Why does the first point matter? And the certificates are embedded pretty opaquely in TLS.
I think, I answered your question in my last mail? Kind Regards Mounira ----- Mail original ----- De: "Watson Ladd" <watsonbl...@gmail.com> À: "Mounira Msahli" <mounira.msa...@telecom-paristech.fr> Cc: "Hubert Kario" <hka...@redhat.com>, "tls" <tls@ietf.org> Envoyé: Lundi 27 Août 2018 18:37:50 Objet: Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates On Mon, Aug 27, 2018, 8:21 AM Mounira Msahli < [ mailto:mounira.msa...@telecom-paristech.fr | mounira.msa...@telecom-paristech.fr ] > wrote: Hi Hubert, I can do the exercise but the result will be two sections totally decorrelated: one for TLS 1.3 and one for TLS 1.2. Two drafts in one document. - The handshake phase in TLS 1.2 is different from handshake/TLS1.3 - The certificate type is different. One uses cert_type and the other uses extension defined in [RFC7250]. Why does the first point matter? And the certificates are embedded pretty opaquely in TLS. BQ_BEGIN Kind Regards Mounira ----- Mail original ----- De: "Hubert Kario" < [ mailto:hka...@redhat.com | hka...@redhat.com ] > À: "tls" < [ mailto:tls@ietf.org | tls@ietf.org ] > Cc: "Mounira Msahli" < [ mailto:mounira.msa...@telecom-paristech.fr | mounira.msa...@telecom-paristech.fr ] >, "Ilari Liusvaara" < [ mailto:ilariliusva...@welho.com | ilariliusva...@welho.com ] > Envoyé: Lundi 27 Août 2018 16:39:56 Objet: Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates On Friday, 24 August 2018 19:44:36 CEST Mounira Msahli wrote: > - You should also specify use in TLS 1.2 in the same draft (or say that > is prohibited). This is so one only needs one reference for the > codepoint allocation. > > >>> It is not prohibited, for TLS 1.2 the extension is already specified: [ > >>> [ https://tools.ietf.org/html/draft-serhrouchni-tls-certieee1609-01 | > >>> https://tools.ietf.org/html/draft-serhrouchni-tls-certieee1609-01 ] ] > [ [ https://tools.ietf.org/html/draft-serhrouchni-tls-certieee1609-01 | > https://tools.ietf.org/html/draft-serhrouchni-tls-certieee1609-01 ] | > [ https://tools.ietf.org/html/draft-serhrouchni-tls-certieee1609-01 | > https://tools.ietf.org/html/draft-serhrouchni-tls-certieee1609-01 ] ] We will > update the draft wouldn't then it be better to combine them and have one standard (document) that describes use in TLS 1.2 and TLS 1.3? I may be missing something but I don't see anything that would prevent use of the same codepoints in both protocol versions -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: [ http://www.cz.redhat.com/ | www.cz.redhat.com ] Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic _______________________________________________ TLS mailing list [ mailto:TLS@ietf.org | TLS@ietf.org ] [ https://www.ietf.org/mailman/listinfo/tls | https://www.ietf.org/mailman/listinfo/tls ] BQ_END _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
