Re: [TLS] John Scudder's No Objection on draft-ietf-tls-dtls-connection-id-11: (with COMMENT)
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 21 April 2021 05:54 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C5913A11CE; Tue, 20 Apr 2021 22:54:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=t1O+xOi7; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=t1O+xOi7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LyXijv-gRRpY; Tue, 20 Apr 2021 22:54:12 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2079.outbound.protection.outlook.com [40.107.20.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C7003A11CB; Tue, 20 Apr 2021 22:54:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dV8kFFMq9FG9SaSaetO7+2ufFcRayMRMoR7e7bDl6eo=; b=t1O+xOi74T9NvDi7QNUpZozo6eO5R8YWUocObk+Oz67pUcQCfbPgU882TRRrjwmebK5/kwQ1pKeuvfQ238sSoVNhSXYxsUwSaIdqg2gAAAJOmzihj9zBFWRzeOFJIY+ze0p47iQ26KvDbK8Ot0QprB5a9nWvlwcO35LXNOgAxQI=
Received: from AS8PR05CA0004.eurprd05.prod.outlook.com (2603:10a6:20b:311::9) by DB7PR08MB3849.eurprd08.prod.outlook.com (2603:10a6:10:79::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.16; Wed, 21 Apr 2021 05:53:59 +0000
Received: from AM5EUR03FT015.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:311:cafe::32) by AS8PR05CA0004.outlook.office365.com (2603:10a6:20b:311::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.20 via Frontend Transport; Wed, 21 Apr 2021 05:53:59 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT015.mail.protection.outlook.com (10.152.16.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.16 via Frontend Transport; Wed, 21 Apr 2021 05:53:59 +0000
Received: ("Tessian outbound 81a4524e9a48:v90"); Wed, 21 Apr 2021 05:53:59 +0000
X-CR-MTA-TID: 64aa7808
Received: from 24dcb25c724c.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id C10CBDE1-C9B8-4281-99A6-7C9C87B69D7F.1; Wed, 21 Apr 2021 05:53:53 +0000
Received: from EUR04-DB3-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 24dcb25c724c.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Wed, 21 Apr 2021 05:53:53 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YOuQxvrwa4lh0q0qwT8NnVCfAQStvhQE81ATxXmA+O23AxMEWIGl7/2emYuidodUBzR+/s0o6PtGzDpSt7jOUgc8BcE+3B50Fo97W/T5lAAPixxxE8/8B/gVLkSJBZjR7IsVb8vrZgLW0AqF2hLroiVSUZ7r1e0hNhPQqycxGrokCPDfx4PgPuy72LTW7WZLoKkKeE2bkKOy+Ol9yDDj4+6X08zE+o7uTHxXBnJLPk5/OGXOZC3vaFwZ1keEl0KG27I/5M4O3Qtjd/Ficyz9aaDU+FsvjxkbQRZMkb5vYMhyrZNoP9lC6zlNhHKMw6GzX7KZOhjIYUfRE7l665z6/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dV8kFFMq9FG9SaSaetO7+2ufFcRayMRMoR7e7bDl6eo=; b=b4mc6OFpxudIQuXAEFEYfne/iRJxmU3I9Q6BlMawcRFYu6gvUxiSbd7PDOFgujIcD6EBxvrE/D+HjpyBuBe2WJP5FX6VnWBiY3zF+AktwXzfVR7CzZ9K/YlaZizLhN8jK8uTPUNipskvFldnB60Xrrt8pgGjbWYrq9SiYgiC569BLlxcdJmXhcPXDdlpfyeAi/FMxgBrigcPlSWxvKgi9gTLf/cxwaIhg3IYrZ5yfk+2P7EOqSczXgA+7Y7CqdOi6rG7oWO29SoYNLGzF0nQEPqYRnTSZKOKII1hmdRIaVMjvJD6prekpYH3OVXnPocK8h8KxdTaHEfa+gYrI61WyA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dV8kFFMq9FG9SaSaetO7+2ufFcRayMRMoR7e7bDl6eo=; b=t1O+xOi74T9NvDi7QNUpZozo6eO5R8YWUocObk+Oz67pUcQCfbPgU882TRRrjwmebK5/kwQ1pKeuvfQ238sSoVNhSXYxsUwSaIdqg2gAAAJOmzihj9zBFWRzeOFJIY+ze0p47iQ26KvDbK8Ot0QprB5a9nWvlwcO35LXNOgAxQI=
Received: from VI1PR08MB2639.eurprd08.prod.outlook.com (2603:10a6:802:25::13) by VI1PR0801MB1904.eurprd08.prod.outlook.com (2603:10a6:800:81::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.23; Wed, 21 Apr 2021 05:53:50 +0000
Received: from VI1PR08MB2639.eurprd08.prod.outlook.com ([fe80::99ef:85aa:3465:475e]) by VI1PR08MB2639.eurprd08.prod.outlook.com ([fe80::99ef:85aa:3465:475e%7]) with mapi id 15.20.4042.024; Wed, 21 Apr 2021 05:53:50 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Eric Rescorla <ekr@rtfm.com>, John Scudder <jgs@juniper.net>
CC: The IESG <iesg@ietf.org>, "draft-ietf-tls-dtls-connection-id@ietf.org" <draft-ietf-tls-dtls-connection-id@ietf.org>, tls-chairs <tls-chairs@ietf.org>, "<tls@ietf.org>" <tls@ietf.org>, Joseph Salowey <joe@salowey.net>
Thread-Topic: John Scudder's No Objection on draft-ietf-tls-dtls-connection-id-11: (with COMMENT)
Thread-Index: AQHXNil7rDOYVTM64USX6SGiw2UgSKq97NGAgACLlZA=
Date: Wed, 21 Apr 2021 05:53:50 +0000
Message-ID: <VI1PR08MB26391436A59F22BDAA40C91BFA479@VI1PR08MB2639.eurprd08.prod.outlook.com>
References: <161895297137.8190.2910970787366433858@ietfa.amsl.com> <CABcZeBNZOd2ophiubxkLSuvZXyuSRJKQCxjqm3J=9-fWpWWg2A@mail.gmail.com>
In-Reply-To: <CABcZeBNZOd2ophiubxkLSuvZXyuSRJKQCxjqm3J=9-fWpWWg2A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 18CFE1502B1B504CA06032C43227510B.0
x-checkrecipientchecked: true
Authentication-Results-Original: rtfm.com; dkim=none (message not signed) header.d=none;rtfm.com; dmarc=none action=none header.from=arm.com;
x-originating-ip: [195.149.223.198]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 479f5ced-03a6-4a71-a963-08d90489dbcb
x-ms-traffictypediagnostic: VI1PR0801MB1904:|DB7PR08MB3849:
X-Microsoft-Antispam-PRVS: <DB7PR08MB3849A673D8F92B903BE20ED6FA479@DB7PR08MB3849.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: ESG6Y2sS89VjWss52wJIj3aEJitjVywBHi/qo/Xw61Co2xC6UIHmFUqmjJvB2o7ofxUsgQkRb5XlskJxVjG++lpn7Bq3pKhJQP6MlYRGnRixT5cLU9Qbki0GoXeKcyQt8Nn3FlWpGSle3qVZcMGbQClwHIMu/LUHFW3u4Sa+RkSkIbw7r7MqOvSZGL/aMWeDMIrR/WpUGLRUSTN3Rxo0b7iTdNHeCsI6Q2GxiYZ+zzha/wjfhP6VHAFaTb+GjWg1X8D6L2T3SQsXhMENj0jMnhjBuHJ63G7ZzKyCRdEp4W0jqKkXK08LEEj5vXsuPfXDMQb5U2ivnmIsrtQGYtgJcB1weOWLtN9maZvlukCXSCuxJv9Ff5W6SIC++8fzO8t/wLlkH+tvC2ONVkma2yFCYrGuHDQCyXTK9lJg1e5s/FNjWGE25Ix/Vs0A+VpFjyWRgE+XfF9UgVKsFPmY7CsdIHqvM+vPOQLIiCeBSC6iUZhNoadwnMv3W4slBy6vR0TzvbYvNbJzieGEYa9duycgo4cLxDiVkswidsrR4y/vUzDSm7/lBijlG6j/aPJ5bsmssLN3BQx1MQ5RdrIRv0+LrJ7aTaZk4srhVa1zst9js1N3dxFu8tl823Ag6/tNazrxLvA7po7jTx2/NVcjiXbHIZd+bRn8oJBrar6Cay26XIEaFmIHmCHGDQJbZL6viZjV
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR08MB2639.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(346002)(376002)(39860400002)(396003)(136003)(8936002)(4326008)(5660300002)(52536014)(166002)(76116006)(66946007)(66556008)(53546011)(478600001)(966005)(7696005)(21615005)(6506007)(2906002)(86362001)(83380400001)(64756008)(66476007)(122000001)(54906003)(71200400001)(26005)(316002)(66446008)(8676002)(55016002)(186003)(110136005)(9686003)(33656002)(38100700002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: u4aOgdIeE2TZUK9fY/Mb1C2r86He48msXA7/GNWy4G1VQMK2QvCjpi/V8yjFISi94IiHl9uty0al/xV9Mg4Vx62zbdNciI71XBpbnI2lmnaX+wjtTx8fjOSTeeLwakR+QHxpr84YG6c6j3l8/ARwH2NkQDFlCCAuGTeh0dpTZXTPDtlWmgBdyxnR7BYXBu4B/hraROmnmQKtFHeQMBOhDAOod9Li3dr0PZr6zhIncomlkLCT/KnWwjJ6Eblx3EZuRt83mqSzNFSRVF9k1xo8lAUKKZXZb5oSkhU2D0bzdkhjXQnlsDIe05SeKdMWWCwIPeAe2IYWeXxwoTfrnBEPL0/EFnyHpE6zXuaIsSN4PJMfS28YrQ+N5v6xRH2mn5OTmJs0sS32OTpAltoV7aMNACxjVe0ePts0OGD3qfZj9WU3iD5rYHTMCKu8KSivOxI/SdwldCcAUX9k+jxKKw88k1rEzizWKY8DDAuGwlLlFQk1h+bcebRW7O6qnN1EbInuZjBMCePQGT3nbor7GrNYMYUhd8c8aUOLg39HHQLRwvD3Lt4KV3eRJpTrKWatYzveg7przKXLfflqn9r0yTDbwJCMqtsy2m5YvXA1o5DsmX6iVmaLqPqaTcl3z5cyyk+M474v6BcPhYhMxeoHbfs5aFXEFxQsIYnWZiYmAhXSI4HP3btgnSusB16rpLdveWx6LN5GysDT5uWwTGRuW1baANtjkKRClBT9mgT/66pn4fg5pwLdmvFWpwh0cHa3sSEcgblpzhc78vCOOSRPjqhRAp37EOvrMnb207xDApKwSQEXAAeMoiYcEkZD0iRSv6bFXuADAVB3LWEDCkReN1CwY7xNBNiqcGtivOZO/SgzORtIirejXu0DMlOZa0MTg3zoZH3hht97wwpkltJBcypTKKqxgYKBd0r3C0kT6NtttgwqYdD9V3ZgA5SssXKOmXjhRpSpUvuy4mRHD4XojJPs9NZjj4dTQqu2/uH0orAi4t+cEgv15xgMxY7/NKRQVhso6j1q5I43oM5W44EVH+GPIL6Brtsaqfmuh/jhinBhJH0pTTuQCrz5rFkALZhyjqsqKc4xDhYv7w1SeFz2GunyZdalpTdNXba7vWMfM2AP0XfykYTw96GoIevAGST5f4COh6POhyd0lOLyc/jYSHzSqbWivnywvCHfQtF3rlcfjb6J9fxUPtazFPA65EYIjHzTJFp5ti++mV5hi3aUnAfL80WKoiVoKN3tXUS/leaUNFSJYhcbqGl/EmOTwgxL86gGCdwANe+/iZDXKbYpBIJ5M/fi+cNsJUkjqtpasjR0a9n0pHaanomQ8qNacA1P12HQ
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR08MB26391436A59F22BDAA40C91BFA479VI1PR08MB2639eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1904
Original-Authentication-Results: rtfm.com; dkim=none (message not signed) header.d=none;rtfm.com; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT015.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: e8719810-e611-4c2a-1273-08d90489d66b
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: I763/cndMxPqlKzl1Q9w9cKoLctMoPE33hHgGpnkTAYX2FWnnDPmNJMhcBi2+o2MtmRZw5pIFB4KA+igf1CxLyPydA4BuzlXDHn15/mw7unF3kXykbMo5yUEXNvEUNK9l/EtrjjELTQO/w23ANhXvV3qKAem3L1SgoEVtLbFsizrTWd0ZqD85sIsR70wuDzstPsef33hj1g1Rfb9y8VNumYQKIhP4faA4O4u/0CkEDkldx9YFm3TQHvyagk/BjWMsDypcNoegZmRwek6qvXmh/Lv5iFiD5vIrRLmWo1XWdVF/DqU02VNzv+ArdkTGp/oL8BI765zMLg+F/9ZWneiMVBIOH95MklyUMfmEPlHjdNNXgupcp3+uQiP7paxyQfAwRX89YRHh5CdDxLB7dvOxpLb/i1AxuEI/ct5VT4jIEMk1QbNqyANyK6i8Y/5pmRIQiB5HBjSTDvQetdezw2TL7RlReNWuR25pXSJD+Zzw3bsakl4LfaHiyCzMFQK0b6+urNOclMhe3C4QB46b4mp3hADU4G5KB+l4Kla6NqNP48IqGRDp+2iylhdoWpa3/klEhbKiL7C6LMDbl75C+A8biv3vCmPD7F21vQiUqewCalJeXY/f8EBDFRJDRcNOCKXTvz96su81YMaKDwHtibbnnZ/e+g3IJejE5T6qJXdqyYMBcA4nFBRJtK1kxPQgFErri13TM5STtGl5g2sIqjUtlhkJ/3gQa3sk+8Ewc+ChNA=
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(136003)(396003)(39860400002)(376002)(346002)(46966006)(36840700001)(9686003)(33964004)(21615005)(8676002)(7696005)(82740400003)(316002)(356005)(336012)(107886003)(70206006)(52536014)(33656002)(8936002)(2906002)(450100002)(81166007)(82310400003)(30864003)(4326008)(47076005)(70586007)(166002)(55016002)(6506007)(26005)(54906003)(83380400001)(110136005)(186003)(478600001)(966005)(36860700001)(86362001)(53546011)(5660300002); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2021 05:53:59.2844 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 479f5ced-03a6-4a71-a963-08d90489dbcb
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT015.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB3849
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/cz7zMKyFBuq1aRE29AGkUeWWNxk>
Subject: Re: [TLS] John Scudder's No Objection on draft-ietf-tls-dtls-connection-id-11: (with COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2021 05:54:18 -0000
Hi John, Hi Ekr, Regarding the presentation language used in the document I have added a clarification to the terminology section, see https://github.com/tlswg/dtls-conn-id/pull/110. I hope this addresses the issue. Ciao Hannes From: Eric Rescorla <ekr@rtfm.com> Sent: Tuesday, April 20, 2021 11:32 PM To: John Scudder <jgs@juniper.net> Cc: The IESG <iesg@ietf.org>; draft-ietf-tls-dtls-connection-id@ietf.org; tls-chairs <tls-chairs@ietf.org>; <tls@ietf.org> <tls@ietf.org>; Joseph Salowey <joe@salowey.net> Subject: Re: John Scudder's No Objection on draft-ietf-tls-dtls-connection-id-11: (with COMMENT) On Tue, Apr 20, 2021 at 2:09 PM John Scudder via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote: John Scudder has entered the following ballot position for draft-ietf-tls-dtls-connection-id-11: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-dtls-connection-id/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I found this document heavy sledding but once I was through it, it all came together, with the exception of my #3, below. The “heavy sledding” part I think would be largely fixed by addressing my #1, below. 1. Section 3: This pseudocode is a little too pseudo for me: struct { opaque cid<0..2^8-1>; } ConnectionId; What does the content of the angle brackets mean? At first I took it to mean “this can take on a value from 0 to 255” [*] but parts of the spec that go on about variable lengths made me think that couldn’t be right. Eventually, by paging through RFC 5246, I found some explanations of what this stuff is supposed to mean; in §4.3 of that RFC I found out that Variable-length vectors are defined by specifying a subrange of legal lengths, inclusively, using the notation <floor..ceiling>. When these are encoded, the actual length precedes the vector's contents in the byte stream. The length will be in the form of a number consuming as many bytes as required to hold the vector's specified maximum (ceiling) length. I assume this is what’s going on in DTLS as well. This cleared up my main source of confusion, which was regarding just how you were encoding these variable-length CIDs anyway. (And oh by the way, that definition doesn’t say what the units of length are. Bytes seems implied but isn’t explicit.) While I don’t expect you to supply these definitions again, it would be courteous to your readers to have a sentence or two explaining that pseudo-code conventions are found in RFC 5246, special extra credit for section references as well. And yes, I did notice "This document assumes familiarity with DTLS 1.2 [RFC6347].” That’s well and good, but I don’t think “familiarity” is the same as “we have adopted the same notational conventions” This seems like a pretty basic assumption. These aren't just notational conventions or pseudo-code. They're the protocol description language that TLS is defined in. If one isn't familiar with how to read this syntax, then you really don't have much of a hope of correctly implementing this specification. [*] By the way, why not just use “255” in the text instead of “2^8-1”? Eschew obfuscation! Which one of these is clearer seems like a question of taste, I should think. It's worth noting that because the length prefix is determined by the ceiling, arguably 2^8-1 is clearer. 2. Section 3: If DTLS peers have negotiated the use of a non-zero-length CID for a given direction, then once encryption is enabled they MUST send with the record format defined in {{dtls-ciphertext} with the new MAC computation defined in Section 5 and the content type tls12_cid. Plaintext payloads never use the new record type and the CID content type. What’s “{{dtls-ciphertext}”? I’m guessing just a botched xref? Yes, presumably. Looks like I forgot a }}. Also, the first sentence seems to have no object. (What MUST they send?) send anything, but I suppose "send records". I can make a change. 3. Section 6: * There is a strategy for ensuring that the new peer address is able to receive and process DTLS records. No such strategy is defined in this specification. This is a little mind-boggling to me. I understand this to mean I can’t send the new address a DTLS record unless I’ve already ensured it can receive and process that record, right? This seems almost like a classic Catch-22. I feel like I must be missing something. This specification *only* allows you to mux, but doesn't allow you to migrate. We could probably make this point clearer. -Ekr IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [TLS] John Scudder's No Objection on draft-ietf-t… John Scudder via Datatracker
- Re: [TLS] John Scudder's No Objection on draft-ie… Eric Rescorla
- Re: [TLS] John Scudder's No Objection on draft-ie… John Scudder
- Re: [TLS] John Scudder's No Objection on draft-ie… Eric Rescorla
- Re: [TLS] John Scudder's No Objection on draft-ie… Rob Sayre
- Re: [TLS] John Scudder's No Objection on draft-ie… John Scudder
- Re: [TLS] John Scudder's No Objection on draft-ie… John Scudder
- Re: [TLS] John Scudder's No Objection on draft-ie… Achim Kraus
- Re: [TLS] John Scudder's No Objection on draft-ie… Hannes Tschofenig
- Re: [TLS] John Scudder's No Objection on draft-ie… Hannes Tschofenig
- Re: [TLS] John Scudder's No Objection on draft-ie… Hannes Tschofenig