97abde0 | Christopher Wood | 19 February 2021, 18:39:37 UTC | Merge pull request #1213 from ekr/changelog-01 Changelog for -01 | 19 February 2021, 18:39:37 UTC |
1239cca | Christopher Wood | 19 February 2021, 18:39:34 UTC | Update draft-ietf-tls-rfc8446bis.md | 19 February 2021, 18:39:34 UTC |
4f6e9cf | Christopher Wood | 19 February 2021, 18:39:30 UTC | Update draft-ietf-tls-rfc8446bis.md | 19 February 2021, 18:39:30 UTC |
6cc2c6f | EKR | 19 February 2021, 18:33:55 UTC | Changelog for -01 | 19 February 2021, 18:33:55 UTC |
2fb7b0a | EKR | 19 February 2021, 18:29:05 UTC | Fix merge conflict | 19 February 2021, 18:29:05 UTC |
3c0e8c0 | ekr | 19 February 2021, 18:20:37 UTC | Merge pull request #1204 from davidben/tls12-names Align TLS 1.2 terminology with this document | 19 February 2021, 18:20:37 UTC |
ec5d7e6 | ekr | 19 February 2021, 18:19:36 UTC | Merge pull request #1210 from emanjon/patch-1 Security Property - Protection of endpoint identities | 19 February 2021, 18:19:36 UTC |
dde8adb | ekr | 19 February 2021, 18:19:02 UTC | Update draft-ietf-tls-rfc8446bis.md | 19 February 2021, 18:19:02 UTC |
8f8c841 | ekr | 19 February 2021, 18:15:33 UTC | Merge pull request #1205 from davidben/resumption-tracking Discuss tracking implications of session resumption. | 19 February 2021, 18:15:33 UTC |
f2be3bc | ekr | 19 February 2021, 18:14:50 UTC | Merge pull request #1211 from emanjon/patch-2 Editorial: "Client Authentication" -> "Certificate-Based Client Authentication" | 19 February 2021, 18:14:50 UTC |
e7a4f1d | John Mattsson | 11 February 2021, 09:03:57 UTC | Certificate-Based Client Authentication Based on the PSK authentication was not included in the past. I think specification has some places where "Client Authentication" refer to only certificate-based client authentication and not client authentication is general. Not a big thing, but I think it might confuse some readers, and would be good to clarify. | 11 February 2021, 09:03:57 UTC |
f63175b | John Mattsson | 11 February 2021, 08:53:31 UTC | Update draft-ietf-tls-rfc8446bis.md As discussed on the TLS list. It seems like cipher suites without confidentiality is already registered. Feel free to reformulate in any way. Refering to the cipher suites in the document is not very useful for the reader, and it does not seem to be a rule that a NULL encryption could not be recommended even if that seems very unlikely. I also suggest adding "(certificate)" after client identity. The security property does obviously not hold for PSK authentication. | 11 February 2021, 08:53:31 UTC |
1a67fd2 | David Benjamin | 02 December 2020, 22:35:27 UTC | Discuss tracking implications of session resumption. In WG discussion of draft-vvv-tls-cross-sni-resumption-00, tracking implications came up. While that draft does expand the set of servers that can cross-resume, it's not a new issue. For instance, on the Web, if https://a.example and https://b.example both include a subresource to a common https://tracker.example, TLS session resumption may be used to correlate activity across the two sites. Add some text to discuss this. This is distinct from the single-use ticket mitigation, which only covers correlation by passive observers. Correlation by the server itself is pretty much inherent to session resumption and other cache-like optimizations. Instead, the text points this out and gives an example of how applications can keep their resumption scopes consistent with their privacy goals. Fixes #1201. | 02 December 2020, 22:41:56 UTC |
eea31f7 | David Benjamin | 17 November 2020, 07:23:42 UTC | Align TLS 1.2 terminology with this document Closes #1203. | 17 November 2020, 07:23:59 UTC |
b93311e | David Benjamin | 13 November 2020, 21:52:02 UTC | Shorten some unnecessarily long names. While we're renaming these anyway, exporter_secret and resumption_secret are just as descriptive. Closes #1200. | 13 November 2020, 21:56:17 UTC |
b71bdb7 | EKR | 03 October 2020, 23:30:42 UTC | Python3 | 03 October 2020, 23:30:42 UTC |
ea7d1e2 | EKR | 03 October 2020, 23:23:26 UTC | Right actions this time | 03 October 2020, 23:23:26 UTC |
7a49dbd | EKR | 03 October 2020, 23:19:09 UTC | trigger on push | 03 October 2020, 23:19:09 UTC |
504ef19 | EKR | 03 October 2020, 23:17:51 UTC | Moves action to the right place | 03 October 2020, 23:17:51 UTC |
b669dfd | EKR | 03 October 2020, 23:15:16 UTC | Add action | 03 October 2020, 23:15:16 UTC |
4328233 | EKR | 03 October 2020, 23:06:40 UTC | Remove - | 03 October 2020, 23:06:40 UTC |
c385fa8 | EKR | 03 October 2020, 22:50:20 UTC | Change draft name internally | 03 October 2020, 22:50:20 UTC |
4458b4a | EKR | 03 October 2020, 22:48:19 UTC | Delete unneeded | 03 October 2020, 22:48:19 UTC |
9f7b2f2 | EKR | 03 October 2020, 22:47:52 UTC | Rename | 03 October 2020, 22:47:52 UTC |
8c8aed6 | EKR | 03 October 2020, 22:46:37 UTC | Removed pre-8446 | 03 October 2020, 22:46:46 UTC |
5478a02 | EKR | 11 August 2020, 16:41:06 UTC | Fix title | 11 August 2020, 16:41:06 UTC |
349a183 | ekr | 11 August 2020, 11:47:23 UTC | Merge pull request #79 from ekr/mt_comments MT editorial | 11 August 2020, 11:47:23 UTC |
2df6739 | ekr | 11 August 2020, 11:47:01 UTC | Update draft-rescorla-tls-rfc8446-bis.md Co-authored-by: Martin Thomson <mt@lowentropy.net> | 11 August 2020, 11:47:01 UTC |
f6c67e9 | EKR | 10 August 2020, 23:46:20 UTC | MT editorial | 10 August 2020, 23:46:20 UTC |
e17f8e8 | EKR | 10 August 2020, 17:23:29 UTC | the the | 10 August 2020, 17:23:29 UTC |
22cd4cb | ekr | 10 August 2020, 16:36:42 UTC | Merge pull request #78 from ekr/pre_pub Minor tweaks caught in pre-publication pass | 10 August 2020, 16:36:42 UTC |
e590390 | EKR | 10 August 2020, 16:35:53 UTC | Minor tweaks caught in pre-publication pass | 10 August 2020, 16:35:53 UTC |
5ef0a06 | Christopher Wood | 10 August 2020, 14:36:02 UTC | Merge pull request #77 from ekr/framing_text Framing text | 10 August 2020, 14:36:02 UTC |
e0ab460 | EKR | 10 August 2020, 13:46:01 UTC | Update framing text | 10 August 2020, 13:46:01 UTC |
7f2255e | EKR | 10 August 2020, 13:33:56 UTC | Revert one wording choice that didn't need to change | 10 August 2020, 13:33:56 UTC |
f288643 | ekr | 10 August 2020, 13:33:24 UTC | Merge pull request #71 from ekr/caw/erratum-6135 Converge to "vector" in lieu of list and set. Fixes erratum 6135. | 10 August 2020, 13:33:24 UTC |
ed378a7 | Christopher Wood | 10 August 2020, 13:28:16 UTC | Converge to list. Drop vector everywhere outside of the type section. | 10 August 2020, 13:28:16 UTC |
eda655b | Christopher Wood | 10 August 2020, 13:15:28 UTC | Merge pull request #76 from ekr/de-master De master | 10 August 2020, 13:15:28 UTC |
7173a5b | EKR | 10 August 2020, 12:59:47 UTC | Revert EMS name | 10 August 2020, 12:59:47 UTC |
8a610fb | ekr | 10 August 2020, 12:57:51 UTC | Update draft-rescorla-tls-rfc8446-bis.md Co-authored-by: Christopher Wood <caw@heapingbits.net> | 10 August 2020, 12:57:51 UTC |
63ce17f | ekr | 10 August 2020, 12:57:30 UTC | Update draft-rescorla-tls-rfc8446-bis.md Co-authored-by: Christopher Wood <caw@heapingbits.net> | 10 August 2020, 12:57:30 UTC |
2488955 | Christopher Wood | 10 August 2020, 01:03:50 UTC | Merge pull request #75 from ekr/erratum5438-2 Clarify the X25519 and X448 outputs. Fixes #22 | 10 August 2020, 01:03:50 UTC |
4e0f902 | Christopher Wood | 10 August 2020, 01:02:33 UTC | Merge pull request #57 from ekr/erratum6125 Clarify that client auth is optional. Fixes #26 | 10 August 2020, 01:02:33 UTC |
095e134 | Christopher Wood | 10 August 2020, 01:02:23 UTC | Update draft-rescorla-tls-rfc8446-bis.md | 10 August 2020, 01:02:23 UTC |
6486262 | Christopher Wood | 10 August 2020, 01:01:42 UTC | Merge pull request #56 from ekr/erratum5682 Extension block ranges. Fixes #23 | 10 August 2020, 01:01:42 UTC |
0fbd08d | Christopher Wood | 10 August 2020, 01:01:21 UTC | Merge pull request #20 from ekr/errata5976 Fix erratum 5976. Describe the X.509 -> X509 change | 10 August 2020, 01:01:21 UTC |
75aba45 | EKR | 09 August 2020, 21:05:16 UTC | Add question mark | 09 August 2020, 21:05:16 UTC |
bd65044 | EKR | 09 August 2020, 20:13:15 UTC | Clarify | 09 August 2020, 20:13:15 UTC |
f124891 | EKR | 09 August 2020, 20:12:41 UTC | Rename the master secret | 09 August 2020, 20:12:41 UTC |
4f57c02 | ekr | 09 August 2020, 19:48:53 UTC | Merge pull request #73 from ekr/caw/erratum-6136 Add missing legacy_version and legacy_compression_method checks. Fixes erratum 6136. | 09 August 2020, 19:48:53 UTC |
036c936 | ekr | 09 August 2020, 19:32:10 UTC | Merge pull request #74 from ekr/caw/erratum-6152 Clarify that clients must check ServerHello.random first. Fixes erratum 6152. | 09 August 2020, 19:32:10 UTC |
86c02ea | ekr | 09 August 2020, 19:28:17 UTC | Merge pull request #72 from ekr/caw/erratum-5868 Reference RFC4492 for the ECDSA-Sig-Value encoding. Fixes erratum 5868. | 09 August 2020, 19:28:17 UTC |
a736343 | ekr | 09 August 2020, 19:27:53 UTC | Merge pull request #70 from ekr/caw/erratum-6138 Remove redundant PSK text. Fixes erratum 6138. | 09 August 2020, 19:27:53 UTC |
0b9d170 | EKR | 04 August 2020, 21:23:18 UTC | Clarify that client auth is optional. Fixes #26 | 09 August 2020, 19:26:15 UTC |
61816e6 | EKR | 04 August 2020, 21:06:57 UTC | Extension block ranges. Fixes #23 | 09 August 2020, 19:25:16 UTC |
68b07c2 | EKR | 04 August 2020, 20:01:57 UTC | Fix erratum 5976. Describe the X.509 -> X509 change | 09 August 2020, 19:24:03 UTC |
89e27a1 | EKR | 04 August 2020, 20:59:03 UTC | Clarify the X25519 and X448 outputs. Fixes #22 | 09 August 2020, 19:22:28 UTC |
9e6ce53 | Christopher Wood | 09 August 2020, 18:13:22 UTC | Merge pull request #67 from ekr/erratum6146 Erratum6146 | 09 August 2020, 18:13:22 UTC |
b6ad33d | Christopher Wood | 09 August 2020, 18:13:03 UTC | Merge pull request #66 from ekr/erratum6145 when might early data not be allowed. Fixes #30 | 09 August 2020, 18:13:03 UTC |
c332bfe | Christopher Wood | 09 August 2020, 18:12:52 UTC | Update draft-rescorla-tls-rfc8446-bis.md | 09 August 2020, 18:12:52 UTC |
25fe306 | Christopher Wood | 09 August 2020, 18:12:07 UTC | Merge pull request #58 from ekr/erratum6142 cache -> use. Fixes #28 | 09 August 2020, 18:12:07 UTC |
27138ee | Christopher Wood | 09 August 2020, 18:11:40 UTC | Merge pull request #59 from ekr/erratum6141_context_string forward reference for context string. Fixes #54 | 09 August 2020, 18:11:40 UTC |
0559459 | Christopher Wood | 09 August 2020, 18:11:25 UTC | Merge pull request #62 from ekr/erratum6137 symmetric is redundant. Fixes #44 | 09 August 2020, 18:11:25 UTC |
0cd41e3 | Christopher Wood | 09 August 2020, 18:11:07 UTC | Merge pull request #61 from ekr/erratum6139 when appliccable is redundant. Fixes #46 | 09 August 2020, 18:11:07 UTC |
9ee2c8d | Christopher Wood | 09 August 2020, 18:10:56 UTC | Update draft-rescorla-tls-rfc8446-bis.md | 09 August 2020, 18:10:56 UTC |
53fb0fb | Christopher Wood | 09 August 2020, 18:10:11 UTC | Merge pull request #60 from ekr/erratum6147 No such thing as a PSK cipher suite. Fixes #49 | 09 August 2020, 18:10:11 UTC |
c87c850 | Christopher Wood | 09 August 2020, 18:09:32 UTC | Merge pull request #65 from ekr/erratum6122 functions -> function. Fixes #37 | 09 August 2020, 18:09:32 UTC |
6239ff1 | Christopher Wood | 09 August 2020, 18:09:14 UTC | Merge pull request #64 from ekr/erratum6125- out-of-band -> external. Fixes #39 | 09 August 2020, 18:09:14 UTC |
3f5b15c | Christopher Wood | 09 August 2020, 18:08:50 UTC | Merge pull request #68 from ekr/erratum6204 Clarify PSK can't be used with certificate-based auth unless there is… | 09 August 2020, 18:08:50 UTC |
4ea795d | Christopher Wood | 09 August 2020, 18:08:40 UTC | Update draft-rescorla-tls-rfc8446-bis.md | 09 August 2020, 18:08:40 UTC |
251145f | Christopher Wood | 09 August 2020, 18:07:41 UTC | Merge pull request #63 from ekr/erratum6128 In the rest of -> Throughout. Fixes #42 | 09 August 2020, 18:07:41 UTC |
44fe3b1 | Christopher Wood | 09 August 2020, 18:07:31 UTC | Update draft-rescorla-tls-rfc8446-bis.md | 09 August 2020, 18:07:31 UTC |
e0c4990 | Christopher Wood | 09 August 2020, 18:06:40 UTC | Merge pull request #21 from ekr/errata5627 Fix Erratum 5627. Expansion of SNI | 09 August 2020, 18:06:40 UTC |
9a3cbb4 | Christopher Wood | 09 August 2020, 18:05:54 UTC | Change the bis. | 09 August 2020, 18:05:54 UTC |
b2f06fc | Christopher Wood | 09 August 2020, 18:02:00 UTC | Change the bis. | 09 August 2020, 18:02:00 UTC |
76e53e2 | Christopher Wood | 09 August 2020, 18:00:29 UTC | Change the bis. | 09 August 2020, 18:00:29 UTC |
e1d7e1f | Christopher Wood | 09 August 2020, 17:58:49 UTC | Change the bis. | 09 August 2020, 17:58:49 UTC |
82e1db8 | Christopher Wood | 09 August 2020, 17:57:43 UTC | Revert 1.3 change. | 09 August 2020, 17:57:43 UTC |
ced44f9 | Christopher Wood | 09 August 2020, 17:56:16 UTC | Fix the bis. | 09 August 2020, 17:56:16 UTC |
5d7bdcd | Christopher Wood | 08 August 2020, 15:24:33 UTC | Clarify that clients must check ServerHello.random first. Fixes erratum 6152. | 08 August 2020, 15:24:33 UTC |
d7e9abd | Christopher Wood | 08 August 2020, 15:15:51 UTC | Add missing legacy_version and legacy_compression_method checks. Fixes erratum 6136. | 08 August 2020, 15:15:51 UTC |
165ce80 | Christopher Wood | 08 August 2020, 15:07:18 UTC | Reference RFC4492 for the ECDSA-Sig-Value encoding. Fixes erratum 5868. | 08 August 2020, 15:07:18 UTC |
ae55169 | Christopher Wood | 08 August 2020, 15:04:23 UTC | Converge to "vector" in lieu of list and set. Fixes erratum 6135. | 08 August 2020, 15:04:23 UTC |
9243883 | Christopher Wood | 08 August 2020, 14:45:37 UTC | Remove redundant PSK text. Fixes erratum 6138. | 08 August 2020, 14:45:37 UTC |
248e421 | Christopher Wood | 07 August 2020, 16:45:45 UTC | Merge pull request #69 from ekr/erratum6205 Split the requirements for resumption and external PSKs. Fixes #53 | 07 August 2020, 16:45:45 UTC |
9682bb6 | EKR | 04 August 2020, 23:21:27 UTC | Split the requirements for resumption and external PSKs. Fixes #53 | 04 August 2020, 23:21:27 UTC |
7905a13 | EKR | 04 August 2020, 23:19:13 UTC | Clarify PSK can't be used with certificate-based auth unless there is some future extension. Fixes #52, Fixes #51 | 04 August 2020, 23:19:13 UTC |
6ce547d | EKR | 04 August 2020, 22:58:12 UTC | Selected version. Fixes #31 | 04 August 2020, 22:58:57 UTC |
e2d0369 | EKR | 04 August 2020, 22:56:37 UTC | when might early data not be allowed. Fixes #30 | 04 August 2020, 22:56:37 UTC |
a168784 | EKR | 04 August 2020, 22:54:00 UTC | functions -> function. Fixes #37 | 04 August 2020, 22:54:00 UTC |
22f37d8 | EKR | 04 August 2020, 22:51:52 UTC | out-of-band -> external. Fixes #39 | 04 August 2020, 22:51:52 UTC |
acc6217 | EKR | 04 August 2020, 22:48:52 UTC | out-of-band -> external. Fixes #39 | 04 August 2020, 22:48:52 UTC |
ec59050 | EKR | 04 August 2020, 22:45:16 UTC | In the rest of -> Throughout. Fixes #42 | 04 August 2020, 22:45:16 UTC |
ddd5eee | EKR | 04 August 2020, 22:41:49 UTC | symmetric is redundant. Fixes #44 | 04 August 2020, 22:41:49 UTC |
3d9799c | EKR | 04 August 2020, 22:35:54 UTC | when appliccable is redundant. Fixes #46 | 04 August 2020, 22:39:02 UTC |
9d7c3bf | EKR | 04 August 2020, 22:29:18 UTC | No such thing as a PSK cipher suite. Fixes #49 | 04 August 2020, 22:29:18 UTC |
56cc134 | EKR | 04 August 2020, 22:25:17 UTC | forward reference for context string. Fixes #54 | 04 August 2020, 22:25:17 UTC |
d0e42ce | EKR | 04 August 2020, 21:30:28 UTC | cache -> use. Fixes #28 | 04 August 2020, 21:31:25 UTC |
4830b8b | EKR | 04 August 2020, 21:28:33 UTC | MEge | 04 August 2020, 21:28:33 UTC |
6c8bb89 | EKR | 04 August 2020, 20:05:01 UTC | Fix Erratum 5627. Expansion of SNI | 04 August 2020, 20:05:01 UTC |