> On 29 Apr 2021, at 01:09, Martin Thomson wrote:
>
> On Wed, Apr 28, 2021, at 20:27, Sara Dickinson wrote:
>> An early version of this specification proposed a XoT specific ALPN in
>> order to distinguish this from a connection intended to perform
>> recursive to authoritative DoT (often ca
Martin,
The IETF Last Call on this document has completed on the 20th of April 2021 but
it is never too late of course.
I just added our security Area Directors in the loop so that know your question
for their ballot due for next week.
Regards
-éric
-Original Message-
From: dns-pr
>No new protocol should use TLS without ALPN. It only opens space for
> cross-protocol attacks. Did the working group consider this possibility in
> their discussions?
I don't believe that message has been made as public as it should be.
___
TLS
Probably not, but I agree with MT.
The general idea here is that any given protocol trace should only be
interpretable in one way. So, either you need the interior protocol to be
self-describing or you need to separate the domains with ALPN. I don't
believe that either the IP ACL or mTLS addresses
To make it obvious (I thought it was): I agree, and think we need to make that
fact more widely known.
From: Eric Rescorla
Date: Thursday, April 29, 2021 at 2:24 PM
To: Rich Salz
Cc: Martin Thomson , "dns-priv...@ietf.org"
, "tls@ietf.org"
Subject: Re: [dns-privacy] [TLS] Martin Duke's No Obj
On 29/04/2021 19:28, Salz, Rich wrote:
To make it obvious (I thought it was): I agree, and think we need to
make that fact more widely known.
I think I agree but seems like ECH may add a subtlety - maybe
what we need to promote is the idea that new protocols should
define new ALPN strings, bu
Hi Ekr,
As Sara wrote, the spec had ALPN. The WG consensus during the IETF 108
meeting was very strong to take it out, including quite strong statements
from you along the lines that distinguishing between XoT and DOT was an
incorrect usage of ALPN.
I understand that the perspective changed since
On Thu, Apr 29, 2021 at 11:49 AM Allison Mankin
wrote:
> Hi Ekr,
>
> As Sara wrote, the spec had ALPN. The WG consensus during the IETF 108
> meeting was very strong to take it out, including quite strong statements
> from you along the lines that distinguishing between XoT and DOT was an
> incor
On Thu, Apr 29, 2021 at 11:38 AM Stephen Farrell
wrote:
>
>
> On 29/04/2021 19:28, Salz, Rich wrote:
> > To make it obvious (I thought it was): I agree, and think we need to
> > make that fact more widely known.
>
> I think I agree but seems like ECH may add a subtlety - maybe
> what we need to p
(dprive to bcc, because this is getting further afield)
On Fri, Apr 30, 2021, at 00:26, Salz, Rich wrote:
> >No new protocol should use TLS without ALPN. It only opens space for
> > cross-protocol attacks. Did the working group consider this possibility in
> > their discussions?
>
> I don
On 04/08/2021, 14:43, "Scott Fluhrer (sfluhrer)" wrote:
>
> I am glad that someone in the working group is looking at this. However, as
> I reviewed this before the wg meeting, I was completely puzzled by this text
> (from section 6.1):
>
> 3DH
>
>C computes K = H(g^y ^ PrivU || PubU ^ x
Hi Martin,
> > >No new protocol should use TLS without ALPN. It only opens space for
> > > cross-protocol attacks. Did the
> working group consider this possibility in their discussions?
> >
> > I don't believe that message has been made as public as it should be.
>
> I see that UTA is wor
On Fri, Apr 30, 2021, at 16:25, Valery Smyslov wrote:
> The original motivation for 7525bis was to update RFC 7525 in light of
> TLS 1.3 appearance.
> However, I believe that recommendations for using ALPN are in scope of
> this document.
How about a new Section 3.7 "Application-Layer Protocol N
13 matches
Mail list logo
