Internet-Draft draft-ietf-tls-deprecate-obsolete-kex-05.txt is now available.
It is a work item of the Transport Layer Security (TLS) WG of the IETF.
Title: Deprecating Obsolete Key Exchange Methods in TLS 1.2
Authors: Carrick Bartle
Nimrod Aviram
Name:draft-ietf-tls-dep
Hi,
In the split mode of the current draft of ECH, both the client-facing
server and the backend server are needed to be ECH-aware. As upon the
client-facing server decrypted the ClientHelloOut, it will forward the
ClientHelloInner to the backend server, and waiting the backend's
ServerHello with
Hi! Reminder that this consensus call is still ongoing.
spt
> On Aug 26, 2024, at 09:23, Sean Turner wrote:
>
> Hi! Loganaden submitted a PR to add x25519 as an MTI in TLS 1.3 that
> addresses an Issue submitted by Stephen; links to both follow:
> Issue: https://github.com/tlswg/tls13-spec/iss
Dear all,
I thought PAVeTrust [1], co-located with FM24 [2], might be of interest
to some of you to see how formal methods are shaping some of the
standardization efforts in RATS, TLS and OAuth WGs.
Invited talks are:
* Secure Authentication in the Era of Confidential Computing: Insights
Internet-Draft draft-ietf-tls-svcb-ech-05.txt is now available. It is a work
item of the Transport Layer Security (TLS) WG of the IETF.
Title: Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings
Authors: Ben Schwartz
Mike Bishop
Erik Nygren
Name:
I will be hitting the button to submit this to the IESG next week. The
revisions based on the earlier consensus calls have been made and
references to updated RFCs have been cleaned up. You can use the diffi
tool to see the comparison with the -03 version -
https://author-tools.ietf.org/iddiff?ur
Hi,
On 9/3/24 10:52 PM, 涛叔 wrote:
This idea was derived from my attempt to implement encrypted TLS SNI Proxy. The
SNI
does not only expose privacy information, many ISP use it to block certain web
site.
Even though the current draft of ECH works to protect the ClientHello, it can
only
protect
