Re: [TLS] RFC 8998

Well, the “sm2sig_sm3” OID is defined in a Chinese national standard named GM/T 0006-2012, as an appendix. The English translation of the appendix is: http://gmssl.org/docs/oid.html . Those OIDs are listed on http://www.oid-info.com/ as

Re: [TLS] last call: draft-ietf-kitten-tls-channel-bindings-for-tls13-02

IIUC a channel binding (in this context) provides a unique "name" for a channel. In the case where two distinct protocols running over the top of TLS use this definition, they will both get the same channel binding. It might be useful to pull out in the security considerations one consideration fro

Re: [TLS] Question to TLS 1.3 and certificate revocation checks in long lasting connections

One option that I haven't seen mentioned in the thread is Exported Authenticators . EAs let you send a certificate from either side of the connection at any point after the handshake is complete. I'm not sure what the behaviour

Re: [TLS] implementing ESNI/ECH draft-09

Hiya, Since I was logged into the github web site (as happens occasionally but not often) and as requested at the TLS session, I translated the text below into github issues in the hope that they might be included in discussion. Links to each below. On 28/02/2021 17:34, Stephen Farrell wrote:

[TLS] RFC 8998

This RFC includes: 3.3.3. Certificate When a server sends the Certificate message containing the server certificate to the client side, several new rules are added that will affect the certificate selection: * The public key in the certificate MUST be a valid SM2 public key. *

Re: [TLS] last call: draft-ietf-kitten-tls-channel-bindings-for-tls13-02

+1 ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] last call: draft-ietf-kitten-tls-channel-bindings-for-tls13-02

On Wed, Mar 10, 2021 at 11:25 AM Robbie Harwood wrote: > > Hello kitten and TLS, > > Our document defining TLS 1.3 channel bindings is now in 2-week last > call (to end 2021-03-24). That document can be viewed at: > > https://datatracker.ietf.org/doc/draft-ietf-kitten-tls-channel-bindings-for-tls

[TLS] last call: draft-ietf-kitten-tls-channel-bindings-for-tls13-02

Hello kitten and TLS, Our document defining TLS 1.3 channel bindings is now in 2-week last call (to end 2021-03-24). That document can be viewed at: https://datatracker.ietf.org/doc/draft-ietf-kitten-tls-channel-bindings-for-tls13/ If you read the document during this period, please submit a re

Re: [TLS] Regarding draft-bartle-tls-deprecate-ffdhe

> Which is not nearly as strong as "MUST NOT", which is what I take > deprecation to mean. Am I wrong about the intended meaning of > "deprecation"? That's my understanding as well. > On Mar 9, 2021, at 1:04 PM, Viktor Dukhovni wrote: > > On Tue, Mar 09, 2021 at 11:29:40AM -0800, Carrick Bart

Re: [TLS] Comments on draft-friel-tls-eap-dpp-01

[ofriel] Another requirement is that the full public key Y_c is not transmitted as part of TLS handshake from client to server. We cannot not use RFC 7250 as is. Instead, something like the Known Certificates proposal in cTLS https://tools.ietf.org/html/draft-ietf-tls-ctls-01#section-5.1.3 wou

Re: [TLS] Comments on draft-friel-tls-eap-dpp-01

On Wed, Mar 10, 2021 at 7:12 AM Dan Harkins wrote: > > > I'm not sure of the distinction you're making here. But let me address > a misconception mentioned earlier (not by you, but mentioned nonetheless) > to hopefully clear this up: > > In DPP the public key is not secret, but the knowledge of

Re: [TLS] Comments on draft-friel-tls-eap-dpp-01

On Wed, Mar 10, 2021 at 7:12 AM Dan Harkins wrote: > > > On 3/10/21 4:12 AM, Eric Rescorla wrote: > > > > On Tue, Mar 9, 2021 at 11:43 PM Owen Friel (ofriel) > wrote: > >> *From:* TLS *On Behalf Of *Eric Rescorla >> *Sent:* 09 March 2021 06:27 >> *To:* Dan Harkins >> *Cc:* >> *Subject:* Re:

Re: [TLS] Comments on draft-friel-tls-eap-dpp-01

On 3/10/21 4:12 AM, Eric Rescorla wrote: On Tue, Mar 9, 2021 at 11:43 PM Owen Friel (ofriel) > wrote: *From:*TLS mailto:tls-boun...@ietf.org>> *On Behalf Of *Eric Rescorla *Sent:* 09 March 2021 06:27 *To:* Dan Harkins mailto:dhark...@lounge.org>>

Re: [TLS] Comments on draft-friel-tls-eap-dpp-01

On Tue, Mar 9, 2021 at 11:43 PM Owen Friel (ofriel) wrote: > > > > > *From:* TLS *On Behalf Of *Eric Rescorla > *Sent:* 09 March 2021 06:27 > *To:* Dan Harkins > *Cc:* > *Subject:* Re: [TLS] Comments on draft-friel-tls-eap-dpp-01 > > > > > > > > On Mon, Mar 8, 2021 at 1:18 PM Dan Harkins wro