On Tue, Feb 17, 2015 at 4:11 PM, Pete Resnick <presn...@qti.qualcomm.com> wrote:
> On 2/17/15 2:07 PM, Peter Saint-Andre - &yet wrote: > > On 2/17/15 12:49 PM, Alissa Cooper wrote: >> >> So my question is whether we should consider this document effectively >>> silent about the choice of cipher suites to be used when we standardize a >>> new application protocol in the IETF, or an update to an existing >>> protocol. >>> >> >> If an application protocol wishes to follow the recommendations here, >> someone needs to write a document that says so. >> > > What about new protocols? HTTPbis included a blacklist of the registered TLS cipher suites that should not be used, with one that is on the registered list as MTI. Is something like that needed more generally or is cleanup of the TLS registry of recommendations needed? https://datatracker.ietf.org/doc/draft-ietf-httpbis-http2 Section 9.2 and appendix A TLS registry: http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml The recommended list in this draft, section 4.2 includes cipher suites that were all registered for use with TLS 1.2 as far as I can tell. If this doesn't help, just ignore. -Kathleen > > > That is the impression that I get from the text right now, and >>> it doesn't quite match the way we've been using/citing the document in >>> some recent discussions of other drafts. >>> >> >> Do you have examples? >> > > http://tools.ietf.org/html/draft-ietf-paws-protocol-20#section-7 > > pr > > -- > Pete Resnick<http://www.qualcomm.com/~presnick/> > Qualcomm Technologies, Inc. - +1 (858)651-4478 > > > _______________________________________________ > Uta mailing list > Uta@ietf.org > https://www.ietf.org/mailman/listinfo/uta > -- Best regards, Kathleen
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
