Hi Ben,
OLD:
Thus, the IP address(es) corresponding to the target URL
needs to be obtained from the certificate in TLS versions prior to
1.3 [RFC8446] or the Server Name Indication (SNI) in a TCP-session
packet in TLS.
NEW:
Thus, the IP address(es) corresponding to the target URL
needs to be obtained from the certificate in TLS versions prior to
1.3 [RFC8446] or the Server Name Indication (SNI) in a TCP-session
packet in TLS versions without the encrypted SNI [tls-esni].
...
[tls-esni] Rescorla, E., Oku, K., Sullivan, N., and C. Wood,
"Encrypted Server Name Indication for TLS 1.3",
draft-ietf-tls-esni-04 (work in progress), July 2019.
Thanks for your clarification.
I will reflect your comments in the revision as follows:
Thus, the IP address(es) corresponding to the target URL
needs to be obtained from the certificate in TLS versions prior to
1.3 [RFC8446] or the Server Name Indication (SNI) in a TCP-session
packet in TLS.
NEW:
Thus, the IP address(es) corresponding to the target URL
needs to be obtained from the certificate in TLS versions prior to
1.3 [RFC8446] or the Server Name Indication (SNI) in a TCP-session
packet in TLS versions without the encrypted SNI [tls-esni].
...
[tls-esni] Rescorla, E., Oku, K., Sullivan, N., and C. Wood,
"Encrypted Server Name Indication for TLS 1.3",
draft-ietf-tls-esni-04 (work in progress), July 2019.
Is this change fine to you?
If it is okay to you, I will submit the revised version.
Thanks.
Best Regards,
Paul
On Mon, Jul 22, 2019 at 12:05 AM Benjamin Kaduk <kaduk@xxxxxxx> wrote:
On Sun, Jul 21, 2019 at 01:18:29AM -0400, Mr. Jaehoon Paul Jeong wrote:
> Hi Tommy,
> I have reflected all your comments on version -14:
> https://tools.ietf.org/html/draft-ietf-i2nsf-applicability-14
>
> I answer your comments one by one with an attached revision letter.
>
> If you have comments on this revision, please let me know.
I see that in several places the new text refers to "obtained from the
certificate in TLS versions prior to 1.3 [RFC8446] or the Server Name
Indication (SNI) in a TCP-session packet in TLS", but as Tommy attempted to
note, when draft-ietf-tls-esni becomes available, even the SNI value will
be encrypted and not visible to the network.
-Ben
===========================
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department of Software
Sungkyunkwan University
Office: +82-31-299-4957
Email: jaehoon.paul@xxxxxxxxx, pauljeong@xxxxxxxx
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department of Software
Sungkyunkwan University
Office: +82-31-299-4957
Email: jaehoon.paul@xxxxxxxxx, pauljeong@xxxxxxxx
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
