Issue:
Sec. 4.1.1 has requirements on algorithm agility. They are important,
but insufficient. I propose to mention that when the tunnel method uses
certificates, it MUST be possible to migrate to new algorithms for such
certificates as well. (This possibly belongs in 4.2.1).
Comment:
Proposed Text in section 4.1.1:
" The tunnel method MUST NOT be tied to any single cryptographic
algorithm. Instead, it MUST support run-time negotiation to select
among an extensible set of cryptographic algorithms. This includes
algorithms used with certificates presented during tunnel establishment.
..."
--
Ticket URL: <http://trac.tools.ietf.org/wg/emu/trac/ticket/15#comment:1>
emu <http://tools.ietf.org/wg/emu/>
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
