Re: [TLS] Re: I-D ACTION:draft-ietf-tls-srp-13.txt

[<home_pw@xxxxxxx>]

----- Original Message -----
From: "Kyle Hamilton" <aerowolf@xxxxxxxxx>
To: "Peter Williams" <home_pw@xxxxxxx>

> ...primarily because there's no "record_type extension" mechanism.
> There's not even a defined range for experimental ones.
>
> Yes, it's security-critical.  And yes, new record types cannot be
> created without WG action.  However, I should think that this would be
> a VERY good reason for defining a range of record types that can be
> experimented with, and which can be guaranteed to be safely ignored by
> non-experimental stacks.

struct {
       uint8 major, minor;
} ProtocolVersion;
enum {
       change_cipher_spec(20), alert(21), handshake(22),
       application_data(23), (255)
} ContentType;
struct {
       ContentType type;
       ProtocolVersion version;
       uint16 length;
       opaque fragment[SSLPlaintext.length];
} SSLPlaintext;


just define your own, number 255. Define your own major=255 and minor=255
if you want, also

When interworking with a conforming SSL entity, you should get
unexpected_message fatal alerts. From your responder, with the knowledge
of the experimental types, you will presumably not.

There is no harm in defining your own record_types. You were supposed to.

Experiment!

> and if I had any idea how to write an RFC or who to submit it to, I'd
> write up an idea for how to handle it.

Don’t bother till there is evidence of a community that wants to interwork.

> -Kyle H



_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls