On 11/26/2014 11:55 AM, Alexey Melnikov wrote:
Hi Peter,
On 26 Nov 2014, at 03:38, Peter Saint-Andre - &yet <[email protected]> wrote:
This document is not an application profile standard, in the sense of
Section 9 of [RFC5246]. As a result, clients and servers are still
REQUIRED to support the mandatory TLS cipher suite,
TLS_RSA_WITH_AES_128_CBC_SHA.
A BCP defining cipher suite recommendations should not have a higher
level of requirement for TLS_RSA_WITH_AES_128_CBC_SHA than it has for
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, at least. I think it is OK to just
say that the TLS specification was wrong to mandate
TLS_RSA_WITH_AES_128_CBC_SHA, or don't mention it at all.
I don't know if RFC 5246 was *wrong*, but the situation on the ground has
changed since 2008.
I was wondering about the above as well. I think your document is updating MTI
or at least narrowing down recommended choices, and CBC_SHA is not one of them.
So deleting the two sentences quoted above is the best.
Hi Alexey,
We are not defining MTI, we are recommending which cipher suites to
negotiate. MTI (the bare minimum required for protocol interoperability)
unfortunately remains that old cipher suite.
And (for those who enjoy procedural nitpicking), the meaning of "MUST"
in a BCP is different from its meaning in a protocol definition.
Thanks,
Yaron
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
