Re: [TLS] WGLC for draft-ietf-tls-grease

Wed, 27 Feb 2019 00:55:29 -0800 

Hiya,

On 27/02/2019 01:57, Sean Turner wrote:
> This messages closes the WGLC for draft-ietf-tls-grease.  The draft
> will progress as is because we received no WGLC comments.

Apologies for missing the WGLC. I've just read this and fully
support it progressing. I have one question though:

The drafts says: 'A client MAY select one or more GREASE extension
values and advertise corresponding extensions with varying length
and contents' and 'For each of these, the "key_exchange" field MAY
be any value.' and 'Implementations advertising GREASE values
SHOULD select them at random.'

I was left wondering what ranges of lengths and what values are
recommended to be sent for greasy extension bytes and key_exchange
values.

Reason to ask is I happened to be looking at a few handshakes and
noticed those lengths being zero in all cases IIRC. (It was only
3 cases being one 1 h/s from each of 3 browsers so could be I was
just unlucky or missed a non-zero greasy length.)

I've no strong opinion as to what'd be best to say about those
lengths but I guess maybe we'd want to see some greasy lengths
that are shorter than all real values, some that are longer and
many in between, and value octets that that are random when
lengths are non-zero.

Does that match what people do? If so, would it be worth adding
something about that to the document?

Cheers,
S.

PS: Since I'm late to the game I'm fine if the above's treated as
a random last call comment.


> spt
> 
>> On Jan 24, 2019, at 10:50, Sean Turner <s...@sn3rd.com> wrote:
>> 
>> This is the working group last call for the "Applying GREASE to TLS
>> Extensibility" draft available at
>> https://datatracker.ietf.org/doc/draft-ietf-tls-grease/. Please
>> review the document and send your comments to the list by 2359 UTC
>> on 8 February 2019.
>> 
>> NOTE: There is one outstanding issue raised by Hubert [0].  Please
>> chime in there or here so that we can address his comment one way
>> or the other.
>> 
>> Thanks, Chris, Joe, and Sean
>> 
>> [0]
>> https://mailarchive.ietf.org/arch/msg/tls/nr4dA2JqcpqAjh-oY_1z2l6ZMFo
>
>> 
> _______________________________________________ TLS mailing list 
> TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
>

Attachment: 0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to