On Sat, Jul 25, 2015 at 09:07:49PM +0200, Eric Rescorla wrote:
>
>
> We agreed on how to do this in Prague. The sticking point was establishing
> the cipher suite. I have WIP text on my machine for both of these which I
> will be
> sending early next week, once I get enough sleep to be able to cl
> Well, TLS is also used for non-browser HTTPS and stuff other than HTTPS.
> There one likely "preconfigures" client certificates if needed.
The proposed client authentication mechanism specifically addresses the case
where the client does not have one "preconfigured" cert.
> - TLS-level client c
> use CertificateRequest within the handshake, and the new content type outside
> of it
Would the client then also use this new content type for Certificate and
CertificateVerify messages (when these are sent after the handshake is
complete)?
Cheers,
Andrei
-Original Message-
From: T
Hubert Kario writes:
> On Saturday 01 August 2015 23:16:42 Florian Weimer wrote:
>> * Hubert Kario:
>> > On Tuesday 28 July 2015 16:01:55 Viktor Dukhovni wrote:
>> >> In that case, it should be said that a client MUST NOT advertise
>> >> TLS 1.3 unless it offers at least one of the TLS 1.3 MTI ci
On Jul 22, 2015, at 13:12, Yoav Nir wrote:
> I’d like to hear from the chairs if it’s OK to rename stuff in the IANA
> registry.
It is fine to rename stuff in the registries. As Dave pointed out we just did
that in the FFDHE draft. Just make sure to put the instructions about what to
rename
On Saturday 01 August 2015 23:16:42 Florian Weimer wrote:
> * Hubert Kario:
> > On Tuesday 28 July 2015 16:01:55 Viktor Dukhovni wrote:
> >> In that case, it should be said that a client MUST NOT advertise
> >> TLS 1.3 unless it offers at least one of the TLS 1.3 MTI ciphers
> >> (or perhaps less r
