Mirja Kühlewind has entered the following ballot position for draft-ietf-tls-tls13-cert-with-extern-psk-03: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-cert-with-extern-psk/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Just a small thing to double-check: I wonder if this sentence would actually require an update to RFC8446: "TLS 1.3 does not permit the server to send a CertificateRequest message when a PSK is being used. This restriction is removed when the "tls_cert_with_extern_psk" extension is negotiated, allowing certificate-based authentication for both the client and the server." Or maybe it should be phrased differently, just: "If the "tls_cert_with_extern_psk" extension is negotiated, certificate-based authentication is allowed for both the client and the server." I guess it depends on what exactly is said in RFC8446 (and I didn't went and tried to find it). And as a side note, it is usually recommended to provide the link to the registry in the IANA section (to make life for IANA easier). _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
