[TLS] Weekly github digest (TLS Working Group Drafts)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 19 March 2023 07:37 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C24A9C13737C for <tls@ietfa.amsl.com>; Sun, 19 Mar 2023 00:37:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.698
X-Spam-Level:
X-Spam-Status: No, score=-6.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="0bvzqNRW"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="Lm84E0ng"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RjGVOkoTQGCY for <tls@ietfa.amsl.com>; Sun, 19 Mar 2023 00:37:05 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2804FC137381 for <tls@ietf.org>; Sun, 19 Mar 2023 00:36:41 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 0F2A15C00E1 for <tls@ietf.org>; Sun, 19 Mar 2023 03:36:40 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Sun, 19 Mar 2023 03:36:40 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:sender:subject:subject:to:to; s=fm3; t= 1679211400; x=1679297800; bh=Si1ZC0ffn+PWHc1BNz5BqKuRR5NlJ0qDgve z67i6a+E=; b=0bvzqNRWr/KKFSUDqHcFtL3QWtZl7RNfh+MISzae7rTFEZjup9/ 68UZnFYqnQLtK+58+DiFSMKObaWVtp97rAWZxyPuj4lYKE6FH/VhVEBn108zJfeP i35743EDEzpdHbZz0hAwDeKjXJ5ML9XrzSUrh1FOT1qMU3dnGDTIJjA75RulxAMw YFQrDKzeGDW8TwMccrMoDskGTXHk1yIDjdEQFrf+K0C91kneFxG+Xi58MIIRYqx+ 0mWT2oua7oUw/PXaWBqeBeIgJKQF7U9BHlQHYjzeU/xHq2Z+Uu6inzH045shBWjP zUoNTg6yJbBFqbTGzqfhU0szKJj9rsKfheQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1679211400; x= 1679297800; bh=Si1ZC0ffn+PWHc1BNz5BqKuRR5NlJ0qDgvez67i6a+E=; b=L m84E0nguiNeKOigDmSFc04A6DfD3cK+n1FLnTvkBD9/0qkNtqejJCs/MrIJfDgH2 qg6sP/z/GXedJT728adiAwD2r/4jkDo5S8QvOH5jwHJ5nUbOqTwVS7mxip/ARQ3Z LXNmHr6a9GozgNDvXFKNds6KzzOk7GxVRlqScJ3I2Va9sD9HTSeFQWP0wLDBENOh fkODaAzqXqcG+/ejLilUpffKxIFQ5KvVJMvcZbf2IqNdKJpfbMN6P0QTH2ZwuRBO Y3zNcJ+5wjB8xWTvgXzZvYvSaeNATOHU8oQxa5YYujey8ZL6iPz70v9GEmy84D46 os56ZYrU3hT0bzm/8Ormg==
X-ME-Sender: <xms:h7sWZBMcU-2BN8mEj-qtOapKnM4WeHqNauPUiYhGf5GEU5JTai0ryw> <xme:h7sWZD8iFlvUEVusslzNL0kOPdlOXRY2yEdnv5Jlti3_JG5FFDvCC7ivhVVcCc4rm RH0wzyZ5i8pLhIRkA>
X-ME-Received: <xmr:h7sWZASHpdbvUJm-rAiEA3N3BgGIsngYSnpbszPdJAMX1PndEHCA5dPB0WpES6Xsb8PJH0_uwaaxZC3TMSG0ak4KWW3iA5TsqRIP8CyroPEsYjvoE1LXj3tTsmx502HBsHk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvdefhedguddtlecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmne cujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhih ucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhi esmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeu gfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrd gtohhmnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehmrghilhhfrhhomhep ughopghnohhtpghrvghplhihsehmnhhothdrnhgvth
X-ME-Proxy: <xmx:h7sWZNuAW1CGT32JyAC4syWtlpZUCczwt7vZ5_F317qcEfc7e_F8kQ> <xmx:h7sWZJdj4lwK0Gvs-mfbD3NFBxcezvfklXV0-zowCevUGqHrA0cjgA> <xmx:h7sWZJ2t-DPOk7FLSiBwE-aHj5k1f0TMrtqDbetniHiMaGEvRerSXw> <xmx:iLsWZPq9_gAW0GxVndsv0y6qg43Wcw7pI2oAi3H704U9mOa9kcB5Aw>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <tls@ietf.org>; Sun, 19 Mar 2023 03:36:39 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============3785715032881352705=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: tls@ietf.org
Message-Id: <20230319073641.2804FC137381@ietfa.amsl.com>
Date: Sun, 19 Mar 2023 00:36:41 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/X147t1kkxgtV6GSd7t_LkiwgYw0>
Subject: [TLS] Weekly github digest (TLS Working Group Drafts)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Mar 2023 07:37:10 -0000
Issues
------
* tlswg/tls13-spec (+1/-6/💬8)
1 issues created:
- Key update a MUST? (by BenSmyth)
https://github.com/tlswg/tls13-spec/issues/1299
4 issues received 8 new comments:
- #1299 Key update a MUST? (2 by BenSmyth, tomato42)
https://github.com/tlswg/tls13-spec/issues/1299
- #1291 Security considerations of using same cert for TLS client and server (4 by chris-wood, davidben, ekr, karthikbhargavan)
https://github.com/tlswg/tls13-spec/issues/1291
- #1289 Server Tracking Prevention is also needed (1 by ekr)
https://github.com/tlswg/tls13-spec/issues/1289
- #1274 Add a changelog from RFC 8446 (1 by ekr)
https://github.com/tlswg/tls13-spec/issues/1274
6 issues closed:
- Add more text on authentication https://github.com/tlswg/tls13-spec/issues/1284
- Add a changelog from RFC 8446 https://github.com/tlswg/tls13-spec/issues/1274
- Too many KeyUpdates risk key collision within a connection https://github.com/tlswg/tls13-spec/issues/1257 [PR Pending]
- Server Tracking Prevention is also needed https://github.com/tlswg/tls13-spec/issues/1289
- Reusing psk identities enables tracking https://github.com/tlswg/tls13-spec/issues/1287
- Note that clients should ignore NST if they don't support resumption https://github.com/tlswg/tls13-spec/issues/1280
Pull requests
-------------
* tlswg/tls13-spec (+3/-6/💬4)
3 pull requests submitted:
- Changelog entries (by ekr)
https://github.com/tlswg/tls13-spec/pull/1298
- Issue1284 auth text (by ekr)
https://github.com/tlswg/tls13-spec/pull/1297
- Certs plus psk (by ekr)
https://github.com/tlswg/tls13-spec/pull/1296
3 pull requests received 4 new comments:
- #1288 Reusing psk identities enables client and server tracking (1 by ekr)
https://github.com/tlswg/tls13-spec/pull/1288 [propose-close]
- #1270 Update KeyUpdate limits with text from RFC 9147. Fixed #1257 (1 by ekr)
https://github.com/tlswg/tls13-spec/pull/1270
- #1231 RFC 8773 TLS 1.3 Extension for Certificate-Based Authentication with … (2 by ekr)
https://github.com/tlswg/tls13-spec/pull/1231
6 pull requests merged:
- Changelog entries
https://github.com/tlswg/tls13-spec/pull/1298
- Certs plus psk
https://github.com/tlswg/tls13-spec/pull/1296
- Issue1284 auth text
https://github.com/tlswg/tls13-spec/pull/1297
- Update KeyUpdate limits with text from RFC 9147. Fixed #1257
https://github.com/tlswg/tls13-spec/pull/1270
- Discuss the implications of external PSK reuse. Fixes #1287
https://github.com/tlswg/tls13-spec/pull/1294
- Ignore NST if you don't support resumption. Fixes #1280
https://github.com/tlswg/tls13-spec/pull/1295
* tlswg/draft-ietf-tls-ctls (+2/-3/💬0)
2 pull requests submitted:
- Removed open issue regarding snake_case to camelCase conversion (by hannestschofenig)
https://github.com/tlswg/draft-ietf-tls-ctls/pull/92
- Moved handshake_framing section (by hannestschofenig)
https://github.com/tlswg/draft-ietf-tls-ctls/pull/91
3 pull requests merged:
- Section "Adding a cTLS Template message type"
https://github.com/tlswg/draft-ietf-tls-ctls/pull/88
- Moved handshake_framing section
https://github.com/tlswg/draft-ietf-tls-ctls/pull/91
- Removed open issue regarding snake_case to camelCase conversion
https://github.com/tlswg/draft-ietf-tls-ctls/pull/92
Repositories tracked by this digest:
-----------------------------------
* https://github.com/tlswg/draft-ietf-tls-semistatic-dh
* https://github.com/tlswg/draft-ietf-tls-md5-sha1-deprecate
* https://github.com/tlswg/draft-ietf-tls-esni
* https://github.com/tlswg/certificate-compression
* https://github.com/tlswg/draft-ietf-tls-external-psk-importer
* https://github.com/tlswg/draft-ietf-tls-ticketrequest
* https://github.com/tlswg/tls13-spec
* https://github.com/tlswg/tls-flags
* https://github.com/tlswg/dtls13-spec
* https://github.com/tlswg/dtls-conn-id
* https://github.com/tlswg/tls-subcerts
* https://github.com/tlswg/oldversions-deprecate
* https://github.com/tlswg/sniencryption
* https://github.com/tlswg/tls-exported-authenticator
* https://github.com/tlswg/draft-ietf-tls-ctls
* https://github.com/tlswg/external-psk-design-team
- [TLS] Weekly github digest (TLS Working Group Dra… Repository Activity Summary Bot