Re: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf-input-00 and draft-rescorla-tls-suiteb-00
Eric Rescorla <ekr@networkresonance.com> Mon, 18 December 2006 15:48 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GwKjT-00054F-My; Mon, 18 Dec 2006 10:48:51 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GwKjS-000542-ED for tls@lists.ietf.org; Mon, 18 Dec 2006 10:48:50 -0500
Received: from laser.networkresonance.com ([198.144.196.2]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GwKjR-0003pu-3u for tls@lists.ietf.org; Mon, 18 Dec 2006 10:48:50 -0500
Received: from networkresonance.com (raman.networkresonance.com [198.144.196.3]) by laser.networkresonance.com (Postfix) with ESMTP id DD2A75C01E; Mon, 18 Dec 2006 07:51:57 -0800 (PST)
To: Peter Williams <home_pw@msn.com>
Subject: Re: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf-input-00 and draft-rescorla-tls-suiteb-00
In-reply-to: Your message of "Sat, 16 Dec 2006 16:49:24 PST." <BAY103-W3A48F6200DC853086AD4292CA0@phx.gbl>
X-Mailer: MH-E 7.4.3; nmh 1.2; XEmacs 21.4 (patch 19)
Date: Mon, 18 Dec 2006 07:48:46 -0800
From: Eric Rescorla <ekr@networkresonance.com>
Message-Id: <20061218155157.DD2A75C01E@laser.networkresonance.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Cc: tls@lists.ietf.org, pasi.eronen@nokia.com
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Peter, *please* figure out some way to put line breaks in your messages. It makes them very hard to read. Peter Williams <home_pw@msn.com> wrote: > What the architecture change in the I-D seems to propose is that > applications in unix host type environments may require > API/socket-level access to more than the sessionid. That's always been true. Recall that TLS doesn't specify how one checks certificates. That's done at higher layers (E.g., RFC 2818). So, the next layer protocol generally needs a fair amount of access to properties of the TLS session. It's also generally common to provide access to the cipher suite. > I do note that the spec is targeting an HTTP extension, worries alot > about the extension negotiation rules, and of course entails that the > extension's user-data might be passing over OOB channels beyond the > control of load balancers and their traditional engineering work in > trying to tie keepalives, ssl sessions, and cryptobox sessions > together. Why do you say "HTTP extension"? This is a pure TLS extension. -Ekr _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] New I-Ds: draft-rescorla-tls-opaque-prf-inp… Pasi.Eronen
- RE: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf… Peter Williams
- Re: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf… Martin Rex
- Re: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf… Eric Rescorla
- RE: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf… Peter Williams
- RE: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf… Pasi.Eronen
- Re: [TLS] New I-Ds: draft-rescorla-tls-opaque-prf… Omirjan Batyrbaev