>> That belongs in the to be written RFC "ETSI extensions to TLS considered harmful". >> Of course, we may debate whether we want to publish such RFC. Perhaps a more general 'Security protocols designed by any other organisations considered harmful' is the way to go. L. and that includes the IRTF. Lloyd Wood lloyd.wood@xxxxxxxxxxx http://about.me/lloydwood ________________________________ From: Paul Wouters <paul@xxxxxxxxx> To: Christian Huitema <huitema@xxxxxxxxxxx> Cc: Michael Richardson <mcr+ietf@xxxxxxxxxxxx>; Keith Moore <moore@xxxxxxxxxxxxxxxxxxxx>; ietf@xxxxxxxx Sent: Tuesday, 20 November 2018, 12:59 Subject: Re: [IAB] IAB report to the community for IETF 103 > On Nov 20, 2018, at 00:20, Christian Huitema <huitema@xxxxxxxxxxx> wrote: > > > >> On Nov 19, 2018, at 5:26 AM, Michael Richardson <mcr+ietf@xxxxxxxxxxxx> wrote: >> >> Can you give me an example of what you mean? >> (i.e. "Use "TLS MUST NOT in a sentence" :-) > > Of course it can be done: > "Clients SHOULD detect repeated use of the same [EC]DH key share by a server, and MAY terminate TLS connections with alert Repeated-key-share detected when detecting this form of server misbehavior." It will just use prf(secretseed) maybe with a prefix for random(number of rounds). How will you detect those ? > That belongs in the to be written RFC "ETSI extensions to TLS considered harmful". Of course, we may debate whether we want to publish such RFC. I would like to see a discussion of this, even if we end up not writing one. Paul
