On 15/10/2021 14:41, Sam Whited wrote:
As I've mentioned before to you, I don't believe it updates this
document in any way as the statement about unique master secrets in that
document is still true either way and does not need to be modified. I'm
not against adding this if others also agree, but I just don't see it.
As RFC 7677 only specifies use of "tls-unique" as
mandatory-to-implement, I agree that it should be updated to point to
your draft.
Maybe you could propose some text for how you think it updates 7677 or
where you think a reference to 7677 would be appropriate and that would
make things more clear?
How about a short new section ("Update to RFC 7677") that contains
something like the following:
As "tls-unique" channel binding is not defined for TLS 1.3 [RFC8446],
when using SCRAM-SHA-256/SCRAM-SHA-256-PLUS over TLS 1.3, the
"tls-exporter" channel binding [tls-1.3-channel-binding] MUST be the
default channel binding (in the sense specified in Section 6.1 of
[RFC5802]) to use. Note that this document doesn't change the default
channel binding to use for SCRAM-SHA-256/SCRAM-SHA-256-PLUS over TLS 1.2
[RFC5246], which is still "tls-unique".
Best Regards,
Alexey
—Sam
On Thu, Oct 14, 2021, at 18:12, Ludovic BOCQUET wrote:
It is possible to add in "Updates": 7677?
In the text too?
And at the bottom:
[RFC7677] Tony Hansen, "SCRAM-SHA-256 and SCRAM-SHA-256-
PLUS Simple Authentication and Security Layer (SASL)
Mechanisms", RFC7677, DOI 10.17487/RFC7677, November
2015, <https://www.rfc-editor.org/info/rfc7677>.
Thanks in advance.
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
