> I'll add a section on this in the next rev. > > > > TLS_RSA_WITH_3DES_EDE_CBC_SHA. > > > > >[Joe] RFC4346 allows you define an application profile so we > wouldn't > >necessarily have to make this ciphersuite mandatory. > > Just found some interoperability issues with this > ciphersuite, so making it mandatory could be problematic :( > > Maybe we should stick with RC4 as mandatory, and add AES as a > SHOULD? RC4 definitely interoperates. > [Joe] I would be tempted to specify it the other way. I think we want to encourage AES implementation, RC4 I'm not so sure...
> >[Joe] what do you mean support and be able to negotiate? > Why not just > >support? > > Support should be sufficient. In some situations, not every > supported ciphersuite will be negotiable (e.g. in FIPS mode, > RC4 ciphersuites will not be negotiable). > [Joe] Right. I think we want it to be implemented, but it is up to the deployment requirements as to what is actually gets negotiated. _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
