Mirja Kühlewind has entered the following ballot position for draft-ietf-tls-grease-03: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-grease/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Sorry one more comment/question I forgot earlier: Why is this document informational? Shouldn't it be at least experimental? ------ previous comment ------ One comment/question: I think I didn't quite understand what a client is supposed to do if the connection fails with use of greasing values...? The security considerations seems to indicate that you should not try to re-connect without use of grease but rather just fail completely...? Also should you cache the information that greasing failed maybe? And a note on normative language: "Implementations sending multiple GREASE extensions in a single block thus must ensure the same value is not selected twice." Should this be a "MUST"? Also this is an interesting MUST: "... MUST correctly ignore unknown values..." While this is the whole point of the document, I assume this is already normatively specified in RFC8446 and therefore it could make sense to use non-formative language here... _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
