+1 for the change.
On 3/30/16 at 1:26 PM, ynir.i...@gmail.com (Yoav Nir) wrote:
That brings up another question. How do things move from
“approved” to “not-approved”? Does it require a
diediedie document? What happens when we decide that 3DES is
just too limited and there’s not good reason to use it, but
there’s really no security issue with using it?
Certainly for downgrading any widely deployed algorithm, e.g.
RC4, there needs to be a IETF process. The RFC process works, so
we don't need to invent a new wheel. Therefore a diediedie RFC
seems the logical choice.
I hope algorithms don't get on the approved list unless they are
likely to be widely deployed. (But I expect to see counter-arguments.)
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345
Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos,
CA 95032
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
