Salz, Rich <rsalz=40akamai....@dmarc.ietf.org> writes: >Most browsers already do not support NULL encryption, and it is highly >unlikely that any will add it for 1.3. Have you any indication otherwise? >If you’re not going to use the algorithms in general use on the public >Internet, then you should expect that standard clients such as browsers, will >not work. PeterG can attest to this. :)
I'm going to have to handwave a bit on this, but a lot of TLS in embedded is purely M2M, e.g. in IEDs (that's "intelligent electronic device", not something that goes bang, although sometimes the things they control like reclosers can go bang). One or two levels above that are supervisory systems that may need to talk a non-SCADA-profile TLS, but then they're often running Windows or something similar and will talk whatever the browser needs. So in effect you've got a translation layer from SCADA-profile-TLS to whatever form of TLS is in fashion in browsers at the moment. Alternatively, you get extremely expensive control center software that probably just wraps the Windows WebBrowser control in a custom app, although I've seen some that use oddball ancient cipher suites so presumably they're using the programmability of the components to ensure continued support for older deployed gear. That's only a high-level, handwavy view... Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
