"Stefan Santesson" <stefans@xxxxxxxxxxxxx> writes: > Adding to Ari's arguments. > There is one more argument why it would less functional to send the > mapping data in the extension. > > The current draft under last call also includes a negotiation mechanism > where the client and server can agree on what type of mapping data they > support. > > If the mapping data is sent in the client hello, the client has no clue > on what data the server needs unless prior knowledge has been > established. It must then send all types of mapping data that it > believes the server might need. This is less desirable than sending just > the type of data the server explicitly has stated that it prefers out of > the types the client has stated that it supports. > > While it would be technically possible to implement the same solution > along with Eric's alternative suggestions, I don't think it has been > demonstrated that it would provide any significant advantages. I don't want to get into a long point-by-point here. Suffice to say that I don't agree with either this analyis or Ari's. It would, as I noted, have the advantage of actually applying confidentiality for data you claim is sensitive while avoiding the need to declare a new code point. I consider both of these to be significant advantages. -Ekr _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf