Hi Martin, > > > No new protocol should use TLS without ALPN. It only opens space for > > > cross-protocol attacks. Did the > working group consider this possibility in their discussions? > > > > I don't believe that message has been made as public as it should be. > > I see that UTA is working on a revision of RFC 7525. Is text on this > something that would be in scope. I only > just searched for "ALPN", finding nothing, so maybe it is not in the original > scope and maybe there are things > that might prevent expansion of scope.
The original motivation for 7525bis was to update RFC 7525 in light of TLS 1.3 appearance. However, I believe that recommendations for using ALPN are in scope of this document. Regards, Valery. > _______________________________________________ > Uta mailing list > u...@ietf.org > https://www.ietf.org/mailman/listinfo/uta _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
