right? That paragraph seems a bit vague > overall. > > [rmh] Yes, that is an ok change. > > [BA] Are we talking about the second paragraph? Is there a suggested > change in the text? > > " In order to protect against reassembly lockup and denial of service > attacks, it may be desirable for an implementation to set a maximum > size for one such group of TLS messages. Since a single certificate > is rarely longer than a few thousand octets, and no other field is > likely to be anywhere near as long, a reasonable choice of maximum > acceptable message length might be 64 KB." Actually on re-reading I also it clearer so you can ignore me here (must've had a bad day before:-) _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
