New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check list for TLS 1.3 #282

Open
kazu-yamamoto opened this Issue Aug 17, 2018 · 3 comments

Comments

Projects
None yet
1 participant
@kazu-yamamoto
Collaborator

kazu-yamamoto commented Aug 17, 2018

  • Does checkValid cover all possibility of Established?
  • Can estimatedRTT be removed from sessionTicketInfo (or other solution to serialization of SessionData)?
  • filterCredentialsWithHashSignatures should be used in credentialsFindForSigning13

Missing features:

  • Client authentication
  • Key pudate
  • Downgrade protection

@kazu-yamamoto kazu-yamamoto self-assigned this Sep 13, 2018

@kazu-yamamoto

This comment has been minimized.

Show comment
Hide comment
@kazu-yamamoto

kazu-yamamoto Sep 13, 2018

Collaborator

Things merged or fixed

Collaborator

kazu-yamamoto commented Sep 13, 2018

Things merged or fixed

@kazu-yamamoto

This comment has been minimized.

Show comment
Hide comment
@kazu-yamamoto

kazu-yamamoto Sep 13, 2018

Collaborator

APIs for 0RTT

  • ClientParams.clientEarlyData :: Maybe ByteString -- Early data to be sent in 0RTT
  • ServerParams.serverEarlyDataSize :: Int -- Maximum acceptable size of early data. 0 means "rejecting 0RTT data"
  • Information.infoIsEarlyDataAccepted :: Bool -- telling whether or not TLS 1.3 early data is accepted. If not, the client should resend the data
Collaborator

kazu-yamamoto commented Sep 13, 2018

APIs for 0RTT

  • ClientParams.clientEarlyData :: Maybe ByteString -- Early data to be sent in 0RTT
  • ServerParams.serverEarlyDataSize :: Int -- Maximum acceptable size of early data. 0 means "rejecting 0RTT data"
  • Information.infoIsEarlyDataAccepted :: Bool -- telling whether or not TLS 1.3 early data is accepted. If not, the client should resend the data
@kazu-yamamoto

This comment has been minimized.

Show comment
Hide comment
@kazu-yamamoto

kazu-yamamoto Sep 13, 2018

Collaborator

Usage of tls-simpleclient now goes to https://github.com/vincenthz/hs-tls/blob/master/README.md

Collaborator

kazu-yamamoto commented Sep 13, 2018

Usage of tls-simpleclient now goes to https://github.com/vincenthz/hs-tls/blob/master/README.md

@kazu-yamamoto kazu-yamamoto referenced this issue Sep 13, 2018

Closed

TLS 1.3 #167

12 of 15 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment