be893b6 | EKR | 29 November 2017, 15:43:58 UTC | Update changelog | 29 November 2017, 15:49:28 UTC |
d96e793 | ekr | 29 November 2017, 14:08:55 UTC | Merge pull request #1108 from ekr/hrr_cleanup Hrr cleanup | 29 November 2017, 14:08:55 UTC |
5846c4f | ekr | 29 November 2017, 13:58:14 UTC | Merge pull request #1110 from Lekensteyn/add-contrib Add $me to contributors | 29 November 2017, 13:58:14 UTC |
a103cc8 | Peter Wu | 29 November 2017, 11:35:52 UTC | Add $me to contributors | 29 November 2017, 11:35:52 UTC |
8f24b48 | EKR | 29 November 2017, 01:25:44 UTC | Plural | 29 November 2017, 01:25:44 UTC |
7f54065 | EKR | 29 November 2017, 00:30:23 UTC | Reserved, not absent | 29 November 2017, 00:30:23 UTC |
9a9c329 | EKR | 29 November 2017, 00:26:20 UTC | Some more post PR-1091 cleanup. Remove references to hello_retry_request and fix syntax to match. Fixes #1101. | 29 November 2017, 00:29:09 UTC |
21b9186 | EKR | 29 November 2017, 00:18:16 UTC | Adjust PDU location | 29 November 2017, 00:28:31 UTC |
c9e372a | Kazu Yamamoto | 27 November 2017, 03:25:27 UTC | removing spaces-only line. | 29 November 2017, 00:28:31 UTC |
605080a | Kazu Yamamoto | 27 November 2017, 03:15:23 UTC | adding a missing markup. | 29 November 2017, 00:28:31 UTC |
1bab0b7 | Kazu Yamamoto | 27 November 2017, 03:05:25 UTC | fixing a missing semicolon. | 29 November 2017, 00:28:31 UTC |
76ef612 | ekr | 29 November 2017, 00:16:00 UTC | Merge pull request #1103 from kazu-yamamoto/verification removing duplicated verification criteria in favor of Section 4.2.10. | 29 November 2017, 00:16:00 UTC |
33dbbf1 | EKR | 29 November 2017, 00:15:37 UTC | Parameters include version | 29 November 2017, 00:15:37 UTC |
4f0c5b2 | ekr | 29 November 2017, 00:13:17 UTC | Merge pull request #1106 from iluxonchik/mti-ext-fix add messages that are required to have the supported_versions extension | 29 November 2017, 00:13:17 UTC |
75b36bb | ILUXONCHIK | 28 November 2017, 13:16:35 UTC | add messages that are required to have the supported_versions extension This is mentioned throughout the document, but not in the "Mandatory-to-Implement" section. closes #1104 | 28 November 2017, 13:16:35 UTC |
9ea5efc | Kazu Yamamoto | 27 November 2017, 03:37:22 UTC | removing duplicated verification criteria in favor of Section 4.2.10. | 27 November 2017, 03:37:22 UTC |
4febb3f | EKR | 25 November 2017, 18:05:18 UTC | Post-merge cleanup | 25 November 2017, 18:05:18 UTC |
da9f6c3 | Benjamin Kaduk | 25 November 2017, 17:41:35 UTC | Refer to client-tracking prevention from NST message Give some motivation for why servers MAY send multiple tickets. | 25 November 2017, 17:41:35 UTC |
eec84b8 | EKR | 24 November 2017, 19:46:06 UTC | Nit | 24 November 2017, 19:46:06 UTC |
f874473 | EKR | 24 November 2017, 19:12:46 UTC | Cleanup 0-RTT terminology. Fixes #1042 | 24 November 2017, 19:12:46 UTC |
0f850b0 | EKR | 24 November 2017, 19:10:44 UTC | Slightly improve ClientHello truncation. Fixes #1077 | 24 November 2017, 19:10:44 UTC |
a7389f2 | EKR | 24 November 2017, 18:57:40 UTC | Empty posthandshake auth. Fixes #1089 | 24 November 2017, 18:57:40 UTC |
d562901 | EKR | 24 November 2017, 18:55:05 UTC | more clearly define exporter. Fixes #1060 | 24 November 2017, 18:55:05 UTC |
5b88f1a | EKR | 24 November 2017, 18:51:39 UTC | Add definition for CertificateType. Fixes #1090 | 24 November 2017, 18:51:39 UTC |
4a2463d | EKR | 24 November 2017, 18:39:06 UTC | Add a little more text about the padding timing. Closes #1074 | 24 November 2017, 18:39:06 UTC |
1feebed | EKR | 24 November 2017, 18:30:08 UTC | Add Steve Checkoway as a contributor | 24 November 2017, 18:30:08 UTC |
145805e | EKR | 24 November 2017, 18:28:48 UTC | use the enum for opaque_type. Closes #1063 | 24 November 2017, 18:28:48 UTC |
85dd022 | EKR | 24 November 2017, 18:26:41 UTC | Add changelog | 24 November 2017, 18:26:41 UTC |
c764288 | ekr | 24 November 2017, 18:18:43 UTC | Merge pull request #1091 from ekr/middlebox_changes2_hrr Middlebox changes2 hrr | 24 November 2017, 18:18:43 UTC |
adaccbe | EKR | 24 November 2017, 18:14:37 UTC | Clarify HRR | 24 November 2017, 18:14:37 UTC |
e9406c6 | EKR | 24 November 2017, 18:13:52 UTC | Editorial | 24 November 2017, 18:13:52 UTC |
f55df44 | EKR | 24 November 2017, 18:13:07 UTC | Review comments | 24 November 2017, 18:13:07 UTC |
db06d80 | ekr | 24 November 2017, 17:41:45 UTC | Merge pull request #1099 from martinthomson/keyagreement-ref Update references | 24 November 2017, 17:41:45 UTC |
79a2280 | EKR | 24 November 2017, 17:09:56 UTC | Fix ref | 24 November 2017, 17:09:56 UTC |
1e123c4 | Martin Thomson | 22 November 2017, 23:48:54 UTC | Update SHS reference | 22 November 2017, 23:48:54 UTC |
a692b43 | Martin Thomson | 22 November 2017, 23:48:09 UTC | Provide updated citation for KEYAGREEMENT | 22 November 2017, 23:48:09 UTC |
261e73b | EKR | 16 November 2017, 23:06:32 UTC | Clarify association of SNI | 16 November 2017, 23:06:32 UTC |
7699a1d | Victor Vasiliev | 16 November 2017, 22:58:28 UTC | Reconcile the cross-SNI resumption with changes made in #1061 In order for cross-SNI resumption to work, SNI has to be a per-connection property. Reflect this in text. | 16 November 2017, 22:58:28 UTC |
adf1f98 | Victor Vasiliev | 16 November 2017, 22:47:45 UTC | Merge branch 'master' into sni-resumption | 16 November 2017, 22:47:45 UTC |
9452cf7 | Victor Vasiliev | 16 November 2017, 22:16:05 UTC | Add a paragraph about SNI being connection property Text suggested by David Benjamin on the PR page. This is mostly based on the discussion that happened during the WG meeting in Singapore. | 16 November 2017, 22:16:05 UTC |
3bff358 | ekr | 16 November 2017, 10:48:10 UTC | Merge pull request #1093 from ekr/move_server_cert_type Move server_certificate_type to EE. The idea here is to retain | 16 November 2017, 10:48:10 UTC |
f40a892 | ekr | 16 November 2017, 06:31:51 UTC | Merge pull request #1096 from DavidSchinazi/add-dschinazi-to-contributors Add David Schinazi to Contributors for close_notify text | 16 November 2017, 06:31:51 UTC |
ebaf138 | David Schinazi | 16 November 2017, 06:24:58 UTC | Add David Schinazi to Contributors for close_notify text | 16 November 2017, 06:24:58 UTC |
95ffb6c | ekr | 16 November 2017, 03:08:26 UTC | Merge pull request #1092 from DavidSchinazi/half-close-notify Give close_notify half-close semantics to better match TCP and avoid truncation | 16 November 2017, 03:08:26 UTC |
14c721c | ekr | 15 November 2017, 12:56:24 UTC | Merge pull request #1095 from grittygrease/nick/ca_name certificate_authorities is defined in this document, not in RFC 6066 | 15 November 2017, 12:56:24 UTC |
c081a04 | Nick Sullivan | 15 November 2017, 05:30:33 UTC | certificate_authorities is defined in this document, not in RFC 6066 | 15 November 2017, 05:30:33 UTC |
6a4338e | ekr | 15 November 2017, 03:42:41 UTC | Merge pull request #1094 from chris-wood/master Add text explaining why servers might want to vend multiple tickets | 15 November 2017, 03:42:41 UTC |
00df8e3 | Christopher Wood | 15 November 2017, 03:34:17 UTC | Add multiple HTTP connections as a use case, as per Ekr's suggestion. | 15 November 2017, 03:34:17 UTC |
1d54eb6 | Christopher Wood | 15 November 2017, 02:30:17 UTC | s/for example/e.g., | 15 November 2017, 02:30:17 UTC |
559c1ba | Christopher Wood | 15 November 2017, 02:20:05 UTC | Add text explaining why servers might want to vend multiple tickets to clients. | 15 November 2017, 02:20:05 UTC |
e22826e | EKR | 13 November 2017, 22:28:44 UTC | Move server_certificate_type to EE. The idea here is to retain the RFC 7250 semantics that both certificate types are globally negotiated. There is no support for mixed certificates. | 13 November 2017, 22:28:44 UTC |
215a303 | ekr | 13 November 2017, 22:05:51 UTC | Merge pull request #1061 from kaduk/matt Be more explicit about PSK requirements | 13 November 2017, 22:05:51 UTC |
f7108aa | ekr | 13 November 2017, 21:57:21 UTC | Merge pull request #1083 from Lekensteyn/fix-tlsinnerplaintext Fix TLSInnerPlaintext limit | 13 November 2017, 21:57:21 UTC |
bb6b605 | David Schinazi | 12 November 2017, 03:14:35 UTC | Review comments from @ekr | 12 November 2017, 03:14:35 UTC |
19b31d5 | David Schinazi | 12 November 2017, 02:33:47 UTC | Give close_notify half-close semantics to better match TCP and avoid truncation | 12 November 2017, 02:33:47 UTC |
ea43633 | EKR | 06 November 2017, 18:10:17 UTC | Don't require that legacy_session_id be random | 06 November 2017, 18:10:17 UTC |
deabf64 | EKR | 01 November 2017, 21:46:49 UTC | Block code point | 01 November 2017, 21:46:49 UTC |
94ebf66 | EKR | 01 November 2017, 21:39:57 UTC | Minor nit from MT | 01 November 2017, 21:39:57 UTC |
a93161b | EKR | 01 November 2017, 21:18:35 UTC | Updated davidben comments | 01 November 2017, 21:18:35 UTC |
552a062 | Peter Wu | 01 November 2017, 16:39:15 UTC | MUST not -> MUST NOT | 01 November 2017, 16:39:15 UTC |
1dc054e | EKR | 01 November 2017, 16:01:04 UTC | Add HRR | 01 November 2017, 16:02:10 UTC |
44591e7 | EKR | 01 November 2017, 15:24:41 UTC | Comments from David Benjamin | 01 November 2017, 15:24:41 UTC |
512aafc | EKR | 30 October 2017, 23:09:19 UTC | Martin's comments | 30 October 2017, 23:09:19 UTC |
e04cd7f | EKR | 30 October 2017, 22:46:10 UTC | ChangeCipherSpec | 30 October 2017, 22:46:25 UTC |
c038296 | EKR | 30 October 2017, 22:22:05 UTC | Mandatory changes | 30 October 2017, 22:22:05 UTC |
b23ef18 | ekr | 27 October 2017, 21:33:47 UTC | Merge pull request #1072 from stevecheckoway/tlsciphertext_length Be consistent with other structs. | 27 October 2017, 21:33:47 UTC |
5dbee41 | ekr | 27 October 2017, 19:48:58 UTC | Merge pull request #1075 from tomato42/ocsp-status-request-v2 Make the deprecation of status_request_v2 extension more explicit | 27 October 2017, 19:48:58 UTC |
c056224 | ekr | 24 October 2017, 15:38:11 UTC | Merge pull request #1085 from kaduk/label Document no NUL bytes in labels | 24 October 2017, 15:38:11 UTC |
bd13384 | ekr | 24 October 2017, 15:37:05 UTC | Merge pull request #1086 from davidben/hrr-padding Allow the padding extension to change on HRR. | 24 October 2017, 15:37:05 UTC |
8ced9c2 | David Benjamin | 24 October 2017, 02:43:27 UTC | Allow the padding extension to change on HRR. The padding extension is typically computed as part of serializing the ClientHello, in hopes of targetting a particular size. As specified right now, the second ClientHello must not use this same logic and instead must retain the previous extension sizethough this would likely not hit the same target size. The server's going to ignore it anyway, so allow it to be recalcuated. This avoids unnecessary state in clients and extra logic to serialize the first and second ClientHellos differently. | 24 October 2017, 02:43:27 UTC |
5b23b07 | Benjamin Kaduk | 18 October 2017, 19:15:30 UTC | No NUL bytes in labels As mentioned by @Andrei-Popov in https://www.ietf.org/mail-archive/web/tls/current/msg24561.html . | 18 October 2017, 19:16:31 UTC |
1d609f9 | ekr | 06 October 2017, 00:57:29 UTC | Merge pull request #1059 from vasilvv/0rtt Rephrase and tighten the 0-RTT replay protection requirements | 06 October 2017, 00:57:29 UTC |
4234d38 | ekr | 06 October 2017, 00:54:33 UTC | Merge pull request #1082 from tlswg/fix_ref Refer to this document as opposed to 5246 for signature_algorithms | 06 October 2017, 00:54:33 UTC |
c382357 | Victor Vasiliev | 05 October 2017, 07:55:56 UTC | Fix a grammar issue pointed out by Ben Kaduk | 05 October 2017, 07:55:56 UTC |
052cf94 | Victor Vasiliev | 04 October 2017, 16:45:58 UTC | Address few editorial concerns from Chris Wood. | 04 October 2017, 16:45:58 UTC |
e14d154 | Peter Wu | 04 October 2017, 03:21:55 UTC | Fix TLSInnerPlaintext limit The TLSPlaintext size is at most 2^14, so the TLSInnerPlaintext must be at least one more to fit the content type. This matches with the end of the record payload protection section. | 04 October 2017, 03:21:55 UTC |
a6f48c7 | seanturner | 29 September 2017, 15:12:13 UTC | fixing a reference | 29 September 2017, 15:12:13 UTC |
cc62281 | Victor Vasiliev | 13 September 2017, 19:00:23 UTC | Allow resumption across multiple domains There is no reason from cryptographical point of view to not resume across multiple domains. The primary concern comes from interoperability concerns and potential waste of tickets, hence the default should be to not resume. | 13 September 2017, 19:00:23 UTC |
b2f1755 | ekr | 03 September 2017, 23:54:26 UTC | Merge pull request #1078 from martinthomson/fix-ref Fix reference | 03 September 2017, 23:54:26 UTC |
0385167 | Martin Thomson | 03 September 2017, 23:50:55 UTC | Fix reference Including the first name of the author in "ins" causes xml2rfc to produce junk. | 03 September 2017, 23:50:57 UTC |
ae98945 | Hubert Kario | 17 August 2017, 10:36:16 UTC | make the deprecation of status_request_v2 more explicit | 17 August 2017, 10:36:16 UTC |
3903f27 | Stephen Checkoway | 26 July 2017, 19:07:21 UTC | Be consistent with other structs. | 02 August 2017, 15:05:53 UTC |
dfab83d | EKR | 29 July 2017, 19:12:01 UTC | Remove key exchange modes indicator from diagram. Closes #1056 | 29 July 2017, 19:12:01 UTC |
3a16d13 | EKR | 29 July 2017, 19:10:55 UTC | Fix merge conflict | 29 July 2017, 19:10:55 UTC |
80fd6c6 | Stephen Checkoway | 26 July 2017, 18:45:09 UTC | Give each select arm an optional field label. Each select arm consists of a single type with an optional field label (for non-vector types). select (E) { case e1: Te1 [[fe1]]; case e2: Te2 [[fe2]; .... case en: Ten [[fen]]; }; PreSharedKeyExtension had an arm with two fields, a new structure, OfferedPsks` was created to hold it. This is purely a notational change. | 29 July 2017, 19:09:58 UTC |
15e77a9 | ekr | 29 July 2017, 18:55:06 UTC | Merge pull request #1039 from martinthomson/unclutter Unclutter the server state machine | 29 July 2017, 18:55:06 UTC |
985b2fd | ekr | 29 July 2017, 18:54:14 UTC | Merge pull request #1070 from stevecheckoway/fix-comment Use /* comments */ rather than // | 29 July 2017, 18:54:14 UTC |
8e4f499 | ekr | 29 July 2017, 18:53:30 UTC | Merge pull request #1071 from stevecheckoway/add_to_appendix Normalize spacing and add missing struct to B.3.1 | 29 July 2017, 18:53:30 UTC |
5d88e2d | ekr | 29 July 2017, 18:53:04 UTC | Merge pull request #1067 from stevecheckoway/type_alias Specify type aliases. | 29 July 2017, 18:53:04 UTC |
c0b7048 | ekr | 29 July 2017, 18:52:48 UTC | Merge pull request #1069 from martinthomson/group0 Reserve NamedGroup(0) | 29 July 2017, 18:52:48 UTC |
3fa5de1 | ekr | 29 July 2017, 18:52:20 UTC | Merge pull request #1065 from stevecheckoway/no_anonymous_structs Remove embedded and anonymous structs. | 29 July 2017, 18:52:20 UTC |
09292a2 | ekr | 29 July 2017, 18:51:21 UTC | Merge pull request #1064 from stevecheckoway/vectors_in_structs Allow vector fields in structures. | 29 July 2017, 18:51:21 UTC |
7783024 | Stephen Checkoway | 28 July 2017, 22:39:13 UTC | Normalize spacing and add missing struct to B.3.1 Fix the spacing in `UncompressedPointRepresentation` and add it to Appendix B.3.1. Add missing space in `select (...){`. | 28 July 2017, 22:39:13 UTC |
531a9e8 | Stephen Checkoway | 28 July 2017, 17:31:37 UTC | Use /* comments */ rather than // The presentation language only specifies `/* ... */` as a comment. It doesn't really apply to the `Transcript-Hash`, but it seems good to be consistent. | 28 July 2017, 17:31:37 UTC |
2f099d4 | Martin Thomson | 28 July 2017, 11:54:28 UTC | Reserve NamedGroup(0) | 28 July 2017, 11:54:28 UTC |
465de0e | EKR | 27 July 2017, 22:32:12 UTC | Document the use of multiple CSPRNGs to counter state reversal attacks. Closes #1068 | 27 July 2017, 22:32:29 UTC |
4cb4d69 | Stephen Checkoway | 26 July 2017, 18:56:55 UTC | Specify type aliases. Now `uint16 ProtocolVersion;` is defined by the presentation language. | 26 July 2017, 18:56:55 UTC |
bec6028 | Stephen Checkoway | 26 July 2017, 18:15:29 UTC | Remove embedded and anonymous structs. We never need embedded nor anonymous structs, so remove them from the presentation language. | 26 July 2017, 18:15:29 UTC |
97d4a00 | Stephen Checkoway | 26 July 2017, 18:05:51 UTC | Allow vector fields in structures. | 26 July 2017, 18:05:51 UTC |
2a17c18 | Benjamin Kaduk | 25 July 2017, 13:26:57 UTC | Accept @martinthomson's review comments | 25 July 2017, 13:26:57 UTC |