[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt

On Mon, Mar 17, 2025 at 6:17 AM Eric Rescorla wrote: > On Sun, Mar 16, 2025 at 11:52 AM Rob Sayre wrote: > >> On Sat, Mar 15, 2025 at 7:21 PM Laura Bauman > 40apple@dmarc.ietf.org> wrote: >> >>> Thanks to everyone that has taken a look at draft-bmw-tls-pake13-01.txt >>> and provided feedback

[TLS] Re: Opsdir telechat review of draft-ietf-tls-tls12-frozen-06

Thanks for the review. I'm not a native speaker but I'm afraid this sentence may be read as 'encrypting more of the traffic' and 'removing primitives" are examples of known deficiencies, not fixes. Maybe rephrase as '...it fixes most known deficiencies with TLS 1.2 [TLS12]. In particular, TLS 1.3

[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt

On Sat, Mar 15, 2025 at 7:21 PM Laura Bauman wrote: > Thanks to everyone that has taken a look at draft-bmw-tls-pake13-01.txt > and provided feedback so far. As more people start reading it, I wanted to > clarify that the current draft version does not yet reflect the change we > intend to make t

[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt

On Sun, Mar 16, 2025 at 11:52 AM Rob Sayre wrote: > On Sat, Mar 15, 2025 at 7:21 PM Laura Bauman 40apple@dmarc.ietf.org> wrote: > >> Thanks to everyone that has taken a look at draft-bmw-tls-pake13-01.txt >> and provided feedback so far. As more people start reading it, I wanted to >> clarif

[TLS] Artart last call review of draft-ietf-tls-rfc8447bis-11

Reviewer: Barry Leiba Review result: Ready with Nits This document is in good shape and does what it needs to do. I have just one very minor substantive comment, and two very nitty nits: — Section 3.1 — If the "Recommended" column is set to "D" the item is discouraged and SHOULD NOT or

[TLS] A different approach to Attestation

A common requirement in device security is to know that a key is bound to a device with some degree of hardware assurance such that the key can be used on the device but not extracted from it. FIPS-140 specifies a set of assurance levels but there is value in even the lightest of lightweight assur

[TLS] Re: A different approach to Attestation

Phill: This is really a description of IDevID certificates that are installed by a factory, and then replaced by LDevID certificates that are issed by the device owner at the time of installation. NETCONF already supports that model.What am I missing? Russ > On Mar 16, 2025, at 11:31 PM, Phi

[TLS] Weekly github digest (TLS Working Group Drafts)

Issues -- * tlswg/rfc8447bis (+1/-1/💬1) 1 issues created: - Address SecDir review comments (by seanturner) https://github.com/tlswg/rfc8447bis/issues/69 1 issues received 1 new comments: - #60 AD review comments (1 by seanturner) https://github.com/tlswg/rfc8447bis/issues/60