On Tue, Nov 17, 2015 at 07:06:52PM +0000, Viktor Dukhovni wrote: > On Tue, Nov 17, 2015 at 09:51:32AM -0800, Eric Rescorla wrote: > > > My proposal is that we: > > > > - List all the Standards Track cipher suites that are compatible with TLS > > 1.3 in Appendix A. > > > > - Mark all the cipher suites that are listed in Appendix A as "Recommended" > > Where does that leave ciphersuites that are "Recommended" for TLS > 1.2, but TLS 1.3? Or do none of the CBC block ciphers in TLS 1.2 qualify?
None of block ciphers (nor stream ciphers) work in TLS 1.3 at all. All current registered/proposed ciphersuites that work in TLS 1.3 are *-GCM or *-POLY1305 ones (with DHE or ECDHE). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
