Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

[<Pasi.Eronen at nokia.com>]

Eric Rescorla wrote:

> I don't think the problem here is really the code point assignment.
> 
> I would imagine the IESG and IANA to be pretty good about doing
> advance assignments once the WG has converged on the exact contents
> of the extension. I know we had pretty good consensus within a
> smaller group, but if when we run it by some cryptographers they say
> it's insecure we'll need to change it, at which point it won't
> really help to have deployed code with the "early" code point.

<wearing area director hat>

I think this is one of those cases where an exception to the usual
procedures might be in order, but the "once the WG has converged on
the exact contents" is an important point here. It's relatively rare
that the -00 version of some internet draft and the final RFC are
actually interoperable.

Using the same extension number for multiple incompatible versions of
the draft is probably not a good idea (and probably not very secure,
either -- if the handshake fails, you don't know if it's due to an
attack or just interoperability problem, and the latter might be much
more likely), and I'd like to avoid allocating multiple extension
numbers for different versions of the draft, too.

I certainly hope the WG converges on the contents relatively fast.
The TLS WG is meeting tomorrow (Thursday), so we'll see soon.

Best regards,
Pasi