I believe the consensus supports what is in the current PR. Cheers,
Joe On Thu, Nov 26, 2015 at 3:18 PM, Eric Rescorla <e...@rtfm.com> wrote: > Joe, > > Can you clarify whether you believe consensus is to make the "Recommended" > list the list in the current PR or the MTI list. I can edit the document > either > way. > > -Ekr > > > On Wed, Nov 25, 2015 at 11:05 AM, Joseph Salowey <j...@salowey.net> wrote: > >> It looks like we have rough consensus to accept this PR. We can still >> have discussion on the naming of the categories. We will also have to >> define the IANA registration policy for changing the "recommended" bit. >> I'll open an issue for this, I think changing the bit to recommended >> should require IETF consensus. >> >> Cheers, >> >> Joe >> >> On Thu, Nov 19, 2015 at 7:10 AM, Eric Rescorla <e...@rtfm.com> wrote: >> >>> >>> >>> On Thu, Nov 19, 2015 at 7:03 AM, Martin Rex <m...@sap.com> wrote: >>> >>>> Eric Rescorla wrote: >>>> > >>>> > There are presently four categories of cipher suites vis-a-vis TLS >>>> 1.3. >>>> > >>>> > 1. MUST or SHOULD cipher suites. >>>> > 2. Standards track cipher suites (or ones we are making ST, like >>>> > the ECC ones). >>>> > 3. Non standards track cipher suites >>>> > 4. Cipher suites you can't use at all with TLS 1.3, like AES-CBC. >>>> > >>>> > I think we're all agreed that category #1 should be marked recommended >>>> > and that #3 and #4 should not be. This leaves us with category #2, >>>> which >>>> > includes stuff like: >>>> > >>>> > - FFDHE >>>> > - CCM >>>> > >>>> > My proposal is that we: >>>> > >>>> > - List all the Standards Track cipher suites that are compatible with >>>> TLS >>>> > 1.3 in Appendix A. >>>> > - Mark all the cipher suites that are listed in Appendix A as >>>> "Recommended" >>>> >>>> >>>> I'm slightly confused. >>>> >>>> rfc5288 is standards track and describes AES-GCM with static RSA keyex. >>>> >>> >>> This isn't compatible with TLS 1.3 because TLS 1.3 removes static RSA. >>> >>> >>> rfc5289 is only informational (i.e. _not_ standards track) and describes >>>> AES-GCM with ECDHE keyex. >>> >>> >>> We are re-labelling the AES-GCM ECDHE suites as standards track either >>> in this document or in RFC4492bis. >>> >>> -Ekr >>> >>> >>>> >>>> >>>> >>>> -Martin >>>> >>> >>> >>> _______________________________________________ >>> TLS mailing list >>> TLS@ietf.org >>> https://www.ietf.org/mailman/listinfo/tls >>> >>> >> >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
