0a2e45c | seanturner | 02 March 2018, 02:11:06 UTC | adding in rsa_pss_pss | 02 March 2018, 02:11:06 UTC |
3624197 | seanturner | 02 March 2018, 00:44:04 UTC | fixin rsa_pss recommended column values | 02 March 2018, 00:44:04 UTC |
87cf56e | seanturner | 01 March 2018, 20:13:21 UTC | nit | 01 March 2018, 20:13:21 UTC |
f2494fe | seanturner | 01 March 2018, 00:58:32 UTC | tweak ExtensionType intro | 01 March 2018, 00:58:32 UTC |
2ac27b9 | seanturner | 28 February 2018, 21:02:14 UTC | addressing IANA questions | 28 February 2018, 21:02:14 UTC |
83ce948 | ekr | 23 February 2018, 00:29:50 UTC | Merge pull request #1156 from davidben/fix-typo The ServerHello does not convey client preferences. | 23 February 2018, 00:29:50 UTC |
581efbd | David Benjamin | 22 February 2018, 23:50:13 UTC | The ServerHello does not convey client preferences. | 22 February 2018, 23:51:25 UTC |
3f712ac | ekr | 22 February 2018, 17:32:26 UTC | Merge pull request #1155 from henrydcase/fix_section_nr Fixes section number referencing transcript hash | 22 February 2018, 17:32:26 UTC |
95491e9 | Kris | 22 February 2018, 16:54:00 UTC | Fixes section number referencing transcript hash | 22 February 2018, 16:54:00 UTC |
c013434 | ekr | 15 February 2018, 17:25:57 UTC | Merge pull request #1153 from tlswg/drop_usermap_ref dropping RFC4681 (user mapping) reference) | 15 February 2018, 17:25:57 UTC |
a5f0163 | ekr | 15 February 2018, 17:25:47 UTC | Merge pull request #1152 from roelfdutoit/master Update Contributors section | 15 February 2018, 17:25:47 UTC |
5e3183e | seanturner | 15 February 2018, 17:16:21 UTC | dropping RFC4681 (user mapping) reference) | 15 February 2018, 17:16:21 UTC |
d88e189 | Roelof DuToit | 15 February 2018, 16:45:56 UTC | Update Contributors section | 15 February 2018, 16:45:56 UTC |
cde03c3 | ekr | 15 February 2018, 13:39:51 UTC | Merge pull request #1150 from tomato42/MTI-extensions add psk_key_exchange_modes ext to MTI | 15 February 2018, 13:39:51 UTC |
d63cc8d | Hubert Kario | 15 February 2018, 10:54:15 UTC | add psk_key_exchange_modes ext to MTI "A client MUST provide a 'psk_key_exchange_modes' extension if it offers a 'pre_shared_key' extension." | 15 February 2018, 10:54:15 UTC |
35427e6 | EKR | 15 February 2018, 01:51:12 UTC | This is a wire format change | 15 February 2018, 01:51:12 UTC |
36c3d32 | ekr | 14 February 2018, 22:03:27 UTC | Merge pull request #1149 from ekr/ch2_uses_0303 Send 0303 after HRR | 14 February 2018, 22:03:27 UTC |
9376058 | EKR | 14 February 2018, 21:57:10 UTC | Changelog | 14 February 2018, 21:57:10 UTC |
f7a0b36 | EKR | 14 February 2018, 21:56:08 UTC | Fix typo | 14 February 2018, 21:56:08 UTC |
4a39514 | EKR | 14 February 2018, 21:36:30 UTC | Send 0303 after HRR | 14 February 2018, 21:36:30 UTC |
970938f | ekr | 14 February 2018, 19:52:51 UTC | Merge pull request #1143 from roelfdutoit/master Clarify rules around "supported_versions" extension in SH and HRR | 14 February 2018, 19:52:51 UTC |
858a57b | ekr | 14 February 2018, 19:05:21 UTC | Merge pull request #1142 from ekr/clarify_signature_algorithms_cert Clarify behavior of signature_algorithms_cert | 14 February 2018, 19:05:21 UTC |
a4a4de6 | EKR | 14 February 2018, 19:01:06 UTC | Clarify that you can omit signature_algorithms_cert | 14 February 2018, 19:01:06 UTC |
629d3e7 | ekr | 13 February 2018, 02:09:01 UTC | Merge pull request #1139 from kazu-yamamoto/adding-reserved adding reserved. | 13 February 2018, 02:09:01 UTC |
3bce058 | ekr | 13 February 2018, 02:08:20 UTC | Merge pull request #1147 from tomato42/certs-typo fix signature_algorithms_cert typo | 13 February 2018, 02:08:20 UTC |
b8033ae | ekr | 13 February 2018, 02:03:13 UTC | Merge pull request #1144 from tomato42/fix-typo fix typo in constant name | 13 February 2018, 02:03:13 UTC |
e1fab40 | ekr | 13 February 2018, 02:02:51 UTC | Merge pull request #1137 from kazu-yamamoto/del-dup deleting a deplicated word. | 13 February 2018, 02:02:51 UTC |
4c0ffb7 | ekr | 13 February 2018, 02:02:33 UTC | Merge pull request #1136 from yanesca/fix-typo Fix a typo | 13 February 2018, 02:02:33 UTC |
a723752 | ekr | 13 February 2018, 02:02:19 UTC | Merge pull request #1135 from alagoutte/patch-1 Fix typo | 13 February 2018, 02:02:19 UTC |
73bf493 | Hubert Kario | 12 February 2018, 14:52:29 UTC | fix signature_algorithms_cert typo the type is called signature_algorithms_cert (singular) everywhere, not signature_algorithms_certs (plural) | 12 February 2018, 14:52:29 UTC |
f7b0aac | Hubert Kario | 06 February 2018, 19:19:26 UTC | fix typo in constant name remove extra _ at the end of name -- the name in SignatureScheme enum lacks it | 06 February 2018, 19:19:26 UTC |
7cd1fcc | Roelof DuToit | 19 January 2018, 16:32:21 UTC | Further clarification on use of extensions in ServerHello | 19 January 2018, 16:32:21 UTC |
e8157b3 | Roelof DuToit | 18 January 2018, 21:58:34 UTC | Clarify rules around "supported_versions" extension in ServerHello and HelloRetryRequest | 18 January 2018, 21:58:34 UTC |
a6638b6 | EKR | 18 January 2018, 13:14:18 UTC | Clarify behavior of signature_algorithms_cert | 18 January 2018, 13:14:18 UTC |
6662c7e | Kazu Yamamoto | 11 January 2018, 04:35:21 UTC | adding reserved. | 11 January 2018, 04:35:21 UTC |
4346187 | ekr | 11 January 2018, 01:20:08 UTC | Merge pull request #1138 from iluxonchik/add-illya-gerasymchuk-to-contributors add myself to contributors | 11 January 2018, 01:20:08 UTC |
52737b7 | ILUXONCHIK | 11 January 2018, 01:19:00 UTC | fix order of my name in contributors list | 11 January 2018, 01:19:00 UTC |
c1fc8f9 | ILUXONCHIK | 11 January 2018, 00:53:54 UTC | added myself to contributors As requested in #1120 | 11 January 2018, 00:53:54 UTC |
06ce9cc | Kazu Yamamoto | 09 January 2018, 05:08:26 UTC | deleting a deplicated word. | 09 January 2018, 05:08:26 UTC |
c2dd42b | Janos Follath | 08 January 2018, 09:11:28 UTC | Fix a typo | 08 January 2018, 09:11:28 UTC |
0abaf31 | Alexis La Goutte | 07 January 2018, 18:26:53 UTC | Fix typo implementatations -> implementations | 07 January 2018, 18:26:53 UTC |
46f325e | EKR | 05 January 2018, 21:51:32 UTC | Trivial change to trigger CI | 05 January 2018, 21:51:32 UTC |
57d6072 | EKR | 05 January 2018, 21:47:04 UTC | Changelog | 05 January 2018, 21:47:04 UTC |
92002b1 | ekr | 05 January 2018, 20:15:53 UTC | Merge pull request #1129 from mattcaswell/ccs-first Clarify when in the handshake we ignore CCS records | 05 January 2018, 20:15:53 UTC |
f0abf94 | ekr | 05 January 2018, 20:01:40 UTC | Merge pull request #1132 from davidben/protocol-invariants-2 Tweak protocol invariants text a little. | 05 January 2018, 20:01:40 UTC |
fe7423d | David Benjamin | 04 January 2018, 18:03:54 UTC | Avoid duplicating a few duplicating a few words. | 04 January 2018, 18:03:54 UTC |
4844c4a | Sean Turner | 04 January 2018, 17:53:42 UTC | Merge pull request #1128 from ekr/renumber_key_share Renumber key share | 04 January 2018, 17:53:42 UTC |
16ad8c4 | David Benjamin | 04 January 2018, 17:30:52 UTC | One more instance of 'intermediaries'. | 04 January 2018, 17:30:52 UTC |
0f5753b | ekr | 04 January 2018, 14:36:09 UTC | Merge pull request #1133 from martinthomson/pss_pss_codepoints Renumber rsa_pss_pss_sha{384,512} | 04 January 2018, 14:36:09 UTC |
570b8cd | Martin Thomson | 04 January 2018, 05:21:34 UTC | Renumber rsa_pss_pss_sha{384,512} | 04 January 2018, 05:21:34 UTC |
1e73536 | David Benjamin | 03 January 2018, 23:27:36 UTC | Tweak protocol invariants text a little. - There are many sorts of TLS middleboxes (CDN, decrypting proxy, local antivirus, actual attack, etc), with acceptabilities ranging from reasonable to extremely questionable to a terrible idea. (Categorization is left as an exercise to the reader.) They also have very different security considerations. Fundamentally, TLS secures a connection between two endpoints. As such, we have something to say about the endpoint-to-endpoint connections that make up such a system, but we shouldn't imply this section is *sufficient*, merely *necessary*. Adjust the text accordingly. - I wrote "intermediary" in the original PR, predictively based on PR #1115. Since the spec seems to have settled on "middlebox", align the terminology. (I don't really care what is used, just that it is consistent.) | 03 January 2018, 23:36:22 UTC |
e4d8f4e | ekr | 03 January 2018, 23:12:51 UTC | Merge pull request #1131 from davidben/newline Add missing newline. | 03 January 2018, 23:12:51 UTC |
d988a9b | David Benjamin | 03 January 2018, 23:11:32 UTC | Add missing newline. | 03 January 2018, 23:11:32 UTC |
33d1dc7 | Matt Caswell | 02 January 2018, 10:25:09 UTC | Fix link to Record Protocol section | 02 January 2018, 10:25:09 UTC |
46e3a9e | ekr | 30 December 2017, 12:13:57 UTC | Merge pull request #1130 from DavidSchinazi/add-chris-wood-to-contributors Add Chris A Wood to contributors for his text on vending multiple tickets | 30 December 2017, 12:13:57 UTC |
eb304d1 | David Schinazi | 30 December 2017, 11:29:58 UTC | Add Chris A Wood to contributors for his text on vending multiple tickets (PR 1094) | 30 December 2017, 11:29:58 UTC |
1d1c9d8 | Matt Caswell | 29 December 2017, 10:50:18 UTC | Clarify when in the handshake we ignore CCS records | 29 December 2017, 10:50:18 UTC |
8274f97 | EKR | 27 December 2017, 14:59:56 UTC | Renumber key share | 27 December 2017, 18:46:56 UTC |
5522b67 | ekr | 27 December 2017, 15:27:20 UTC | Merge pull request #1114 from ekr/clarify_pss2 Clarify pss2 | 27 December 2017, 15:27:20 UTC |
19e7211 | EKR | 27 December 2017, 15:25:22 UTC | Review comments | 27 December 2017, 15:25:22 UTC |
3d4bbdd | EKR | 27 December 2017, 15:10:28 UTC | Add section on static RSA security. Closes 1123 | 27 December 2017, 15:10:28 UTC |
cbc4101 | EKR | 27 December 2017, 14:57:57 UTC | Add references for 'field measurements' | 27 December 2017, 14:57:57 UTC |
0af726b | EKR | 27 December 2017, 14:50:28 UTC | Clarify that the server has to send CCS if the client sends a non-empty session ID | 27 December 2017, 14:50:28 UTC |
d994d4a | EKR | 27 December 2017, 14:47:17 UTC | Cherry-pick Rich Salz's clarifications. Closes #1115 | 27 December 2017, 14:47:17 UTC |
4385cb2 | ekr | 27 December 2017, 14:41:31 UTC | Merge pull request #1117 from russhousley/allow-psk-with-extn Allow a future extension to allow external PSKs and certificate-based… | 27 December 2017, 14:41:31 UTC |
8b1dc90 | ILUXONCHIK | 12 December 2017, 08:55:17 UTC | add missing ServerHello.legacy_vesion; accept grammar suggestion by kaduk | 26 December 2017, 14:31:08 UTC |
5c5368c | ILUXONCHIK | 11 December 2017, 16:56:21 UTC | accept suggestions by kaduk; add HRR mention to be consistent | 26 December 2017, 14:31:08 UTC |
dc9e50b | Illya Gerasymchuk | 10 December 2017, 12:13:39 UTC | fix typo | 26 December 2017, 14:31:08 UTC |
cf6d9a9 | Illya Gerasymchuk | 10 December 2017, 11:50:17 UTC | replace supported_version by supported_versions There was a typo in the ClientHello section. | 26 December 2017, 14:31:08 UTC |
241a314 | Illya Gerasymchuk | 10 December 2017, 11:43:40 UTC | replace version by legacy_version in ServerHello description section | 26 December 2017, 14:31:08 UTC |
a9b7652 | Illya Gerasymchuk | 10 December 2017, 11:09:44 UTC | fix .version mentions with either .legacy_version or supported_versions Some of the places in the draft were still using .version field referrences in ServerHello and HelloRetryRequest, those were replaced with either .legacy_version field or "supporeted_versions" extension. | 26 December 2017, 14:31:08 UTC |
8e41feb | EKR | 26 December 2017, 14:21:32 UTC | Update davidben's PR | 26 December 2017, 14:21:32 UTC |
d97ca9c | David Benjamin | 04 December 2017, 18:05:37 UTC | Clarify TLS protocol invariants. This clarifies the versioning rules used by TLS. They are immediate corrollaries from how we've always evolved the protocol, but draft-22 demonstrates that there are widely-deployed non-compliant intermediaries in the network. Document the rules more clearly. | 26 December 2017, 14:11:05 UTC |
463a976 | ekr | 23 December 2017, 21:32:04 UTC | Merge pull request #1126 from chris-wood/master Update Happy Eyeballs reference. | 23 December 2017, 21:32:04 UTC |
8e123d9 | Christopher Wood | 23 December 2017, 19:56:44 UTC | Update Happy Eyeballs reference. | 23 December 2017, 19:56:44 UTC |
d01697e | ekr | 22 December 2017, 21:08:53 UTC | Merge pull request #1122 from iluxonchik/backwards-compatiblity-protocol-versions fix Backward Compatibility section paragraph | 22 December 2017, 21:08:53 UTC |
88d6eed | ekr | 22 December 2017, 21:08:14 UTC | Merge pull request #1118 from ctz/jbp-versions-in-hrr Try to clarify SupportedVersions encoding in HRR | 22 December 2017, 21:08:14 UTC |
6d5483a | ekr | 22 December 2017, 21:07:05 UTC | Merge pull request #1125 from tlswg/nit_8174 8174 updated 2119 | 22 December 2017, 21:07:05 UTC |
7e29037 | Sean Turner | 11 December 2017, 21:03:19 UTC | Merge branch 'master' into nit_8174 | 11 December 2017, 21:03:19 UTC |
cb3982f | ekr | 11 December 2017, 20:54:51 UTC | Merge pull request #1124 from tlswg/nit_8126 update reference 5226->8126 | 11 December 2017, 20:54:51 UTC |
914022e | seanturner | 11 December 2017, 20:54:46 UTC | 8174 updated 2119 | 11 December 2017, 20:54:46 UTC |
a70c2d1 | seanturner | 11 December 2017, 20:50:12 UTC | update reference 5226->8126 | 11 December 2017, 20:50:12 UTC |
0108000 | ILUXONCHIK | 11 December 2017, 16:35:36 UTC | accept rewording suggestion by kaduk; fix typo | 11 December 2017, 16:35:36 UTC |
a05266a | russhousley | 10 December 2017, 16:01:27 UTC | Adopt wording suggested by Gerasymchuk | 10 December 2017, 16:01:27 UTC |
7aec91b | Illya Gerasymchuk | 10 December 2017, 12:58:18 UTC | fix Backward Compatibility section paragraph closes #1121 | 10 December 2017, 12:58:18 UTC |
97caff8 | ekr | 10 December 2017, 12:35:54 UTC | Merge pull request #1119 from iluxonchik/submitting-styling put commands between code tags | 10 December 2017, 12:35:54 UTC |
c77a6d7 | ILLYA Gerasymchuk | 10 December 2017, 03:42:34 UTC | put commands between code tags Command-line commands are now surrounded within code tags, which results in a nicer Markdown rendering. | 10 December 2017, 03:42:34 UTC |
4fad920 | russhousley | 09 December 2017, 02:45:14 UTC | Accept rewording suggested by kaduk | 09 December 2017, 02:45:14 UTC |
eaca46d | Joseph Birr-Pixton | 08 December 2017, 19:48:26 UTC | Draft version goes in supported_versions | 08 December 2017, 19:48:26 UTC |
81f396c | Joseph Birr-Pixton | 08 December 2017, 19:45:05 UTC | Clarify supported_versions encoding in HRR This is tricky now Handshake.msg_type doesn't explicitly designate HRR. So it's just a comment. | 08 December 2017, 19:45:05 UTC |
9ca2f9f | russhousley | 07 December 2017, 15:21:51 UTC | Allow a future extension to allow external PSKs and certificate-based authentication | 07 December 2017, 15:21:51 UTC |
09b3cfc | EKR | 05 December 2017, 00:58:00 UTC | Pre-PR comments | 05 December 2017, 00:58:00 UTC |
c6df0d3 | EKR | 05 December 2017, 00:46:48 UTC | Fix run-on | 05 December 2017, 00:46:48 UTC |
76c7f9b | EKR | 05 December 2017, 00:46:13 UTC | Checkpoint | 05 December 2017, 00:46:13 UTC |
9f912dd | ekr | 05 December 2017, 00:45:44 UTC | Merge pull request #1112 from Lekensteyn/fix-certificate-extensions Clarify certificate extensions | 05 December 2017, 00:45:44 UTC |
0a9922f | ekr | 05 December 2017, 00:45:06 UTC | Merge pull request #1113 from davidben/der-certs Clarify that X.509 certificates carried over TLS are DER-encoded. | 05 December 2017, 00:45:06 UTC |
4211d2b | David Benjamin | 04 December 2017, 18:06:17 UTC | Clarify that X.509 certificates carried over TLS are DER-encoded. Without specifying the encoding, I don't think it's actually defined how you transit the certificates. RFC 5280 only says that the TBSCertificate is DER-encoded for computing the signature, which still allows insanity like XER-encoded everything with the receiver re-encoding the TBSCertificate to DER before verifying the signature. | 04 December 2017, 18:09:11 UTC |
664512c | EKR | 02 December 2017, 22:02:08 UTC | Fix typo | 02 December 2017, 22:02:08 UTC |
2b17b6e | EKR | 29 November 2017, 01:13:45 UTC | Restructure siganture algorithms negotiation a bit to add a separate extension for certificates. The rationale is to allow you to indicate that you support different algorithms for signing CV and certs. Also provide new code points for PSS when you use non-rsaEncryption OIDs. | 02 December 2017, 21:57:57 UTC |
39b2067 | Peter Wu | 29 November 2017, 23:58:39 UTC | Clarify certificate extensions The peer must advertise extensions before they can be sent with a certificate message. Fixes #1111 | 29 November 2017, 23:58:39 UTC |