Re: [TLS] DTLS 1.2: Call for spec ambiguities
Eric Rescorla <ekr@networkresonance.com> Wed, 09 April 2008 19:13 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E858A3A6C41; Wed, 9 Apr 2008 12:13:03 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE23C3A6C14 for <tls@core3.amsl.com>; Wed, 9 Apr 2008 12:13:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.165
X-Spam-Level:
X-Spam-Status: No, score=-0.165 tagged_above=-999 required=5 tests=[AWL=-0.270, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_35=0.6, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1NNGjvkKSGy1 for <tls@core3.amsl.com>; Wed, 9 Apr 2008 12:13:02 -0700 (PDT)
Received: from romeo.rtfm.com (unknown [74.95.2.173]) by core3.amsl.com (Postfix) with ESMTP id 096203A6B4E for <tls@ietf.org>; Wed, 9 Apr 2008 12:13:02 -0700 (PDT)
Received: from romeo.rtfm.com (localhost.rtfm.com [127.0.0.1]) by romeo.rtfm.com (Postfix) with ESMTP id 49CD95081A; Wed, 9 Apr 2008 12:15:11 -0700 (PDT)
Date: Wed, 09 Apr 2008 12:15:11 -0700
From: Eric Rescorla <ekr@networkresonance.com>
To: "tom.petch" <cfinss@dial.pipex.com>
In-Reply-To: <005801c89a5b$0f28e960$0601a8c0@allison>
References: <20080319053351.B47D41B9480@kilo.rtfm.com> <005801c89a5b$0f28e960$0601a8c0@allison>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Message-Id: <20080409191511.49CD95081A@romeo.rtfm.com>
Cc: tls@ietf.org
Subject: Re: [TLS] DTLS 1.2: Call for spec ambiguities
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
At Wed, 9 Apr 2008 11:51:24 +0200, tom.petch wrote: > > Not an ambiguity - RFC4347 is very clear - but I have struggled to understand > whether or not updates to base TLS apply to DTLS or not (eg new cipher suites > such as draft-ietf-tls-ecdhe-psk-01.txt , > RFC4366). RFC4347 does say that new cipher suites should specify if and how > they apply, but in practice, that does not seem to have happened. Right. That is a bug in those specs. :) I'll add some guidelines in the main text about hwhat would be suitable. > And I echo the point about PMTU; I have seen DTLS criticised as being wholy > unrealistic about PMTU, on some very unexpected mailing lists. That could totally be. We tried to get this right base on what we thought we understood about the transport issues, but quite likely we didn't. I'll take another pass on reading up people's comments and getting with the TSV people. If anyone wants to point me at discussions they know about and save me some time, I wouldn't complain :) -Ekr > Tom Petch > > ----- Original Message ----- > From: "Eric Rescorla" <ekr@networkresonance.com> > To: <tls@ietf.org> > Sent: Wednesday, March 19, 2008 3:24 AM > Subject: [TLS] DTLS 1.2: Call for spec ambiguities > > > > The plan I proposed in Philadelphia for DTLS 1.2 includes > > clarification of any issues that weren't clear in RFC 4347. > > I intend to collect a list of those issues and then > > have discussion/propose resolutions on the mailing list. > > I'm already aware of three such issues: > > > > - Inclusion of the first ClientHello and HelloVerifyRequest > > in CertificateVerify > > - Handshake header inclusion in message hashes > > - Whether PMTU discovery makes sense > > > > The first two seem to be pretty simple and have obvious > > answers. The third requires talking to the TSV area. > > > > If WG members are aware of other issues, can you mail them > > to me or the list by the end of April? I'll then summarize > > on the list and start threads to discuss them. > > > > -Ekr > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] DTLS 1.2: Call for spec ambiguities Eric Rescorla
- Re: [TLS] DTLS 1.2: Call for spec ambiguities tom.petch
- Re: [TLS] DTLS 1.2: Call for spec ambiguities Eric Rescorla