On Sun, Apr 2, 2017 at 11:18 AM, Watson Ladd <watsonbl...@gmail.com> wrote:
> Dear all, > > Sorry if I'm asking a question already answered elsewhere, but I am > wondering what the current state of the TLS 1.3 draft is. We have completed a second WGLC on -19 and I intend to put out -20 this week or early next. > There seem > to have been some major changes considered and put in after 27 March, > and I don't know if the formal modeling ever got back about how much > they could model/issues found. > Hmmm... No major changes were made after 27 March and as far as I now the only two technical changes we intend to make for -20 are. 1. Having an extension to signal that the client will do post-handshake client authentication (and otherwise forbidding it). 2. Deciding to explicitly provide an encoding for raw public keys. I don't know what the state of the various modelling efforts is, though I imagine this will be a topic at TLS:DIV at the end of the month. We did discuss the various cryptographic changes in -20 (specifically the extra key derive stages and the handshake hash reification) with a number of cryptographers before incorporating. Perhaps some of the analytic groups on-list would care to comment? -Ekr My guess it it makes sense for everyone to read 19 so that the issues > can be fixed for 20. > Sincerely, > Watson > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
