"Stefan Santesson" <stefans(_at_)microsoft(_dot_)com> writes:
Adding to Ari's arguments.
There is one more argument why it would less functional to send the
mapping data in the extension.
The current draft under last call also includes a negotiation mechanism
where the client and server can agree on what type of mapping data they
If the mapping data is sent in the client hello, the client has no clue
on what data the server needs unless prior knowledge has been
established. It must then send all types of mapping data that it
believes the server might need. This is less desirable than sending just
the type of data the server explicitly has stated that it prefers out of
the types the client has stated that it supports.
While it would be technically possible to implement the same solution
along with Eric's alternative suggestions, I don't think it has been
demonstrated that it would provide any significant advantages.
I don't want to get into a long point-by-point here. Suffice to say
that I don't agree with either this analyis or Ari's. It would,
as I noted, have the advantage of actually applying confidentiality
for data you claim is sensitive while avoiding the need to declare
a new code point. I consider both of these to be significant advantages.
Ietf mailing list