Skip to main content

Additional Master Secret Inputs for TLS
draft-hoffman-tls-master-secret-input-03

Yes

(Jari Arkko)
(Sean Turner)
(Tim Polk)

No Objection

Lars Eggert
(Adrian Farrel)
(Dan Romascanu)
(Gonzalo Camarillo)
(Stewart Bryant)

Note: This ballot was opened for revision 03 and is now closed.

Lars Eggert
No Objection
Jari Arkko Former IESG member
(was Discuss) Yes
Yes () Unknown

                            
Sean Turner Former IESG member
Yes
Yes () Unknown

                            
Tim Polk Former IESG member
Yes
Yes () Unknown

                            
Adrian Farrel Former IESG member
No Objection
No Objection () Unknown

                            
Alexey Melnikov Former IESG member
No Objection
No Objection (2010-06-19) Unknown
I hope there are already cases of extensions that would like to define additional master secret inputs.
Dan Romascanu Former IESG member
No Objection
No Objection () Unknown

                            
Gonzalo Camarillo Former IESG member
No Objection
No Objection () Unknown

                            
Peter Saint-Andre Former IESG member
No Objection
No Objection (2010-06-28) Unknown
Nothing in the document indicates that this extension will improve the security profile of TLS/DTLS, only that it is meeting the requirements of some unnamed implementers who "want to mix particular data into the calculation of the master_secret". Some text about this might help to motivate the specification.
Robert Sparks Former IESG member
(was Discuss) No Objection
No Objection (2010-07-08) Unknown
The Intended Status line in the draft still says Standards Track. Suggest at least adding an RFC Editor note to help avoid confusion later in the process.
Russ Housley Former IESG member
No Objection
No Objection (2010-07-01) Unknown
  The Gen-ART Review by Dorothy Gellert on 30-June-2010 call for two
  changes.  I think they should both be addressed, but neither is
  worth blocking publication as an Experimental RFC.
  >
  > Section 2, paragraph 2 duplicates the last paragraph in the
  > Introduction.
  >
  > Is it possible to provide an example of an extension with master
  > secret?  Can you explain why the extension order is important?
  > Is this a security issue, if extension order is not maintained?
Stewart Bryant Former IESG member
No Objection
No Objection () Unknown