On Wednesday, 27 March 2019 14:51:43 CET Martin Thomson wrote:
> On Tue, Mar 26, 2019, at 14:30, Hubert Kario wrote:
> > On Tuesday, 26 March 2019 09:07:51 CET Martin Thomson wrote:
> > > We don't trust that the key share or certificate is good either, but
> > > once we have a Finished message, tha
On Tue, Mar 26, 2019, at 14:30, Hubert Kario wrote:
> On Tuesday, 26 March 2019 09:07:51 CET Martin Thomson wrote:
> > We don't trust that the key share or certificate is good either, but once we
> > have a Finished message, that is retroactively authenticated and can be
> > used. We rely on this
On Tuesday, 26 March 2019 09:07:51 CET Martin Thomson wrote:
> We don't trust that the key share or certificate is good either, but once we
> have a Finished message, that is retroactively authenticated and can be
> used. We rely on this property for a bunch of things.
yes, but those things are p
We don't trust that the key share or certificate is good either, but once we
have a Finished message, that is retroactively authenticated and can be used.
We rely on this property for a bunch of things.
On Mon, Mar 25, 2019, at 19:12, Hubert Kario wrote:
> On Monday, 25 March 2019 17:02:34 CET
On Monday, 25 March 2019 17:02:34 CET David Schinazi wrote:
> Ah, I see - thanks. In other words, the proposal requires trusting the
> server and the reply comes before the identity of the server has been
> authenticated.
exactly
> David
>
> On Mon, Mar 25, 2019 at 4:54 PM Hubert Kario wrote:
>
Ah, I see - thanks. In other words, the proposal requires trusting the
server and the reply comes before the identity of the server has been
authenticated.
David
On Mon, Mar 25, 2019 at 4:54 PM Hubert Kario wrote:
> On Monday, 25 March 2019 15:09:21 CET David Schinazi wrote:
> > Hi Hubert,
> >
On Monday, 25 March 2019 15:09:21 CET David Schinazi wrote:
> Hi Hubert,
>
> Can you elaborate on how "TLS is a providing integrity and authenticity to
> the IP address information"? In my understanding, TLS only provides
> integrity and authenticity to a byte stream, not to how your byte stream i
Hi Hubert,
Can you elaborate on how "TLS is a providing integrity and authenticity to
the IP address information"? In my understanding, TLS only provides
integrity and authenticity to a byte stream, not to how your byte stream is
being transported over the network.
Thanks,
David
On Mon, Mar 25,
I wanted to rise one comment on the IETF session, but we ran out of time:
given that TLS is a providing integrity and authenticity to the IP address
information, shouldn't the protocol require the client to perform the full
handshake and only then request information from the server? I.e. make i
