Hi Folks, There was significant support for this approach in Berlin so if you have concerns with this approach please post them to the list by Monday, August 8, 2016.
Thanks, S&J On Wed, Aug 3, 2016 at 8:30 AM, Eric Rescorla <e...@rtfm.com> wrote: > Folks, > > As promised, I've written a PR that describes the new negotiation > syntax we discussed in Berlin. I also have prototype implementation of > this in NSS and it's quite a bit cleaner than the previous negotiation > design. I think that others have found the same thing. > > https://github.com/tlswg/tls13-spec/pull/559 > > > IMPORTANT: This new negotiation syntax allows for two modes that were > not previously available with TLS 1.3: PSK and PSK-(EC)DHE with > server-side signatures. This construction should be safe with > resumption-PSK (this is why we introduced the resumption_ctx design), > but as noted in Antoine's recent message [0], this is not safe with > non-resumption PSK with the all-zeroes resumption context that we now > use with external PSKs. I have an action item to fix that, so just > keep that in the back of your head as you review this PR. > > Comments welcome. > > -Ekr > > [0] https://www.ietf.org/mail-archive/web/tls/current/msg20637.html > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
