Yoav Nir writes:
>I feel the pain (I know some administrators who have made this mistake), but
>it’s always best to test with something like “openssl s_client”.
That's quite possibly the worst thing to test it with, because it's what
everyone else also tests against, so it's the thing that every
On Friday 28 August 2015 20:17:11 Geoffrey Keating wrote:
> Jeffrey Walton writes:
> > > Also, if DSA was to be supported, one would need to specify how to
> > > determine the hash function (use of fixed SHA-1 doesn't fly). And
> > > 1024-bit prime is too small.
> >
> > FIPS186-4
> > (http://nvlp
This is the working group last call for draft-ietf-tls-chacha20-poly1305-00.
Please send any comments on the TLS working group list by September 16,
2015.
Thanks,
J&S
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
>> > > Also, if DSA was to be supported, one would need to specify how to
>> > > determine the hash function (use of fixed SHA-1 doesn't fly). And
>> > > 1024-bit prime is too small.
>> >
>> > FIPS186-4
>> > (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf)
>> > partially remediates the i
Alissa Cooper has entered the following ballot position for
draft-ietf-tls-padding-02: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to http
Alvaro Retana has entered the following ballot position for
draft-ietf-tls-padding-02: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to http
>
>
> As Alissa, I was wondering why it wasn’t easier to fix the one
> implementation instead.
>
>
Because it's widely fielded, and browsers don't know in advance what
kind of server they are talking to.
> The shepherd wrote: "Since then it has been found that this extension can
> server (sic)
On Tuesday, September 01, 2015 11:24:59 am Jeffrey Walton wrote:
> Regarding "who would actually use it": folks in US Federal (and those
> doing business in US Federal) don't have the choices that others have.
They, however, obviously do have the choice of switching from DSA to ECDSA, so
that arg
On Tue, Sep 1, 2015 at 1:16 PM, Dave Garrett wrote:
> On Tuesday, September 01, 2015 11:24:59 am Jeffrey Walton wrote:
>> Regarding "who would actually use it": folks in US Federal (and those
>> doing business in US Federal) don't have the choices that others have.
>
> They, however, obviously do
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security Working Group of the
IETF.
Title : A TLS ClientHello padding extension
Author : Adam Langley
Filename: dra
There is a third option: you don't get to use TLS 1.3 until the government
requirements are updated.
I'm fine with that.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
On 9/1/15, 13:54 , "TLS on behalf of Dave Garrett" wrote:
>On Tuesday, September 01, 2015 01:24:05 pm Jeffrey Walton wrote:
>>> They, however, obviously do have the choice of switching from DSA to
>>>ECDSA, so that argument doesn't make much sense here.
>>
>> I suppose that depends on how threate
On Tue, Sep 1, 2015 at 2:02 PM, Blumenthal, Uri - 0553 - MITLL
wrote:
> On 9/1/15, 13:54 , "TLS on behalf of Dave Garrett" on behalf of davemgarr...@gmail.com> wrote:
>
>>On Tuesday, September 01, 2015 01:24:05 pm Jeffrey Walton wrote:
They, however, obviously do have the choice of switching
On 9/1/15 14:49 , Watson Ladd wrote:
On Tue, Sep 1, 2015 at 2:02 PM, Blumenthal, Uri - 0553 - MITLL
wrote:
On 9/1/15, 13:54 , "TLS on behalf of Dave Garrett" wrote:
On Tuesday, September 01, 2015 01:24:05 pm Jeffrey Walton wrote:
They, however, obviously do have the choice of switching from
On Tue, Sep 1, 2015 at 12:17 PM, Blumenthal, Uri -- 0553 -- MITLL <
u...@ll.mit.edu> wrote:
> I am not tracking patents - have neither time, nor interest in doing that.
> But I'm not releasing commercial software. I think somebody made a list of
> the patents owned by Certicom, but I can't recall
DJB's work is good and commendable. I personally think that EdDSA (and
ECDSA, for that matter) are not covered by Certicom's patents.
But IANAL (I Am Not A Lawyer)... I *can* understand vendors who would
hold until either an explicit IPR release is posted, or the
(potentially!) relevant patent
On Tuesday, September 1, 2015, Blumenthal, Uri -- 0553 -- MITLL <
u...@ll.mit.edu> wrote:
> But IANAL (I Am Not A Lawyer)... I *can* understand vendors who would hold
> until either an explicit IPR release is posted, or the (potentially!)
> relevant patents expire.
>
> Then those hypothetical peop
>> But IANAL (I Am Not A Lawyer)... I *can* understand vendors who would hold
>> until either an explicit IPR release is posted, or the (potentially!)
>> relevant patents expire.
>
> Then those hypothetical people should use RSA signatures and FFDHE key
> exchange
>
Ah, but they are not hypothetica
> On Aug 31, 2015, at 11:36 PM, Alissa Cooper wrote:
>
> Alissa Cooper has entered the following ballot position for
> draft-ietf-tls-padding-02: No Objection
>
> --
> COMMENT:
>
19 matches
Mail list logo
