From 02cb675217656c2c0d4a3846cdaab97feb0ecf55 Mon Sep 17 00:00:00 2001 From: EKR Date: Thu, 13 Jul 2023 09:09:11 -0700 Subject: [PATCH] Remove parenthetical --- draft-ietf-tls-rfc8446bis.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/draft-ietf-tls-rfc8446bis.md b/draft-ietf-tls-rfc8446bis.md index 29ead804..04e14b34 100644 --- a/draft-ietf-tls-rfc8446bis.md +++ b/draft-ietf-tls-rfc8446bis.md @@ -5330,8 +5330,8 @@ of a client key share to the same server additionally allows the server to corre It is RECOMMENDED that the labels for external identities be selected so that they do not provide additional information about the identity of the user. For instance, if the label includes an e-mail address, then -this trivially identifies the user to a passive attacker -(unlike the client's Certificate, which is encrypted). There are a number of potential +this trivially identifies the user to a passive attacker, +unlike the client's Certificate, which is encrypted. There are a number of potential ways to avoid this risk, including (1) using random identity labels (2) pre-encrypting the identity under a key known to the server or (3) using the Encrypted Client Hello {{?I-D.ietf-tls-esni}} extension.