Re: [TLS] Point Compression

es as defined in > https://tools.ietf.org/id/draft-jivsov-ecc-compact-05.html > > Its main benefit is that the compressed point fits into field size / group > order size. There is no additional byte needed. > > On Fri, Jul 30, 2021 at 9:48 AM Carl Mehner wrote: > >> As reque

[TLS] Point Compression

As requested during ekr's presentation , I will volunteer to write up a draft for defining new "supported groups" for compressed NIST curves. I didn't see/hear any objections during the tls-wg meeting, but thought I should probably confirm on the list before I go

Re: [TLS] Breaking into TLS to protect customers

On Thu, Mar 15, 2018 at 9:59 AM, Kathleen Moriarty < kathleen.moriarty.i...@gmail.com> wrote: > I think what Yoav is referring to by detecting BOTS within the > network, is really so called advance persistent threat (APT) actors > that are moving around the internal network leveraging existing acce

Re: [TLS] Update on TLS 1.3 Middlebox Issues

I think this third option is a good idea, it's worked in the past with at least 2 different load balancers and (to an extent) with a certain color of proxy. People that work in "Enterprises" do follow this list and can help open tickets with vendors and get the work prioritized. On Oct 6, 2017 8

Re: [TLS] draft-green-tls-static-dh-in-tls13-01

On Thu, Jul 20, 2017 at 10:38 AM, Simon Friedberger wrote: > I would like to point out that a lot of this discussion seems to hinge > on the following argument: > > > On 17/07/17 13:04, Roland Dobbins wrote: >> On 16 Jul 2017, at 11:14, Salz, Rich wrote: >> >>> I really want to hear an answer to t

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

On Mon, Jul 17, 2017 at 10:32 AM, Roland Dobbins wrote: > On 17 Jul 2017, at 16:52, Carl Mehner wrote: > >> Do you have an example of where malware would be on your intranet where >> using this >> draft would help you? > > > Sure - detecting attempted additiona

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

On Mon, Jul 17, 2017 at 9:11 AM, Dobbins, Roland wrote: > > > On Jul 17, 2017, at 15:59, Carl Mehner wrote: > > the only way that this draft would help you > with malware analyzing) > > > This statement is factually incorrect. It’s not the only way, as I've ju

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

remove malware analysis from this list of arguments for this draft. On Mon, Jul 17, 2017 at 8:54 AM, Dobbins, Roland wrote: > > > On Jul 17, 2017, at 15:40, Carl Mehner wrote: > > Why would malware use this draft? > > > Nobody said anything about malware using this draft. >

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

On Mon, Jul 17, 2017 at 8:35 AM, Dobbins, Roland wrote: >> On Jul 17, 2017, at 15:15, Carl Mehner wrote: >> beginning to encrypt traffic inside the TLS tunnel. > Yes, some (but by no means all) are - which means that in such cases, the > ability to look inside the TLS tunnel s

Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

On Mon, Jul 17, 2017 at 8:02 AM, Dobbins, Roland wrote: > > > On Jul 17, 2017, at 14:14, Russ Housley wrote: > > I think that the IDS is trying to detect the an infected server trying to > migrate to another server. Malware often includes a series of exploits that > are tried in sequence to infe