Update: we discussed this extensively in Yokohama and based on Watson's feedback and offline comments from David McGrew, the consensus was that we needed to add some sort of rekeying mechanism to support long-lived flows. Expect a PR on this next week.
Note: We'll still need guidance to implementations on when to re-key, but we don't expect to have a hard protocol limit. -Ekr On Fri, Nov 6, 2015 at 4:59 PM, Tony Arcieri <basc...@gmail.com> wrote: > On Friday, November 6, 2015, Watson Ladd <watsonbl...@gmail.com> wrote: > >> On Wed, Nov 4, 2015 at 3:43 PM, Dang, Quynh <quynh.d...@nist.gov> wrote: >> > I did not talk under indistinguishability framework. My discussion was >> about confidentiality protection and authentication. >> >> What is the definition of "confidentiality protection" being used here? >> > > I too am confused by Quynh's statement. Indistinguishability is the modern > bar for confidentiality and authentication. > > Quynh, are you talking about anything less than IND-CCA2? If you are, that > is less than the modern bar I would personally consider acceptable. > > > -- > Tony Arcieri > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
