Hello all, it may be a naïve question, but is it still possible to define and standardize new cipher suites for TLS 1.2 as an RFC, when TLS 1.3 is almost finished?
The reason for asking is the discussion I started two weeks ago regarding integrity only cipher suites, which are not longer supported in TLS 1.3. While we most likely can cope with this by utilizing TLS 1.2 further as suggested, one question remains regarding the hash functions in the existing integrity only cipher suites. Currently, there is no integrity only cipher suite defined that combines ECDSA and SHA 256. There are only combinations with SHA1. Interestingly, there is one combining RSA and SHA 256. To no longer depend on SHA1, we would like to standardize a combination of ECDSA and SHA 256 for instance TLS_ECDHE_ECDSA_WITH_NULL_SHA256. Would this still be possible, given the fact, that TLS 1.3 is likely to be finished in near time. I know that this depends on the acceptance of the WG, but I would like to ask first, if there is any intention to close TLS 1.2 for changes and additions, once TLS 1.3 is ready. Best regards Steffen -- Steffen Fries Siemens AG Corporate Technology CT RDA ITS Otto-Hahn-Ring 6 81739 Muenchen, Germany Tel.: +49 89 636-633604 Fax: +49 89 636-48000 mailto:steffen.fr...@siemens.com www.siemens.com/ingenuityforlife<https://siemens.com/ingenuityforlife> Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
