On Monday, 19 March 2018 23:53:16 CET Benjamin Kaduk wrote: > On Mon, Mar 19, 2018 at 05:00:51PM +0100, Hubert Kario wrote: > > On Sunday, 18 March 2018 16:27:34 CET Eric Rescorla wrote: > > > After discussion with the chairs and the AD, I have opted to just add a > > > section > > > that explains the attack. I just merged that (but managed not to get it > > > into -27 > > > due to fumble fingering). > > > > If there is no consensus on the recommended fix for the issue, I wonder if > > we shouldn't then soften the language in the section about PSK binder > > handling, from SHOULD to MAY. > > I think on the balance I am happier retaining SHOULD. > > > Though, I'd say that the reference to that newly added section is > > definitely missing. > > I expect that can be done as an RFC Editor note or during AUTH48. > > -Benjamin
https://github.com/tlswg/tls13-spec/pull/1189 filed as a reminder -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
