[TLS] Weekly github digest (TLS Working Group Drafts)

Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 08 November 2020 07:32 UTC

Return-Path: <do_not_reply@mnot.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A56FF3A10DB for <tls@ietfa.amsl.com>; Sat, 7 Nov 2020 23:32:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=p8PhADxp; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=PhDvO8BH
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6QvQPKYLH8iv for <tls@ietfa.amsl.com>; Sat, 7 Nov 2020 23:32:54 -0800 (PST)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C7173A10AA for <tls@ietf.org>; Sat, 7 Nov 2020 23:32:54 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id B2F4451E for <tls@ietf.org>; Sun, 8 Nov 2020 02:32:53 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Sun, 08 Nov 2020 02:32:53 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:from:to:subject:message-id:date; s= fm1; bh=nFhwZzOHKF+mLfVvtb8nA28Zet4xa5zjOo1ZsDrZWjs=; b=p8PhADxp G5tmFQ+aDw5xd4IMhyU+TkH/yBlO+i681N2nVvnsW9m5vLPOcHqgFgjkH/Z/hxNS eWzg3IMnXsG6KgbdnpfwkWc7P0Qfe8XM6Vo/p5MwY/VOgQ6rea2LVXJMHGfIp9iH a7DbT5IXCS53hRffdo+5zPkEy4D9cbErGkDVNIgwZiFzFQiIAMJPregE29vACiBa TEKW/WNfWwhnRg+PX27BX8Rzgqq7EDBdffWNGzkX+prNKA6t32Iq5E+jfv0JlG46 1dFvaqKstf+FmihxH5b0OCw6vBI1tscAPSByh5r5JMqxiyD0RLsD0tz9e1LJaWKk 5iDmQPXay2WcNw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=nFhwZzOHKF+mLfVvtb8nA28Zet4xa 5zjOo1ZsDrZWjs=; b=PhDvO8BH8Z0iMULsdWQ10eB2xw1ZPIFyoB/IJ2TbGPc+f HexwRBEVtG4rTu+sfAu2cwS1fn3NTbjgfzrNz1Uj1lpiUHIRvZZc0IKgVCq0wKyV vefZuEQvcYP8LSF2HL669bv/e6KjbcX+mahc0KyZb7rgU50vCutN5/YOz7R4U+OY R9pbM2flmnaLbWgYeWUcVomsSatTEhxc3MuheW/whcSmhn+KgmmwwSvWM43a7HTw Jj5IMv/NXfMVKs1NAHOJWXWgpD49Mco0gZUqFwgQ7HLa1n/zv7Eyzr+PrDvHACkq G7cyUJwXa8BzwOuS6aWKYzHYv3WJSi15FXGJY9S0Q==
X-ME-Sender: <xms:JZ-nX7dfCBk44sbJseXMsT3Sd4Awji2DOk_DczV3olFewsuX8MdlHg> <xme:JZ-nXxNHOWWyw4by091n8Eo_xphm1aQGx_lEt9Z1Ga8GGRyaIZHgD08N7s8r_kgTE Ryvox4fkuU8Am1DGA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudduvddguddtiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurheptggghffvufesrgdttdertddtje enucfhrhhomheptfgvphhoshhithhorhihucettghtihhvihhthicuufhumhhmrghrhicu uehothcuoeguohgpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtqeenucggtffrrghtth gvrhhnpeekfedvudetjedvfeekheeiveeugfefhfetteevgeffkefffeetffdvleehudei teenucffohhmrghinhepghhithhhuhgsrdgtohhmnecukfhppeehvddrudefkedrkedurd egjeenucevlhhushhtvghrufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfhhrohhmpegu ohgpnhhothgprhgvphhlhiesmhhnohhtrdhnvght
X-ME-Proxy: <xmx:JZ-nX0itIobj_MWwhVGsT3dOxMHRTYbjNkoXCmtLScAhg-sfqhY8vQ> <xmx:JZ-nX8_jtbeLI77Lcc_CYIAQfl1sZIEdeTrGzdfaaQvyqiJx_9POCA> <xmx:JZ-nX3u9NWT_yo3lyNiGYxRKJjywPoAe6wlvlwrv2iw9fKJ3D6fjuQ> <xmx:JZ-nXwX6MUBrn-GlxgQqtkbb9mTnuawTgRD4qrzQdKMBEGI8yd4zdQ>
Received: from fv-az59-950.internal.cloudapp.net (unknown [52.138.81.47]) by mail.messagingengine.com (Postfix) with ESMTPA id 05E74328005E for <tls@ietf.org>; Sun, 8 Nov 2020 02:32:53 -0500 (EST)
Content-Type: multipart/alternative; boundary="===============2148160198269034416=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: tls@ietf.org
Message-Id: <20201108073253.05E74328005E@mailuser.nyi.internal>
Date: Sun, 8 Nov 2020 02:32:53 -0500 (EST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/zytcT4M_wcYZW0HeFE6OSx-J500>
Subject: [TLS] Weekly github digest (TLS Working Group Drafts)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Nov 2020 07:33:02 -0000



Issues
------
* tlswg/draft-ietf-tls-esni (+3/-1/πŸ’¬11)
  3 issues created:
  - ECH contradicts second ClientHello consistency requirements in RFC8446 (by davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/issues/358 
  - Clients should send consistent GREASE ECH extensions between CH1 and CH2 (by davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/issues/356 
  - "Don't stick out" considerations for ECH-09 (by cjpatton)
    https://github.com/tlswg/draft-ietf-tls-esni/issues/354 

  3 issues received 11 new comments:
  - #356 Clients should send consistent GREASE ECH extensions between CH1 and CH2 (5 by chris-wood, cjpatton, davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/issues/356 
  - #348 General server handling of ECH extension is unclear (3 by chris-wood, cjpatton, davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/issues/348 
  - #326 Include ECH context in ClientHelloOuterAAD (3 by chris-wood, cjpatton, davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/issues/326 

  1 issues closed:
  - Consider shortening config_id to 8 bytes https://github.com/tlswg/draft-ietf-tls-esni/issues/342 

* tlswg/dtls13-spec (+0/-1/πŸ’¬3)
  1 issues received 3 new comments:
  - #153 DTLS 1.3 header format (3 by awcunning, hannestschofenig)
    https://github.com/tlswg/dtls13-spec/issues/153 

  1 issues closed:
  - DTLS 1.3 header format https://github.com/tlswg/dtls13-spec/issues/153 

* tlswg/dtls-conn-id (+0/-3/πŸ’¬1)
  1 issues received 1 new comments:
  - #76 Clarification - variable length CID encoding MUST be deterministic (1 by boaks)
    https://github.com/tlswg/dtls-conn-id/issues/76 

  3 issues closed:
  - Clarification - variable length CID encoding MUST be deterministic https://github.com/tlswg/dtls-conn-id/issues/76 
  - Add CIDAC (Connection ID Authentication Code)  https://github.com/tlswg/dtls-conn-id/issues/74 
  - Disallow sending MAC failure fatal alerts to non-validated peers https://github.com/tlswg/dtls-conn-id/issues/72 



Pull requests
-------------
* tlswg/draft-ietf-tls-esni (+3/-5/πŸ’¬19)
  3 pull requests submitted:
  - Correcting incorrect integer equivalents for ECH and outer_extensions (by sudheesh001)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/357 
  - Bump HPKE-05 to -06 (by cjpatton)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/355 
  - Derive accept confirmation from the handshake secret  (by cjpatton)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/353 

  5 pull requests received 19 new comments:
  - #357 Correcting incorrect integer equivalents for ECH and outer_extensions (4 by chris-wood, davidben, sudheesh001)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/357 
  - #353 Derive accept confirmation from the handshake secret  (3 by chris-wood, ekr)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/353 
  - #352 Use the same HPKE context between the two ClientHellos (8 by chris-wood, cjpatton, davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/352 
  - #345 Only extract 8 bytes for the config_id (1 by davidben)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/345 
  - #316 Require HRR-sensitive parameters match in ClientHello(Outer|Inner). (3 by davidben, ekr)
    https://github.com/tlswg/draft-ietf-tls-esni/pull/316 

  5 pull requests merged:
  - Correcting incorrect integer equivalents for ECH and outer_extensions
    https://github.com/tlswg/draft-ietf-tls-esni/pull/357 
  - Bump HPKE-05 to -06
    https://github.com/tlswg/draft-ietf-tls-esni/pull/355 
  - Clarify client and server roles
    https://github.com/tlswg/draft-ietf-tls-esni/pull/350 
  - Rearrange the server HRR text.
    https://github.com/tlswg/draft-ietf-tls-esni/pull/351 
  - Only extract 8 bytes for the config_id
    https://github.com/tlswg/draft-ietf-tls-esni/pull/345 

* tlswg/draft-ietf-tls-ticketrequest (+1/-1/πŸ’¬0)
  1 pull requests submitted:
  - Address Ben's review. (by chris-wood)
    https://github.com/tlswg/draft-ietf-tls-ticketrequest/pull/22 

  1 pull requests merged:
  - Address Ben's review.
    https://github.com/tlswg/draft-ietf-tls-ticketrequest/pull/22 

* tlswg/dtls13-spec (+4/-2/πŸ’¬0)
  4 pull requests submitted:
  - Referencing the DTLSInnerPlaintext from the encrypted_record structure (by hannestschofenig)
    https://github.com/tlswg/dtls13-spec/pull/157 
  - Boilerplate Text Change (by hannestschofenig)
    https://github.com/tlswg/dtls13-spec/pull/156 
  - Changes in Markdown (by hannestschofenig)
    https://github.com/tlswg/dtls13-spec/pull/155 
  - Corrected Figure 4 (by hannestschofenig)
    https://github.com/tlswg/dtls13-spec/pull/154 

  2 pull requests merged:
  - Changes in Markdown
    https://github.com/tlswg/dtls13-spec/pull/155 
  - Corrected Figure 4
    https://github.com/tlswg/dtls13-spec/pull/154 

* tlswg/dtls-conn-id (+0/-3/πŸ’¬1)
  1 pull requests received 1 new comments:
  - #73 Disallow sending MAC failure fatal alerts to non-validated peers (1 by boaks)
    https://github.com/tlswg/dtls-conn-id/pull/73 

  3 pull requests merged:
  - Disallow sending MAC failure fatal alerts to non-validated peers
    https://github.com/tlswg/dtls-conn-id/pull/73 
  - Editorial bits from AD review
    https://github.com/tlswg/dtls-conn-id/pull/75 
  - Corrected reference to the RRC draft
    https://github.com/tlswg/dtls-conn-id/pull/71 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/tlswg/draft-ietf-tls-semistatic-dh
* https://github.com/tlswg/draft-ietf-tls-md5-sha1-deprecate
* https://github.com/tlswg/draft-ietf-tls-esni
* https://github.com/tlswg/certificate-compression
* https://github.com/tlswg/draft-ietf-tls-external-psk-importer
* https://github.com/tlswg/draft-ietf-tls-ticketrequest
* https://github.com/tlswg/tls-flags
* https://github.com/tlswg/dtls13-spec
* https://github.com/tlswg/dtls-conn-id
* https://github.com/tlswg/tls-subcerts
* https://github.com/tlswg/oldversions-deprecate
* https://github.com/tlswg/sniencryption
* https://github.com/tlswg/tls-exported-authenticator
* https://github.com/tlswg/draft-ietf-tls-grease