How much of a problem with people are we going to get into if the IoT profiles for the IETF go and say "You MUST use this algorithm which the IETF does not recommend?"
I think that this is very likely to get some strong push back from people I that is the case. Reluctantly I think that we need to keep the recommendation on this algorithms. > -----Original Message----- > From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Sean Turner > Sent: Tuesday, October 3, 2017 3:54 PM > To: <tls@ietf.org> <tls@ietf.org> > Subject: [TLS] Should CCM_8 CSs be Recommended? > > In the IANA registries draft (https://github.com/tlswg/draft-ietf-tls-iana- > registry-updates), we’ve added a recommended column to the Cipher Suites > (CSs) registry (and some others). Right now, the criteria for getting a > recommended mark is AEAD ciphers with strong authentication standards > track ciphers. While that’s great generally, the list we’ve got five CSs that > gave Joe and I pause: > > TLS_DHE_RSA_WITH_AES_128_CCM_8 > TLS_DHE_RSA_WITH_AES_256_CCM_8 > TLS_PSK_DHE_WITH_AES_128_CCM_8 > TLS_PSK_DHE_WITH_AES_256_CCM_8 > TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 > > The CCM_8 CSs have a significantly truncated authentication tag that > represents a security trade-off that may not be appropriate for general > environment. In other words, this might be great for some IoT device but we > should not generally be recommending these. > > We’re recommending that these five suites be dropped from the > recommended list. Please let us know what you think. > > J&S > (editor hats on) > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
