The original requirement for the truncated (_8) authentication tags was purely to save bytes. It makes very little difference re. processing as a 16 octet tag is always computed in AES-CCM-128 anyway.
I agree with the assessment that it is "limited applicability" in the grand scheme of things although it may be more ubiquitous in IoT applications. Robert On 5 October 2017 at 17:45, Sean Turner <s...@sn3rd.com> wrote: > This is exactly how I think about it. > > spt > > > On Oct 4, 2017, at 12:11, Andrei Popov <andrei.po...@microsoft.com> > wrote: > > > > It seems that CCM_8 falls in the “limited applicability” bucket. > However, there’s nothing wrong with IoT specs requiring these ciphers in > their TLS profiles. > > > > Cheers, > > > > Andrei > > > > From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Joseph Salowey > > Sent: Wednesday, October 4, 2017 11:42 AM > > To: Salz, Rich <rs...@akamai.com> > > Cc: <tls@ietf.org> <tls@ietf.org> > > Subject: Re: [TLS] Should CCM_8 CSs be Recommended? > > > > The current editor's copy of the draft has the following text about the > recommended column: > > > > The instructions in this document add a recommended column to many of > the TLS registries to indicate parameters that are generally recommended > for implementations to support. Adding a recommended parameter to a > registry or updating a parameter to recommended status requires standards > action. Not all parameters defined in standards track documents need to be > marked as recommended. > > > > If an item is marked as not recommended it does not necessarily mean > that it is flawed, rather, it indicates that either the item has not been > through the IETF consensus process or the item has limited applicability to > specific cases. > > > > > > On Wed, Oct 4, 2017 at 4:58 AM, Salz, Rich <rs...@akamai.com> wrote: > > ➢ We’re recommending that these five suites be dropped from the > recommended list. Please let us know what you think. > > > > > > Does “recommended” mean for general use, in the public Internet? Or is > it “I know it when I see it” kind of thing? > > > > Either way, I support un-recommending them > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
