Resource-Oriented Lightweight Information Exchange

Summary: Needs 7 more YES or NO OBJECTION positions to pass.

Kathleen Moriarty Yes

Mirja K├╝hlewind No Objection

Eric Rescorla No Objection

Comment (2017-10-20)
I share Martin Thomson's concerns about the restriction on 0-RTT. In
the discussion, I saw two sets of concerns about 0-RTT:

- Replay
- Lack of FS

As Martin says, the replay issue is an issue for the HTTP profile, so
any concerns should be directed there. I agree that 0-RTT has inferior
FS properties, but it's worth noting that TLS 1.2 session resumption
with tickets has FS properties that are as bad or worse than those
with TLS 1.3 0-RTT, and I don't see a prohibition here on session
resumption. This leaves me a bit unclear on the security rationale
here, and I think this needs to be consistent.

      or serialization.  This approach allows the provider to support
      multiple, compatible formats allowing the consumer to select the
      most suitable version.
What does "compatible" mean here. Do you mean isomorphic?

   supporting interactive user logins by members of the consortium
   SHOULD support client authentication via a federated identity scheme.
Such as?

   Proper usage of TLS as described in Section 5.3 will in many cases
   aid in the mitigation of these issues.
You should also note that TLS 1.2 and lower client auth leaks the user's identity to on-the-wire attackers.

   supported.  TLS 1.2 SHOULD be implemented according to all
   recommendations and best practices present in [RFC7525].
You need a citation to 6125 about valiation, though I realize that 7525 cites it.

Alia Atlas No Record

Deborah Brungard No Record

Ben Campbell No Record

Benoit Claise No Record

Alissa Cooper No Record

Spencer Dawkins No Record

Suresh Krishnan No Record

Warren Kumari No Record

Terry Manderson No Record

Alexey Melnikov No Record

Alvaro Retana No Record

Adam Roach No Record