Hi, Oops, I missed your email. the version 03 has been submitted. For some reason my email address is not in the database, so it has to be confirmed by someone else or the secretariat.
Yours, Daniel From: Kathleen Moriarty [mailto:kathleen.moriarty.i...@gmail.com] Sent: Tuesday, May 02, 2017 7:46 AM To: Daniel Migault <daniel.miga...@ericsson.com> Cc: <tls@ietf.org> <tls@ietf.org> Subject: Re: [TLS] AD review of draft-ietf-tls-ecdhe-psk-aead-02 Hi Daniel, Thank you, please publish version 3 and I'll kick off last call. You could update the TLS version to 20 as well, but that's something that will get fixed with the RFC number while in the RFC editor queue. Best regards, Kathleen Sent from my iPhone On May 1, 2017, at 9:46 PM, Daniel Migault <daniel.miga...@ericsson.com<mailto:daniel.miga...@ericsson.com>> wrote: Hi Kathleen, Thank you for the review. I have proceeded to the update of my local copy. The text is: """ The cipher suite numbers listed in the last column are numbers used for cipher suite interoperability testing and it's suggested that IANA use these values for assignment. """ Other nits have been addressed as well. If that is fine, I can publish the version 03. Yours, Daniel On Mon, May 1, 2017 at 2:23 PM, Kathleen Moriarty <kathleen.moriarty.i...@gmail.com<mailto:kathleen.moriarty.i...@gmail.com>> wrote: Hello, Thanks for your work on the draft draft-ietf-tls-ecdhe-psk-aead-02. In the IANA section, I think it would be a bit more clear to say in the last column rather than second column wince one might interpret this listing as having 3 columns. The cipher suite numbers listed in the second column are numbers used for cipher suite interoperability testing and it's suggested that IANA use these values for assignment. The registry has this reversed with the description as the second column, which is fine. I'm just pointing that out as it doesn't clarify the column for you. Nits: Security Considerations section: Use of Pre-Shared Keys of limited entropy may allow an active attacker attempts to connect to the server and tries different keys. s/tries/try/ Other example includes the use of a PSK chosen by a human and thus may be exposed to dictionary attacks. s/Other/Another/ -- Best regards, Kathleen _______________________________________________ TLS mailing list TLS@ietf.org<mailto:TLS@ietf.org> https://www.ietf.org/mailman/listinfo/tls
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
