Re: [TLS] TLS@IETF101 Agenda Posted

2018-03-10 Thread stephen . farrell 
Hiya,

On Saturday, 10 March 2018, Melinda Shore wrote:
> On 3/9/18 12:57 PM, Kathleen Moriarty wrote:
> > The hummed answer to that question was very close to 50/50 in the
> > room, inconclusive.
> 
> From the perspective of consensus decision-making that's
> actually very clear - there's no consensus.  What that
> means in practice depends on the question that was asked,
> but at any rate I think what matters here is a lack of
> consensus.

Agreed. My earlier mail pointed at the minutes as to the question.  

> 
> Also, there's been basically no discussion of the draft
> on the mailing list, and I'm not sure why.
>

There was lots of discussion about -00, late last year.  -01 isn't 
significantly different afaics. From my pov that discussion was entirely 
predictable indicating no significant changes in position. 

Cheers 
S
 
> Melinda
> 
> -- 
> Software longa, hardware brevis
> 
> PGP fingerprint: 4F68 2D93 2A17 96F8 20F2
>  34C0 DFB8 9172 9A76 DB8F
> 
>
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Duplicate oid_filters

2018-03-10 Thread Ilari Liusvaara 
On Fri, Mar 09, 2018 at 07:35:09PM -0500, Sean Turner wrote:
> 
> > On 03/09/2018 03:35 PM, Eric Rescorla wrote:
> >> 
> >> The current text neither allows nor prohibits the same OID
> >> appearing twice. We should do one or the other.
>
> Okay so the OIDs can’t appear twice in the certificate, because
> certificate extensions are only supposed to appear once so why
> don’t we just follow suit and require no dupes?

Duplicate OIDs do not look to be useful either:

- All of currently defined filters have "all of" behavior.
- Duplicate filters would presumably intersect.
- Thus, one can rewrite a filter that has duplicate OIDs with just
  each OID once.



-Ilari

___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls