Joseph Salowey wrote:
>
> This is a working group last call announcement for draft-ietf-tls-tls13-18,
> to run through November 20. If possible, we would like to receive comments
> on the list by November 13 so they can be discussed at the meeting in
> Seoul. We hope to address any substantive issues raised during that process
> shortly thereafter.
>
> In order to allow for cryptographic review, we will delay submission of the
> draft to the IESG until the end of January 2017; there will be an
> opportunity to address any issues discovered by the cryptographic community
> prior to submission to the IESG.
There are two seriously backwards-incompatible changes in the
current proposal that provide zero value, but completely break
backwards-compatibility with existing middleware infrastructure.
(1) hiding of the TLS record content types.
Please leave the TLS record types (handshake/AppData/Alert/CCS)
clearly visible on the outside of the TLS records, so that
middleware protocol parsers (which interface to transport-free
TLS protocol stacks) can continue to work, and continue to
work efficiently.
(2) hiding of the TLS extension SNI.
Right now it is perferctly fine to implement TLS extensions SNI
on the server completely outside the TLS protocol stack to route
to single-cert SNI-unaware backends. The current proposal
suggest to move TLS extension SNI into the encrypted part, if
my superficial reading of the draft is correct, so TLSv1.3
will not fly with existing architectures where spreading of
TLS requests on the server-side based on TLS extension SNI
is done outside of the TLS protocol stack (i.e. bottleneck-less
without having to open TLS).
-Martin
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
