On 29 Mar 2016, at 5:42 PM, Hubert Kario <hka...@redhat.com> wrote: > On Tuesday 29 March 2016 15:09:16 Yoav Nir wrote: >>> On 29 Mar 2016, at 2:15 PM, Hubert Kario <hka...@redhat.com> wrote: >>> >>> On Friday 25 March 2016 22:07:02 Yoav Nir wrote: >>>>> On 25 Mar 2016, at 8:16 PM, Yuhong Bao <yuhongbao_...@hotmail.com> >>>>> wrote: >>>>> >>>>> I wonder if it would be possible to publish >>>>> draft-ietf-tls-56-bit-ciphersuites as Historic (in the sense of >>>>> RFC >>>>> 6101). It would start with >>>>> https://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-01 >>>>> , >>>>> but the ciphersuites 0x60 and 0x61 would be added also as they >>>>> were >>>>> implemented in OpenSSL. >>>>> >>>>> Yuhong Bao >>>> >>>> Hi >>>> >>>> It would be possible but I’m wondering some things: >>>> >>>> 1. Are the original authors interested, or are there alternative >>>> authors willing to take this on? >>>> >>>> 2. What is the point? All of the ciphersuites in there have been >>>> deprecated by some diediedie document or another, and no sane >>>> document author (here or elsewhere) would include any of these >>>> 56-bit >>>> ciphers in any profile for TLS that is intended to provide >>>> security. >>>> So what is the benefit? >>> >>> 1. Showing why the code points are reserved. >>> 2. Having official list of code points which must not be enabled (so >>> >>> that scanners can be complete) >> >> Right. But this draft does not include RC4, RC2, and a number of other >> bad IDEAs (pun intended), so it’s not a comprehensive list of things >> you shouldn’t be doing. > > it's not a die-die-die document. It's a document that will add the IDs > to https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml > > 0x00,0x62 has no intrinsic meaning. TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA > has. > > What to do with them is second step.
Oh, sorry. I hadn’t realized those were not in the registry. Yoav
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
