On Mon, Feb 11, 2013 at 6:04 PM, Peter Gutmann
<pgut...@cs.auckland.ac.nz> wrote:
> Nico Williams <n...@cryptonector.com> writes:
>
>>I'd go further: this could be the start of the end of the cipher suite
>>cartesian product nonsense in TLS. Just negotiate {cipher, mode} and key
>>exchange separately, or possibly cipher, mode, and key exchange, in just the
>>same way as you propose negotiation of encrypt-then-MAC.
>
> Nonononono, we learned from the IKE mess that the Chinese-menu approach is
> vastly worse than the cipher-suite one. TLS has already tried the
> Chinese-menu approach to algorithms in TLS 1.2's ECC stuff, and it's at least
> as big a mess as IKE was (well, OK, I don't think anything can quite reach the
> IKE level, but it's getting there), which is why I had to write this:
SSHv2 has a this approach and it has not been a disaster there.
What's the issue exactly? ECC curve parameters? Something else?
Nico
--
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
