> On 29 Mar 2016, at 2:15 PM, Hubert Kario <hka...@redhat.com> wrote: > > On Friday 25 March 2016 22:07:02 Yoav Nir wrote: >>> On 25 Mar 2016, at 8:16 PM, Yuhong Bao <yuhongbao_...@hotmail.com> >>> wrote: >>> >>> I wonder if it would be possible to publish >>> draft-ietf-tls-56-bit-ciphersuites as Historic (in the sense of RFC >>> 6101). It would start with >>> https://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-01 , >>> but the ciphersuites 0x60 and 0x61 would be added also as they were >>> implemented in OpenSSL. >>> >>> Yuhong Bao >> >> Hi >> >> It would be possible but I’m wondering some things: >> >> 1. Are the original authors interested, or are there alternative >> authors willing to take this on? >> >> 2. What is the point? All of the ciphersuites in there have been >> deprecated by some diediedie document or another, and no sane >> document author (here or elsewhere) would include any of these 56-bit >> ciphers in any profile for TLS that is intended to provide security. >> So what is the benefit? > > 1. Showing why the code points are reserved. > 2. Having official list of code points which must not be enabled (so > that scanners can be complete)
Right. But this draft does not include RC4, RC2, and a number of other bad IDEAs (pun intended), so it’s not a comprehensive list of things you shouldn’t be doing. Yoav
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
