-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 14/12/2013 21:40, Yoav Nir wrote:
How about having this in the security considerations:
Implementers and document editors who intend to extend the
protocol identifier registry by adding new protocol identifiers
should consider that in TLS versions 1.2 and below the client sends
these identifiers in the clear, and should also consider that for
at least the next decade, it is expected that browsers would
normally use these earlier versions of TLS in the initial
ClientHello.
Care must be taken when such identifiers may leak personally
identifiable information, or when such leakage may lead to
profiling, or to leaking of sensitive information. If any of these
apply to this new protocol identifier, the extension SHOULD NOT be
used in TLS versions 1.2 and below, and documents specifying such
protocol identifiers SHOULD recommend against such unsafe use.
Absolutely. Much better than my wording. Less limiting, but lets them
know what they're doing by using it.
The next decade part makes me a sad panda. Realistic, but depressing.
Let's see if we can do better with TLS 1.3!
- --
/akr
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJSrOFIAAoJEOyEjtkWi2t6P5IQAKTevPpoom8Op0BX6NZeDvPR
FBQ/z7IGHy4e33hb0nI8ucTaei3TAfwwdJcbt4i+Kn5L9zfN2WqOkTKQxxN+lFWL
lZkqhNcmVjlPo+Udui9LLd7duaeNWjJ4Mm2rhWh8vKyJ4YgQM0Y0h36Tb6RGQDKG
yKrDsXSJcnxK69vm6YvIDxv5uJ0M/okAKoxe7osEtIjCHsfGvn2aDppOYWbClD38
eXQKdFeBm5+mvFid5VAmjuyV0Qk6mht3Nuhn6D2uR7qfuvV5MpJR83Ne7yZNBNXY
TG1YzCLHR4I+SLq4517Y++g0VK1IE4ozqNDOj2Ij/YCEvJ9d8S+p/IEBvkVmvMPq
66LtrwuhFAkkXj1Stv5CjqIJA+zQB8jZ7SjJEZ0FIEGbKFyeK9pGSh/zYgQzzJii
a26SojIuFqalE0luGH5NJLByOJ2EWAyC7G3CF9qDMqQ87LYZVGcvS8VO7w3IE2Bl
m1nKeZwhkk9ymztWNrNC3DEEkski2tYODsA/glPP5aMp/2B9ggfKQXPJ0mRx1cEA
evzAZllaLYaf9j7F9KMOZj07ofHG6bWU4Q2hNArp131QbqD7xPsqyH0kdvr2JSpa
3cwrPr5Put/9Ph/eAva9/gUyIYzdDPN3eEcRdew7tcd8YxC4MGEtp5dPrN+f+SLd
1qb5J2j+7FpBEfIW3KiK
=FfBO
-----END PGP SIGNATURE-----