[email protected]
[Top] [All Lists]

Re: [TLS] Last Call: draft-ietf-tls-renegotiation (Transport Layer Secur

Subject: Re: [TLS] Last Call: draft-ietf-tls-renegotiation (Transport Layer Security (TLS) Renegotiation Indication Extension) to Proposed Standard
From: Yoav Nir
Date: Tue, 1 Dec 2009 12:06:18 +0200
On Nov 30, 2009, at 5:37 PM, The IESG wrote:

> The IESG has received a request from the Transport Layer Security WG 
> (tls) to consider the following document:
> 
> - 'Transport Layer Security (TLS) Renegotiation Indication Extension '
>   <draft-ietf-tls-renegotiation-01.txt> as a Proposed Standard
> 
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action.  Please send substantive comments to the
> [email protected] mailing lists by 2009-12-14. Exceptionally, 
> comments may be sent to [email protected] instead. In either case, please 
> retain the beginning of the Subject line to allow automated sorting.

I oppose publishing the current draft. 

There are two unresolved issues still being discussed on the TLS mailing list: 
 1. non-extension signaling for older versions (SSLv3 and maybe TLS 1.0)
 2. explicit vs implicit addition of old verify_data to the PRF (also known as 
fail-unsafe vs fail-safe)

I think the WG is converging, and that a couple of more weeks of discussion may 
lead to consensus. 

I agree with David-Sarah Hopwood that a last call (WG or IETF) is still 
premature.

_______________________________________________
Ietf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>