On 3 March 2016 at 09:20, Marc Petit-Huguenin <petit...@acm.org> wrote: > draft-ietf-avtcore-rfc5764-mux-fixes does not reserve large portions of the > ContentType codepoints, RFC 5764 did. The damage is already done as RFC 5764 > is deployed as a component of RTCWeb.
I think that we can resolve this by saying this instead: RFC 5764 describes a narrow use of DTLS that works as long as the specific DTLS version used abides by the restrictions on the first byte (the ones that mux-fixes wants to put in the TLS registry). Any extension or revision to DTLS that no causes DTLS to no longer meet these constraints prevents that extension or version from being used in the fashion RFC 5764 describes. That means that DTLS 1.2 is safe. Thus far. DTLS 1.3 is also safe so far, though we're a lot further from done there[3]. I'm sorry that I didn't see this option before; I figured that with content type encryption in TLS 1.3, we wouldn't need those code points. However, Joe is right to protest the incursion onto sovereign territory. [3] I actually hope that we can change DTLS 1.3 so that it won't mux properly. That will have a size benefit that should outweigh the cost of having to rev 5764 for 1.3. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
