I am reading your TLS 3.1 Standard and the mailing list.
It looks great.
I am particularly interested in using the 0-RTT feature for IoT timestamped
data, which would seem immune from replay attacks
I have a couple of questions
1) The maximum ticket lifetime is set to 7 days. Is this bas
A new meeting session request has just been submitted by Sean Turner, a Chair
of the tls working group.
-
Working Group Name: Transport Layer Security
Area Name: Security Area
Session Requester: Sean Turner
Number of Sessions: 1
Length o
On Thu, Feb 09, 2017 at 12:38:50PM -, Mark Dunn wrote:
> I am reading your TLS 3.1 Standard and the mailing list.
>
> It looks great.
>
> I am particularly interested in using the 0-RTT feature for IoT timestamped
> data, which would seem immune from replay attacks
>
>
>
> I have a coupl
I've just posted a pull request which slightly adjusts the structure of key
derivation.
PR#875 adds another Derive-Secret stage to the left side of the key ladder
between each pair of HKDF-Extracts. There are two reasons for this:
- Address a potential issue raised by Trevor Perrin where an attack
Hi folks,
We need to close on an issue about the size of the
state in the HelloRetryRequest. Because we continue the transcript
after HRR, if you want a stateless HRR the server needs to incorporate
the hash state into the cookie. However, this has two issues:
1. The "API" for conventional hashes
This is a good idea.
On 10 February 2017 at 08:15, Eric Rescorla wrote:
> - Address a potential issue raised by Trevor Perrin where an attacker
> somehow forces the IKM value to match the label value for Derive-Secret,
> in which case the output of HKDF-Extract would match the derived secret.
All,
We’ve got two outstanding PRs that propose changes to draft-ietf-tls-tls13
Section 5.5 “Limits on Key Usage”. As it relates to rekeying, these limits
have been discussed a couple of times and we need to resolve once and for all
whether the TLS WG wants to:
a) Close these two PRs and go w
Dear Sean, dear all,
I find the existing limits quite reasonable and would prefer that we'll
stay conservative here, so I'd prefer option a) go with the existing text.
Best regards,
Stanislav Smyshlyaev
2017-02-10 8:07 GMT+03:00 Sean Turner :
> All,
>
> We’ve got two outstanding PRs that prop
On 10 February 2017 at 16:07, Sean Turner wrote:
> a) Close these two PRs and go with the existing text [0]
> b) Adopt PR#765 [1]
> c) Adopt PR#769 [2]
a) I'm happy enough with the current text (I've implemented that any
it's relatively easy).
I could live with c, but I'm opposed to b. It just
