Hi Spencer, thanks for the review.
On 2/16/15 5:11 PM, Spencer Dawkins wrote:
Spencer Dawkins has entered the following ballot position for
draft-ietf-uta-tls-bcp-09: Yes
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
http://datatracker.ietf.org/doc/draft-ietf-uta-tls-bcp/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
This is great. Thanks for putting it together.
Just for my own edification, why would
o Implementations MUST support, and SHOULD prefer to negotiate,
cipher suites offering forward secrecy, such as those in the
Ephemeral Diffie-Hellman and Elliptic Curve Ephemeral Diffie-
Hellman ("DHE" and "ECDHE") families.
not also be "MUST prefer to negotiate"?
I think that would be better.
I found it strange that there's no hint of
5.2. Unauthenticated TLS and Opportunistic Security
In summary: this document does not apply to unauthenticated TLS use
cases.
until about halfway through page 15. If it's important to say this, maybe
it's better to say it earlier in the document?
Actually it's mentioned in the introduction:
These are minimum recommendations for the use of TLS in the vast
majority of implementation and deployment scenarios, with the
exception of unauthenticated TLS (see Section 5).
Peter
--
Peter Saint-Andre
https://andyet.com/
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
