On Monday, 15 April 2024 19:30:29 CEST, Joseph Salowey wrote:
At IETF 119 we had discussion on how to mark the ciphersuites
deprecated by draft-ietf-tls-deprecate-obsolete-kex in the IANA
Registry. At the meeting there was support for ('D' means
discouraged):
RSA ciphersuites should be marked with a "D"
FFDH ciphersuites should be marked with a "D"
FFDHE ciphersuites should be marked with a "D"
ECDH ciphersuites should be marked with a "D"
This aligns with the deprecation intent of the draft. The draft
states ECDH are a SHOULD NOT instead of a MUST NOT, but the
sentiment was they should be generally discouraged.
Please respond with any comments on this proposal by April 30,2024.
I still don't like deprecating/discouraging/SHOULD NOTig FFDHE, but
I'm still for the proposal, and OK with using "D" for marking in IANA.
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls