[TLS] I-D Action: draft-ietf-tls-dtls13-27.txt

2018-07-02 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : The Datagram Transport Layer Security (DTLS) Protocol Version 1.3 Authors : Eric Rescorla

[TLS] I-D Action: draft-ietf-tls-dtls13-28.txt

2018-07-02 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : The Datagram Transport Layer Security (DTLS) Protocol Version 1.3 Authors : Eric Rescorla

[TLS] I-D Action: draft-ietf-tls-dtls-connection-id-01.txt

2018-07-02 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : The Datagram Transport Layer Security (DTLS) Connection Identifier Authors : Eric Rescorla

Re: [TLS] draft-ietf-tls-dnssec-chain-extensions security considerations

2018-07-02 Thread Bill Frantz
On 6/25/18 at 9:20 PM, j...@salowey.net (Joseph Salowey) wrote: Hi Folks, There has been some discussion with a small group of folks on github - https://github.com/tlswg/dnssec-chain-extension/pull/19. I want to make sure there is consensus in the working group to take on the pinning work and

[TLS] I-D Action: draft-ietf-tls-subcerts-01.txt

2018-07-02 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : Delegated Credentials for TLS Authors : Richard Barnes Subodh Iyengar

[TLS] FW: New Version Notification for draft-barnes-tls-pake-02.txt

2018-07-02 Thread Owen Friel (ofriel)
Hey all, Following up from the threads in April, a new version has been posted that addresses some of those comments, and makes the TLS extensions generic enough to transport any PAKE, with some open questions on PAKE algorithm agility. All feedback on making the extension generic for transporti

[TLS] DNS-based Encrypted SNI

2018-07-02 Thread Eric Rescorla
Hi folks, I just submitted: https://tools.ietf.org/html/draft-rescorla-tls-esni-00 This draft describes a DNS-based approach to doing encrypted SNI. Previously, we had thought this wouldn't work because only sites that were particularly vulnerable would do it, and so the use of ESNI marks you

Re: [TLS] DNS-based Encrypted SNI

2018-07-02 Thread Paul Wouters
On Mon, 2 Jul 2018, Eric Rescorla wrote:   https://tools.ietf.org/html/draft-rescorla-tls-esni-00 This is at a pretty early stage, so comments, questions, defect reports welcome. This structure is placed in the RRData section of a TXT record as a base64-encoded string. If

Re: [TLS] DNS-based Encrypted SNI

2018-07-02 Thread Eric Rescorla
On Mon, Jul 2, 2018 at 8:53 PM, Paul Wouters wrote: > On Mon, 2 Jul 2018, Eric Rescorla wrote: > > https://tools.ietf.org/html/draft-rescorla-tls-esni-00 >> > > This is at a pretty early stage, so comments, questions, defect >> reports welcome. >> > > > This structure is placed in the R