That sounds great. Who is doing the work of adding “for TLS 1.3 and later”?
My understanding is that the currently registered TLS 1.3 cipher suites are: Value Description DTLS 1.3 QUIC 0x13,0x01 TLS_AES_128_GCM_SHA256 Y Y 0x13,0x02 TLS_AES_256_GCM_SHA384 Y Y 0x13,0x03 TLS_CHACHA20_POLY1305_SHA256 Y Y 0x13,0x04 TLS_AES_128_CCM_SHA256 Y Y 0x13,0x05 TLS_AES_128_CCM_8_SHA256 Y N 0x13,0x06 TLS_AEGIS_256_SHA512 Y Y 0x13,0x07 TLS_AEGIS_128L_SHA256 Y Y 0xC0,0xB0 TLS_ECCPWD_WITH_AES_128_GCM_SHA256 N N 0xC0,0xB1 TLS_ECCPWD_WITH_AES_256_GCM_SHA384 N N 0xC0,0xB2 TLS_ECCPWD_WITH_AES_128_CCM_SHA256 N N 0xC0,0xB3 TLS_ECCPWD_WITH_AES_256_CCM_SHA384 N N 0xC0,0xB4 TLS_SHA256_SHA256 N N 0xC0,0xB5 TLS_SHA384_SHA384 N N 0xC1,0x03 TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L N N 0xC1,0x04 TLS_GOSTR341112_256_WITH_MAGMA_MGM_L N N 0xC1,0x05 TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S N N 0xC1,0x06 TLS_GOSTR341112_256_WITH_MAGMA_MGM_S N N (The DTLS 1.3 and QUIC information is my understanding. It is currently not in the IANA registry). Note that “for TLS 1.3 and later” and “DTLS-OK” is not enough as some cipher suites (the _ECCPWD_ ones) seem to be valid for TLS 1.2, TLS 1.3, DTLS 1.2 but not DTLS 1.3…. I think the notes column should contain info on DTLS 1.3 and QUIC as well. Do we need some guidance/requirements on naming and use of TLS 1.3 cipher suites? The _ECCPWD_ ones seem to include authentication in the TLS 1.3. The _GOSTR341112_ seems to include authentication and key exchange…. I did not think this was how TLS 1.3 cipher suites were supposed to be used. Cheers, John Preuß Mattsson From: Sean Turner <s...@sn3rd.com> Date: Wednesday, 6 December 2023 at 14:55 To: Salz, Rich <rs...@akamai.com>, John Mattsson <john.matts...@ericsson.com> Cc: TLS List <tls@ietf.org> Subject: Re: [TLS] "Notes" column in draft-ietf-tls-rfc8447bis? > On Dec 6, 2023, at 08:02, Salz, Rich <rsalz=40akamai....@dmarc.ietf.org> > wrote: > > Yes, I think information regarding if a cipher suite is for TLS 1.3 is very > needed to have. I already asked for that in > https://mailarchive.ietf.org/arch/msg/tls/0gDKfXJvAemFDm7MWcS1DTDVIe8/ > > In addition, I would also like to information if the cipher suite can be used > in QUIC. > > The 8447bis draft added a notes column to every TLS registry. The “1.2 is > frozen” draft says to use it to indicate things like “for TLS 1.3 and later”. > It’s a free-form text field, so we can direct IANA to put anything we want. :) Yep we added it via: https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-cc6bdfdfb39824c6&q=1&e=9148a29f-ecfe-46e0-869e-33ffd8475127&u=https%3A%2F%2Fgithub.com%2Ftlswg%2Frfc8447bis%2Fpull%2F48 spt
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
