[TLS] Weekly github digest (TLS Working Group Drafts)

2024-03-17 Thread Repository Activity Summary Bot
Issues -- * tlswg/draft-ietf-tls-esni (+1/-0/💬0) 1 issues created: - Mention that the server identity may be revealed by ServerHellp (by emanjon) https://github.com/tlswg/draft-ietf-tls-esni/issues/612 * tlswg/tls-flags (+1/-3/💬1) 1 issues created: - Refer to I-D.ietf-tls-rfc8446b

Re: [TLS] TLSFlags ambiguity

2024-03-17 Thread StJohns, Michael
Please see RFC 1700, the section on data notation. The most significant bit in a byte /octet or word is always bit 0. A collection of bytes representing a set of bits should number from 0 or 0x80 hex as a mask for the first byte. While 1700 was obsoleted by the protocol registries, I believe thi

Re: [TLS] [Editorial Errata Reported] RFC8447 (6009)

2024-03-17 Thread Sean Turner
Paul, You can go ahead and mark this one as Verified. The name of the 0 value is “X509”. spt > On Mar 7, 2020, at 13:08, RFC Errata System wrote: > > The following errata report has been submitted for RFC8447, > "IANA Registry Updates for TLS and DTLS". > > -

[TLS] [Errata Held for Document Update] RFC7905 (5251)

2024-03-17 Thread RFC Errata System
The following errata report has been held for document update for RFC7905, "ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS)". -- You may review the report below and at: https://www.rfc-editor.org/errata/eid5251

[TLS] [Errata Rejected] RFC5246 (5036)

2024-03-17 Thread RFC Errata System
The following errata report has been rejected for RFC5246, "The Transport Layer Security (TLS) Protocol Version 1.2". -- You may review the report below and at: https://www.rfc-editor.org/errata/eid5036 -- Status: Rejected Ty

Re: [TLS] [Technical Errata Reported] RFC8448 (5645)

2024-03-17 Thread Sean Turner
Hi! This has been lingering for a while, I tend to think we could mark it as HFDU (hold for document update). spt > On Feb 28, 2019, at 16:20, RFC Errata System > wrote: > > The following errata report has been submitted for RFC8448, > "Example Handshake Traces for TLS 1.3". > >

Re: [TLS] [Editorial Errata Reported] RFC6176 (5536)

2024-03-17 Thread Sean Turner
Paul, I think you can mark this one as verified. I don’t think anybody is really confused by not citing 2446 in the 1st sentence but the quoted sentence is in RFC 2446 so as suggested the sentence is still true. spt > On Oct 19, 2018, at 23:33, RFC Errata System > wrote: > > The following

Re: [TLS] [Technical Errata Reported] RFC6066 (5658)

2024-03-17 Thread Sean Turner
I suspect that this errata should be rejected. RFC 6125 was published months after RFC 6066 and that makes this addition feel “new" to me and as such it’s inappropriate to change through the errata process; see [1]. spt [1] https://datatracker.ietf.org/doc/statement-iesg-iesg-processing-of-rf

Re: [TLS] Working Group Last Call for ECH

2024-03-17 Thread Karthikeyan Bhargavan
Is there value in citing the security analysis for ECH as an informative reference? https://dl.acm.org/doi/abs/10.1145/3548606.3559360 A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello | Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security