While discussing the other changes with Joe, I noted the AES-128 CCM PSK cipher
suites listed need to be the ones that are being registered in
draft-ietf-tls-ecdhe-psk-aead. That draft lists two:
TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256
TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
while draft-ietf
IF there's an objection to modifying the extension in order to add a
pin-to-DANE TTL field, I would propose the following instead:
Make the pin-to-DANE be "forever" but make it so it can easily be
cleared if DANE is undeployed for the service.
That would look like this:
- if the server
This is a reminder to get those requests in!
Thanks,
spt
> On Jan 30, 2018, at 15:55, Sean Turner wrote:
>
> All,
>
> The TLS WG will meet @ IETF101. Please submit requests for agenda time to
> tls-cha...@ietf.org. Along with your request please let us know how long you
> would like. We
