On 4 August 2015 at 05:37, Nikos Mavrogiannopoulos <n...@redhat.com> wrote: > Is there any support for > switching these ciphersuites to draft-TLS 1.3 nonce mechanism even for > TLS 1.2? The alternative is to use the TLS 1.2 mechanism with the > redundant bytes redacted as the draft is now [1].
Personally, I would rather see the nonce construction follow the form defined in the respective TLS version. That means including redundant bytes in TLS 1.2 and only getting the full advantage when we move to TLS 1.3. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
