Re: [TLS] PR#28: Converting cTLS to QUIC-style varints

One thing that’s a bit annoying about QUIC’s variant format is that there are multiple ways to encode a number. This has led to some complications in the specification (e.g. QUIC requires you to use the minimal encoding for frame types, but allows all encodings everywhere else). It would be nice to

Re: [TLS] PR#28: Converting cTLS to QUIC-style varints

In that case, why use QUIC's encoding at all? It would just put the burden on the receiver to check that the minimal encoding was used. Would it instead make more sense to modify QUIC's encoding, such that the 2-byte encoding doesn't encode the numbers from 0 to 16383, but the numbers from 64 to (1

Re: [TLS] Packet number encryption negotiation

I've never viewed PNE as a security measure, but instead as an anti-ossification and a privacy measure. It hides certain bits of the header, as well as the packet number, from an on-path observer. This is crucial to prevent middleboxes from being "helpful" and acting upon (observed) gaps in packet

Re: [TLS] Proposal to make TLS universal

Why are you calling Let's Encrypt low-assurance? The ACME protocol verifies that the requester of the certificate controls the domain. Honestly, I don't understand the problem you're trying to solve. Obtaining a TLS certificate is not a hurdle any more nowadays, as it can trivially be done automat

Re: [TLS] New Internet Draft: The qpack_static_table_version TLS extension

Some thoughts: - Putting it into a TLS extension seems like a layering violation. At that point during the handshake, we don't know yet which ALPN will be negotiated. In the best case scenario, this would render the qpack_static_table_version extension useless, but things might get

Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

I support adoption. On Thu, 7 Dec 2023 at 05:55, David Schinazi wrote: > I support adoption. > David > > On Wed, Dec 6, 2023 at 4:16 PM Rob Sayre wrote: > >> Hi, >> >> I support adoption. >> >> thanks, >> Rob >> >> >> On Tue, Dec 5, 2023 at 9:35 PM Deirdre Connolly >> wrote: >> >>> At the TLS

[TLS]Re: Adoption call for Extended Key Update for TLS 1.3

I support adoption. On Thu, 25 Jul 2024 at 10:37, Bob Beck wrote: > I support adoption, and would be willing to review drafts and would work > to have it implemented. > > On Thu, Jul 25, 2024 at 9:44 AM Sean Turner wrote: > >> At the IETF 120 TLS session there was interest in adopting the Exten