[TLS] Re: Comments on draft-santesson-tls-ume-04/draft-santesson-tls-supp-00

Russ Housley <housley@vigilsec.com> Mon, 17 April 2006 23:03 UTC

Received: from [] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FVckh-0004gG-GF; Mon, 17 Apr 2006 19:03:27 -0400
Received: from [] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FVckf-0004fC-Bv for tls@ietf.org; Mon, 17 Apr 2006 19:03:25 -0400
Received: from woodstock.binhost.com ([]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1FVckf-00031A-1Q for tls@ietf.org; Mon, 17 Apr 2006 19:03:25 -0400
Received: (qmail 31981 invoked by uid 0); 17 Apr 2006 23:03:13 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) ( by woodstock.binhost.com with SMTP; 17 Apr 2006 23:03:13 -0000
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Mon, 17 Apr 2006 17:10:36 -0400
To: Eric Rescorla <ekr@networkresonance.com>
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <20060413051757.D6B4322245C@laser.networkresonance.com>
References: <20060413051757.D6B4322245C@laser.networkresonance.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 52e1467c2184c31006318542db5614d5
Cc: iesg@ietf.org, tls@ietf.org
Subject: [TLS] Re: Comments on draft-santesson-tls-ume-04/draft-santesson-tls-supp-00
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org


>These drafts seem basically sound. Minor comments below.
>You should state that only one SupplementalData field may
>be used per handshake.

I agree.  This was pointed out by the Gen-ART reviewer too.

>Somewhere you should note that this data SHOULD NOT be
>processed by TLS but just passed up to the application.

I agree.  This was also raised by Cullen.

>Why is this draft going to Proposed? ISTM that it's pretty
>hard to interpret without a bunch of MS-proprietary
>information. There's no need for it to go to Proposed, since
>both extensions and Supp-data allow code points to be
>issued via informational.

This is being discussed.  The reason that I would like to see it as 
standards-track is that the structure supports more than just 
Microsoft names.  The Microsoft names are simply the first ones that 
are supported.

>S 4:
>You can do the UPN hint extension exchange and then NOT
>send supp_data? That seems wrong.

I agree, if the negotiation is successful, then the supplemental data 
should be sent.


TLS mailing list