(no hat on) Could we make a couple of tweaks to the to the IANA considerations section that:
1. The draft should probably indicate the values for the other columns. They’ve been assigned this way so this is more of a documentation thing: These DTLS-OK column value is “Y” and the Recommended column value is “N”. 2. Ask IANA to add something like the following as note: These ciphers provide only data integrity protection and no confidentiality protections, i.e., in other words these algorithms provide no privacy. Consult the Applicability Statement in the reference column. While you could argue #2 is maybe a bit over the top because the draft is already referenced and people really ought to read the draft/RFC before implementing, I think we have some experience with that not being the case. Also, I suspect that based on the concerns raised by Rich (and others) this note couldn’t really hurt. Some will say that the IANA registries are not the right place for this kind of note, but I do tend to think that the more places we sprinkle security clue the better. Nits: s1: r/message../message. s2: should be: The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. spt > On Feb 26, 2019, at 15:54, Jack Visoky <jmvis...@ra.rockwell.com> wrote: > > TLS Colleagues, > If you recall we discussed a draft for authentication only ciphersuites over > email back in August of 2018. We've since made some updates to that draft. > We also have gotten IANA assignments to the authentication only ciphersuites > for TLS 1.3 and have updated the draft to reflect the new assignments. > To that extent, as the IoT community is looking to adopt these ciphersuites, > we would like to solicit review of the draft: > > https://tools.ietf.org/html/draft-camwinget-tls-ts13-macciphersuites-02 > > and request that it be published as informational draft given that the IoT > forums are looking to adopt its use and the draft can serve as the guide for > use and interoperability. > > Thanks and Best Regards, > > --Jack (and Nancy) > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
