On 21 October 2016 at 05:15, Sean Turner <s...@sn3rd.com> wrote: > 1) I’d like to add something along the line of the following as a warning at > the top of the cider suite registry for those that simply go to the cipher > list and don’t read the RFCs: > > WARNING: Cryptographic algorithms will be broken > or weakened over time. Blindly implementing cipher > suites listed here is not advised. Implementers and > users need to check that the cryptographic algorithms > listed continue to provide the expected level of security.
SGTM. Doesn't say how to check, but I'm not sure that there is any simple advice you could give there. > 2) draft-ietf-tls-tls13 will indicate cipher suites that are recommended for > TLS1.3; remember the negotiation mechanism is different now so we’re using > the same registry but the values are in the new range. It seems like we > still need to populate the recommended column for pre-1.3 from -14 A.4? I think that TLS 1.3 should just register the small set of cipher suites that it does and this doc can take on the other things. What was in -14 seems about right. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
