On Monday, 15 April 2024 19:30:29 CEST, Joseph Salowey wrote:
At IETF 119 we had discussion on how to mark the ciphersuites deprecated by draft-ietf-tls-deprecate-obsolete-kex in the IANA Registry. At the meeting there was support for ('D' means discouraged):

RSA ciphersuites should be marked with a "D"
FFDH ciphersuites should be marked with a "D"
FFDHE ciphersuites should be marked with a "D"
ECDH ciphersuites should be marked with a "D"

This aligns with the deprecation intent of the draft. The draft states ECDH are a SHOULD NOT instead of a MUST NOT, but the sentiment was they should be generally discouraged.

Please respond with any comments on this proposal by April 30,2024.

I still don't like deprecating/discouraging/SHOULD NOTig FFDHE, but
I'm still for the proposal, and OK with using "D" for marking in IANA.
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to