(1)
Proposed Standard; it's about interop; yes the type of RFC is indicated on the
first page as well as in the datatracker.
(2)
Technical Summary
This document defines a means to negotiate the use of encrypt-then-MAC instead
of the existing MAC-then-encrypt one. WRT the existing mechanism, there are a
number of identified vulnerabilities (see the references in the draft).
Working Group Summary:
This draft has been kicking around for a number of years and was adopted and
progressed fairly quickly. There were really just two debates 1) how to do the
negotiation (see sec 2.1 of the draft), and 2) whether this applied to both
stream and block ciphers (ended up applying to just block).
Document Quality
There's a test server up and running. There's also a number of known
implementations.
Personnel
Stephen Farrell is the responsible AD.
Sean Turner is the shepherd.
(3)
I read it, I reviewed the mailing list to make sure the issues raised during
WGLC were addressed, I ran the ID-nit checker, and I updated the datatracker
using the WG chair tools. Oh and I also updated the replaced-by information.
(4)
None
(5)
No
(6)
I'm comfortable with the draft and you should be too.
(7)
Yes
(8)
No
(9)
Solid
(10)
No
(11)
ID-nits complains about an outdated normative reference to RFC 4366 which was
obsoleted by RFC 6066. I believe this warning can safely be ignored because
implementers can find the Truncated HMAC extension for TLS 1.0 and 1.1 in RFC
4366 and can follow the references to RFC 6066 for TLS 1.2.
(12)
N/A
(13)
Yes
(14)
No
(15)
No
(16)
No
(17)
The IANA considerations section is fine. We've asked for an early code point
assignment based on the procedures in RFC 7120.
(18)
N/A
(19)
N/A