It is interesting to note that in discussing update IPSec’s RFC 4307 somebody suggested making 192 a MAY because folks only use 128/256 [1].
spt [1] http://mailarchive.ietf.org/arch/msg/ipsec/1F5h4j-dP5dLPCCAqg4iqgjjYFE On Oct 12, 2015, at 05:01, John Mattsson <john.matts...@ericsson.com> wrote: > I think the selection of MTI Cipher Suites (Section 8.1 of > draft-ietf-tls-tls13-09) is excellent, but I am missing a recommended ECC > curve for the “SHOULD” cipher suites. Little benefit of using AES-256 with > P-256 or curve25519. Shouldn’t there be a SHOULD implement ECC curve giving > at least 192-bit security? E.g. > > "These cipher suites SHOULD support both digital signatures and key exchange > with secp384r1 (NIST P-384)." > > Cheers, > John > > <13DEFB94-F735-49B0-8196-BDB5C9017A32[3].png> > > JOHN MATTSSON > MSc Engineering Physics, MSc Business Administration and Economics > Ericsson IETF Security Coordinator > Senior Researcher, Security > > Ericsson AB > Ericsson Research > Färögatan 6 > SE-164 80 Stockholm, Sweden > Phone +46 10 71 43 501 > SMS/MMS +46 76 11 53 501 > john.matts...@ericsson.com > www.ericsson.com > > > <D377E800-0A1A-43D3-AF5E-165F697789B5[3].png> > > This Communication is Confidential. We only send and receive email on the > basis of the terms set out atwww.ericsson.com/email_disclaimer > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
