Ballot for draft-ietf-tls-session-hash
Yes
No Objection
Note: This ballot was opened for revision 05 and is now closed.
The last paragraph of Section 4 makes me wonder whether this should "update" 5246. Basically, while this is an extension (which wouldn't normally use "updates"), it's one that you're proposing as standard behavior, and not really as an extension.
Thank you for your work on this and a well-written draft! The considerations are very thorough, every time I had a question, I was able to find an answer in the draft. I do think a couple more references could be helpful though. 1. I think it would be good for section 6.4 to note that SSL 3.0 has been deprecated in https://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/ It's ahead of this draft in the RFC editor queue. 2. It might be good to have a pointer to the UTA TLS Attack RFC7457 as this attack is described in section 2.11 and there is no reference to a fix. It would be nice to show that known attacks are being resolved. https://tools.ietf.org/html/rfc7457#section-2.11
I agree with Barry's question.