I think the best way to think about AEAD from a protocol standpoint is as an interface. This is especially true for TLS where there are algorithms like TLS_SHA256_SHA256 for the AEAD interface that do not do encryption. A TLS cipher suite either use the AEAD interface or it does not.
Cheers, John From: TLS <tls-boun...@ietf.org> on behalf of Peter Gutmann <pgut...@cs.auckland.ac.nz> Date: Thursday, 4 November 2021 at 07:37 To: alex.sch...@gmx.de <alex.sch...@gmx.de>, tls@ietf.org <tls@ietf.org> Subject: Re: [TLS] Question regarding RFC 7366 alex.sch...@gmx.de <alex.sch...@gmx.de> writes: >I would really appreciate a response to get some clarification on what the >intended interpretation is, i.e., when the extension should be used. There's not really any contradiction, encrypt-then-MAC has nothing to do with AEAD which is an all-in-one mode, so it doesn't apply to any AEAD cipher. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
