Hi, In general I think this is a good form of relaxation. However, > > Cipher suites marked with a “Y” the IETF has consensus on
An alternative could be to mark the entry with the RFC 5226 level of the documentation, and indicate what levels are acceptable. A black/white distinction will probably lead to a lot of discussion, and different implementation purposes could call for more subtlety. > and are reasonably expected to be supported by widely > used implementations such as open-source libraries. This is a vague one, and may unleash more discussion than it saves. Also, this should not turn into a suggestion of using implementations rather than specifications as leading. I've seen a lot of that around Kerberos, where sane changes can get bogged down because there is (or may be) an implementation that couldn't live with it. > > Please indicate whether or not you could support this plan. > Yes, in broad lines, but I have the noted concerns / suggestions. -Rick _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
