On Fri, Jan 9, 2015 at 10:05 AM, The IESG <iesg-secretary(_at_)ietf(_dot_)org>
wrote:
The IESG has received a request from the Transport Layer Security WG
(tls) to consider the following document:
- 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing
Protocol Downgrade Attacks'
<draft-ietf-tls-downgrade-scsv-03.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2015-01-23. Exceptionally, comments
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.
+1 on making this document a standard.
The mechanism seems sensible and pragmatic. I have implemented the
mechanism on the server side and the document was clear and helpful;
it took only a few minutes.
I'm not clear on how the IANA process works, but if the document
progresses to RFC (in any status); it'd be great if the existing
extension number and alert values were to remain the same.
--
Colm