You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some things that were unclear when I tried to cleartext encryption from the -07 draft. I am more or less a TLS novice, so YMMV:
Section 5.2.1: For the cleartext secret, it would be useful to state quite clearly here that the connection ID is the "wire image" or "network order" version of connection ID; implementers should not change to host order, etc before calling HKDF-Extract.
Section 5.2.4: "the IV length is the larger of 8 or N_MIN (see section 4 of RFC 5116)". This is super user-unfriendly. At a minimum, we should state that the N_MIN for AES_128_GCM (needed for cleartext) is 12 bytes. At best, we should just list the IV size for supported ciphers.
Section 5.3: "Prior to TLS providing keys, no record protection is performed and the plaintext, P, is transmitted unmodified." I believe this paragraph is obsolete.
The text was updated successfully, but these errors were encountered:
The wire order thing is being hashed out in #833. An opaque value can only ever be serialized one way, but if we decide that it's a number, then we will merge #881.
Some things that were unclear when I tried to cleartext encryption from the -07 draft. I am more or less a TLS novice, so YMMV:
Section 5.2.1: For the cleartext secret, it would be useful to state quite clearly here that the connection ID is the "wire image" or "network order" version of connection ID; implementers should not change to host order, etc before calling HKDF-Extract.
Section 5.2.4: "the IV length is the larger of 8 or N_MIN (see section 4 of RFC 5116)". This is super user-unfriendly. At a minimum, we should state that the N_MIN for AES_128_GCM (needed for cleartext) is 12 bytes. At best, we should just list the IV size for supported ciphers.
Section 5.3: "Prior to TLS providing keys, no record protection is performed and the plaintext, P, is transmitted unmodified." I believe this paragraph is obsolete.
The text was updated successfully, but these errors were encountered: