Re: [TLS] Consensus call for keys used in handshake and data messages

nlikely that (1) actually has any significant positive effect (in the TLS case, unsure about DTLS) as it is probably easy for a passive observer to infer the content type from the data flow. -- Henrik Grubbström gru...@grubba.org Roxen Internet Software AB

Re: [TLS] adopted: draft-mattsson-tls-ecdhe-psk-aead

sson-tls-ecdhe-psk-aead works as a draft name let us know and > one of > us can pre-approve the draft so we can start moving this draft through the > process. I assume you intended to write "draft-ietf-tls-ecdhe-psk-aead" here? -- Henrik Grubbström

Re: [TLS] [Editorial Errata Reported] RFC6347 (4642)

Version 1.0, which uses the version { 254, 255 }. The version value of 254.255 is the 1's complement of DTLS Version 1.0. If the suggested text had been correct, then the encoding in RFC 4347 would have been { 254, 254 } as DTLS 1.0 is based on TLS 1.1. -- Henrik Grubbström

Re: [TLS] Should we require implementations to send alerts?

able is *not* to close the socket immediately, which is > apparently not what you (or existing APIs) expect, and which is where > the difficulty lies. What about SO_LINGER? -- Henrik Grubbström gru...@grubba.org Roxen Inter

Re: [TLS] Deprecate SHA1 for signatures in TLS 1.3 (was Re: TLS 1.3 draft-07 sneak peek)

On Fri, Jul 10, 2015 at 4:29 PM, Martin Rex wrote: > Henrik Grubbström wrote: >> Martin Rex wrote: >>> The issue here is the (lack of the) TLSv1.2 signature_algorithms extension. >>> >>> Windows SChannel appears to treat the absence of this extension >>