On Tue, 2016-11-15 at 01:10 +0000, Stephen Farrell wrote: > > Would it make sense to introduce an extension header for DTLS 1.3 > > in > > the lines of the IPv6 extension headers? That would allow TLS > > extension > > negotiation to add more items on the un-authenticated header, and > > potentially also remove redundant headers. > > I'd be interested in an analysis of the potential privacy > impacts of this. Isn't this more or less the same as doing > SPUD-for-DTLS? (If not, sorry for dragging in controversy:-)
You can check the security considerations section of the latest draft: https://github.com/thomas-fossati/draft-tls-cid/blob/master/draft-mavrogiannopoulos-tls-cid.md TLDR; the privacy offered by this extension is the same as the privacy of DTLS over UDP. regards, Nikos _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
