On Sep 01, 2015, at 12:49, Eric Rescorla wrote:
>
> As Alissa, I was wondering why it wasn’t easier to fix the one
> implementation instead.
>
>
> Because it's widely fielded, and browsers don't know in advance what
> kind of server they are talking to.
The one thing I’ll add in addition to w
Hi all,
Since the publication of RFC 7465 "Prohibiting RC4 Cipher Suites", there
has been a discrepancy with the requirements of Section 5 of RFC 4642
"Using Transport Layer Security (TLS) with Network News Transfer
Protocol (NNTP)":
NNTP client and server implementations MUST implement t
> Maybe a new RFC obsoleting RFC 4642 (which could at the same time
> become a standard instead of a proposed standard)?
Is there any reason why NNTP cannot just use the UTA specifications? (It's
been awhile since I "dabbled" in NNTP :)
/r$
--
Senior Architect, Akamai Technologies
On Wed, Sep 02, 2015 at 04:39:59PM +0200, Julien ?LIE wrote:
> Since the publication of RFC 7465 "Prohibiting RC4 Cipher Suites", there has
> been a discrepancy with the requirements of Section 5 of RFC 4642 "Using
> Transport Layer Security (TLS) with Network News Transfer Protocol (NNTP)":
>
>
Hi Viktor,
It would be best if NNTP did not specify MTI TLS ciphersuites and
left that to the relevant TLS specifications. Instead, it would
be more useful to specify a minimum TLS protocol version, and
require each side to support the MTI ciphers for each supported
protocol version.
OK thank
Note: RFC 4642 does not seem to have been a work product of the TLS WG,
so you probably want to raise this in UTA.
-Ekr
On Wed, Sep 2, 2015 at 7:53 AM, Salz, Rich wrote:
> > Maybe a new RFC obsoleting RFC 4642 (which could at the same time
> > become a standard instead of a proposed standard)?
Hi Rich,
Maybe a new RFC obsoleting RFC 4642 (which could at the same time
become a standard instead of a proposed standard)?
Is there any reason why NNTP cannot just use the UTA specifications?
When you speak about the UTA specifications, is it RFC 7525
"Recommendations for Secure Use of T
On Wed, Sep 02, 2015 at 05:13:08PM +0200, Julien ?LIE wrote:
> >AFAIK, NNTP peering relationships are fairly static, and mandatory
> >TLS seems like the way to go in that case. But if NNTP servers
> >contact other servers "on the fly", then opportunistic TLS may
> >be appropriate and one might ev
On Sep 02, 2015, at 02:26, Yoav Nir wrote:
>
>> On Aug 31, 2015, at 11:36 PM, Alissa Cooper wrote:
>>
>> Alissa Cooper has entered the following ballot position for
>> draft-ietf-tls-padding-02: No Objection
>>
>> --
>> COMME
> On Sep 2, 2015, at 7:09 AM, Sean Turner wrote:
>
> On Sep 02, 2015, at 02:26, Yoav Nir wrote:
>
>>
>>> On Aug 31, 2015, at 11:36 PM, Alissa Cooper wrote:
>>>
>>> Alissa Cooper has entered the following ballot position for
>>> draft-ietf-tls-padding-02: No Objection
>>>
>>> --
On Tue, Sep 01, 2015 at 05:58:33PM +, Salz, Rich wrote:
> There is a third option: you don't get to use TLS 1.3 until the
> government requirements are updated.
>
> I'm fine with that.
I think they already have, with NSA seemingly saying RSA3k is OK for
up to TOP SECRET (unless I misundersto
Ben Campbell has entered the following ballot position for
draft-ietf-tls-padding-03: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https
On Sep 02, 2015, at 11:20, Julien ÉLIE wrote:
> Hi Rich,
>
>>> Maybe a new RFC obsoleting RFC 4642 (which could at the same time
>>> become a standard instead of a proposed standard)?
>>
>> Is there any reason why NNTP cannot just use the UTA specifications?
>
> When you speak about the UTA sp
On Wed, Sep 02, 2015 at 06:28:13PM -0700, Ben Campbell wrote:
> -- 6:
> I'm not sure I understand the meaning of "permanently assign the early
> code point for the padding extension in its ExtensionType registry".
> Does this mean that an early allocation was done for this? If so, it
> seems lik
All,
Andrei has graciously offered to host us at Microsoft in Redmond, WA [0].
We’re going to need a list of those that plan to attend in person in order to
make sure there’s a badge for you to get into the buildings. Please fill out
the following doodle poll if you plan to attend in person:
15 matches
Mail list logo
