Updated Abstract #12
Updated Abstract #12
Conversation
Based on feedback from Matthijs van Duin I have updated the abstract to better describe the goal of this specification.
hannestschofenig
requested review from
tuexen,
yaroslavros,
tireddy2 and
stfries
There was a problem hiding this comment.
Changes look okay for me. I only added smaller proposal to enhance the statement regarding cryptographic parameter negotiation.
I know, we do not provide that certificate update option in the ExtendedKeyUpdate, but I thought it would be good to point to that capability in TLS 1.2
| application traffic secrets after the initial handshake. | ||
|
|
||
| Earlier versions of TLS supported renegotiation, a mechanism that allowed peers to | ||
| establish new cryptographic parameters within an existing session. However, due to |
There was a problem hiding this comment.
Maybe to add, session renegotiation did not only allow to establish new cryptographic parameter for the sesssion, it also allowed to utilized an updated long term credential (certificate). This adresses cases, were the initially used long term credential may have reached the validity end or may have been revoked in the meantime.
Proposal to change the sentence to:
Earlier versions of TLS supported session renegotiation, a mechanism that allowed peers to
establish new cryptographic parameters within an existing session including the potential update of the initially utilized long term keys (certificates) with renewed credentials.
Based on feedback from Matthijs van Duin I have updated the abstract to better describe the goal of this specification.