Re: [TLS] Working Group Last Call for draft-ietf-tls-rfc4366-bis-04

[<Pasi.Eronen at nokia.com>]

<not wearing any hats>

The document should have a section (perhaps after current 1.1) listing
changes vs. RFC 4366 (making the hash in certificate_url mandatory;
fixing handling of IDNs in server_name).

There are also a couple of places that probably need some small 
clarifications:

- Section 7, 1st sentence ("Currently defined TLS cipher suites use the
MAC construction HMAC with either MD5 or SHA-1 [RFC2104] to
authenticate record layer communications") is not accurate any more.

- Section 11, last sentence, should point to the TLS 1.2 RFC instead
of 1.0/1.1.

- In Section 11.3, just replacing "There are two major issues.." with
"There were two major issues.." is confusing. We don't really need
several paragraphs to describe a security issue that does not exist
(although we might want to mention it in the "changes since RFC 4366"
section), and the second issue still exists.

Best regards,
Pasi

> -----Original Message-----
> From: tls-bounces at ietf.org [mailto:tls-bounces at ietf.org] On Behalf Of
> ext Joseph Salowey (jsalowey)
> Sent: 24 April, 2009 17:47
> To: TLS at ietf.org
> Subject: [TLS] Working Group Last Call for draft-ietf-tls-rfc4366-bis-
> 04
> 
> This is a working group last call for comments on
> draft-ietf-tls-rfc4366-bis-04 prior to sending this document on to the
> IESG for publication as a proposed standard RFC.  The document and
> revision history can be found here:
> 
> http://tools.ietf.org/html/draft-ietf-tls-rfc4366-bis-04
> 
> 
> Please send any comments to the list by May 15, 2009.
> 
> Thanks,
> 
> Joe
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls