On Wed, Mar 30, 2016 at 4:16 PM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:
> > (with no hats, except the one irritated with loadsa ciphersuites:-) > > On 30/03/16 21:26, Yoav Nir wrote: > > That brings up another question. How do things move from “approved” > > to “not-approved”? Does it require a diediedie document? What > > happens when we decide that 3DES is just too limited and there’s not > > good reason to use it, but there’s really no security issue with > > using it? > > How about starting from the smallest possible set with "Y" in > the IETF recommended column? And then focus on keeping that set > as small as possible and actively not letting it grow. > > Let's *pretty please* take this opportunity to prune the stupid > list of nearly 350 all ostensibly but so not equal ciphersuites > down to the smallest list that can reasonably be recommended. > Measurements seem to have indicated that just a handful is all > that really needs to be very widely supported. > We already have a proposal for this. Please see: http://tlswg.github.io/tls13-spec/#iana-considerations -Ekr That will require folks here to not mess about and to resist the > set of people who want ciphersuite foo because it's important to > just them and a few others. > > Remember: Sean's proposed text, is to limit the "Y" to stuff that > we do expect to, and want to, see widely or very widely implemented > and deployed. > > If this WG fail to take this opportunity to fix the 350 ciphersuite > stupidity then that'll be a pretty clear fail in which we'll all > (me included) have sadly partaken. Let's fix that eh? > > S. > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
