On 15/05/2020, 01:51, "Martin Thomson" <m...@lowentropy.net> wrote: > Continuing the trend where I am the only one to post to this thread... > > I just posted a proposal: > > https://github.com/tlswg/dtls13-spec/pull/147
Looks good, thanks! While the specific behaviours might more or less differ, the same considerations apply to 1.2. How do we make sure that the message doesn't get ignored? Would it be worth drafting this separately to cover both versions (+ an explicit "Updates: 6347" label)? > So I see two paths and one maybe option: > > 1. Prohibit use of TLS_AES_128_CCM_8_SHA256 in DTLS. > 2. Allow TLS_AES_128_CCM_8_SHA256 in DTLS under special circumstances > (the PR). > 3. An unspecified proposal that allows TLS_AES_128_CCM_8_SHA256 more > generally somehow. While I'd personally prefer path 1, I think we need to factor in existing deployments somehow. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
