On Mon, 2017-12-04 at 17:24 -0800, Eric Rescorla wrote:
> Hi folks,
>
> I've put together a PR that attemps to address the PSS issue.
>
> See:
> https://github.com/tlswg/tls13-spec/pull/1114
>
>
> Because there are platforms which don't have any support for PSS in
> the cert validator, at all,
Hi folks,
I now have some preliminary numbers to share with the group based on
our Firefox experiments. The executive summary is that our data
confirms Google's results. More detail below.
EXPERIMENTAL DESIGN
This is a forced experiment in which each client tries all the
variants. The experiment
On Tue, Dec 5, 2017 at 1:35 PM, Eric Rescorla wrote:
> Hi folks,
>
> I now have some preliminary numbers to share with the group based on
> our Firefox experiments. The executive summary is that our data
> confirms Google's results. More detail below.
>
>
> EXPERIMENTAL DESIGN
> This is a forced
Thank you for the thoughtful responses so far. I have been working in the
middlebox arena for more than 20 years, and I am also concerned about the state
of certain implementations. I would like to think that the TLS stack that my
team and I maintain have no serious security flaws, but vulnera
Hi,
As tls 1.3 is being worked upon, older work like rfc 6520 and any enhancements
to it may not be as important.
Also, particularly the TLS heartbeat feature, which has become famous for wrong
reasons, is disabled by the SSL implementations eg OpenSSL.
I tried to uncover an issue below pertai
