 |
 |
 |
 |
|
 |
|
 |
|
 |
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
Pasi:
I'd like to re-iterate my earlier concern about the original draft-rescorla-tls-opaque-prf-input draft: this defines a basically general-purpose extension mechanism to TLS. We already have a well-defined extension mechanism for TLS (TLS extensions), which would allow people to do exactly the sorts of things envisioned in Section 1.1. Its only "drawback" is that it requires going through the IETF process to obtain the IANA allocation, and thus publicly documenting what you're doing.
I do not think this is a fair characterization. TLS extensions cannot provide additional PRF inputs. To my eyes, that is the fundamental difference here.
Russ(also with no hats on)