Hi all,
Since the publication of RFC 7465 "Prohibiting RC4 Cipher Suites", there
has been a discrepancy with the requirements of Section 5 of RFC 4642
"Using Transport Layer Security (TLS) with Network News Transfer
Protocol (NNTP)":
NNTP client and server implementations MUST implement the
TLS_RSA_WITH_RC4_128_MD5 [TLS] cipher suite and SHOULD implement the
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [TLS] cipher suite. This is
important, as it assures that any two compliant implementations can
be configured to interoperate. All other cipher suites are OPTIONAL.
Shouldn't something be done about that?
Maybe a new RFC obsoleting RFC 4642 (which could at the same time become
a standard instead of a proposed standard)? or do you have other ideas?
What would be the best wording to replace the above paragraph? Should
one or several ciphers still be explicitly mentioned, or the paragraph
totally removed? (RFC 5246 that standardizes TLS 1.2 already has a
Section 9 about the mandatory TLS_RSA_WITH_AES_128_CBC_SHA cipher suite.)
Of course, if you see other things that should be amended in RFC 4242,
do not hesitate to tell.
Thanks beforehand,
--
Julien ÉLIE
« Vous savez, les idées, elles sont dans l'air. Il suffit que
quelqu'un vous en parle de trop près, pour que vous les
attrapiez ! » (Raymond Devos)
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
