Hi all,
I was wondering why the design of the key exporter is such that it is based on
the early_exporter_master_secret or the exporter_master_secret and no new key
export is triggered at a later point in time, for example when a key update is
performed. RFC 5705, which is used as a basis for t
IANA has made the assignments:
1. Content Type:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5
2. Extension:
https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-1
spt
> On Nov 24, 2023, at 11:
Internet-Draft draft-ietf-tls-8773bis-00.txt is now available. It is a work
item of the Transport Layer Security (TLS) WG of the IETF.
Title: TLS 1.3 Extension for Certificate-based Authentication with an
External Pre-Shared Key
Author: Russ Housley
Name:draft-ietf-tls-8773bis-00.
People are implementing RFC 8773, so I would like to advance this to the
standards track. In addition, this fixes the only errata that was posted
against RFC 8773.
Russ
> On Nov 29, 2023, at 10:46 AM, internet-dra...@ietf.org wrote:
>
> Internet-Draft draft-ietf-tls-8773bis-00.txt is now ava
RFC 8773 (TLS 1.3 Extension for Certificate-Based Authentication with an
External Pre-Shared Key) was originally published as experimental due to
lack of implementations. As part of implementation work for the EMU
workitem draft-ietf-emu-bootstrapped-tls which uses RFC 8773 there is
ongoing impleme
Hi,
Approve.
Cheers,
- Ira
On Wed, Nov 29, 2023 at 10:51 AM Joseph Salowey wrote:
> RFC 8773 (TLS 1.3 Extension for Certificate-Based Authentication with an
> External Pre-Shared Key) was originally published as experimental due to
> lack of implementations. As part of implementation work fo
The adoption call for this draft has completed. There is sufficient
interest in the draft and no objections. Authors, please submit this draft
with the file name draft-tls-tls13-pkcs1-00.txt.
Cheers,
Joe
On Mon, Nov 6, 2023 at 9:25 AM Joseph Salowey wrote:
> At the TLS meeting at IETF 118 ther
* RFC 8773 (TLS 1.3 Extension for Certificate-Based Authentication with an
External Pre-Shared Key) was originally published as experimental due to lack
of implementations… Please indicate if you approve of or object to this
transition to standards track status by December 15, 2023.
I supp
On Wed, Nov 29, 2023 at 10:49:42AM -0500, Russ Housley wrote:
> People are implementing RFC 8773, so I would like to advance this to
> the standards track. In addition, this fixes the only errata that was
> posted against RFC 8773.
>
I am somewhat confused by an apparent conflict between:
An unhelpful answer is that the key exporter interface was already set by
prior versions of TLS and any TLS 1.3 key exporter needs to remain
analogous. :-)
A more helpful answer is that we cannot simultaneously believe that key
update is a transparent feature of TLS, and that exporters are sensiti
Done, although I'm not sure if I got all the metadata right. (How does one
mark it as replacing the old one?)
https://datatracker.ietf.org/doc/draft-tls-tls13-pkcs1/
The GitHub is still under my account, but happy to move it to the TLSWG if
preferred. (How would we go about doing that?)
On Wed, N
Viktor:
> Are external PSKs applicable with resumption?
No. The external PSK is only used on the initial handshake.
Section 3.2 is pointing out that a Resumption PSK can also be used with a
certificate. This is allowed under RFC 8446.
Russ
> On Nov 29, 2023, at 11:20 AM, Viktor Dukhovni wr
Hiya,
On 27/11/2023 14:35, Sean Turner wrote:
Bumping this up in case anybody missed it.
'case it helps, I'm fine with the original mail you sent and any of
"n/a" or "CH" being used rather than "-". If it helps, I've a very
minuscule hint of a preference for "CH" so you can count me as agreei
13 matches
Mail list logo
