[TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Martin Thomson
Nitpicks accepted, pull requests preferred: https://github.com/tlswg/tls13-spec/pull/317 ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Viktor Dukhovni
On Thu, Nov 05, 2015 at 06:47:51PM +0900, Martin Thomson wrote: > Nitpicks accepted, pull requests preferred: > > https://github.com/tlswg/tls13-spec/pull/317 I am having a hard time figuring out what's changing. Can you summarize the proposal? I'd like it to say: * The signature algorith

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Dave Garrett
On Thursday, November 05, 2015 04:38:34 pm Viktor Dukhovni wrote: > I'd like it to say: > > * The signature algorithms of self-signed certificates are > not subject to any constraints on either the supplicant or > the verifier. They are not required to match the supported >

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Viktor Dukhovni
On Thu, Nov 05, 2015 at 04:59:18PM -0500, Dave Garrett wrote: > On Thursday, November 05, 2015 04:38:34 pm Viktor Dukhovni wrote: > > I'd like it to say: > > > > * The signature algorithms of self-signed certificates are > > not subject to any constraints on either the supplicant or > >

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Dave Garrett
On Thursday, November 05, 2015 05:05:02 pm Viktor Dukhovni wrote: > On Thu, Nov 05, 2015 at 04:59:18PM -0500, Dave Garrett wrote: > > > On Thursday, November 05, 2015 04:38:34 pm Viktor Dukhovni wrote: > > > I'd like it to say: > > > > > > * The signature algorithms of self-signed certificate

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Viktor Dukhovni
On Thu, Nov 05, 2015 at 06:53:46PM -0500, Dave Garrett wrote: > On Thursday, November 05, 2015 05:05:02 pm Viktor Dukhovni wrote: > > On Thu, Nov 05, 2015 at 04:59:18PM -0500, Dave Garrett wrote: > > > > > On Thursday, November 05, 2015 04:38:34 pm Viktor Dukhovni wrote: > > > > I'd like it to sa

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Russ Housley
Martin: > Nitpicks accepted, pull requests preferred: > > https://github.com/tlswg/tls13-spec/pull/317 It might be useful to remind people about the difference between self-signed certificates and self-issued certificates. RFC 5280 says: Self-signed certificates are self-issued certificate

Re: [TLS] SHA-1 patch updated with Russ' suggestion

2015-11-05 Thread Viktor Dukhovni
On Thu, Nov 05, 2015 at 08:15:31PM -0500, Russ Housley wrote: > It might be useful to remind people about the difference between self-signed > certificates and self-issued certificates. RFC 5280 says: > >Self-signed certificates are self-issued certificates where the digital >signature m