On 20/05/2019 15:23, Salz, Rich wrote:
>>    I don't see it that way. As I understand it this is a completely different
>     protocol to standard TLS.
> That's an interesting point, but ... they use the SSL "name."

Which isn't even an IETF name...the IETF call it TLS ;-)

>> It is not intended to interoperate with it in any way.
> Is that true?  I didn't look closely at the protocol changes, but maybe 
> you're right.  On the other hand, if so, then why keep the existing IETF 
> numbers?

That was my understanding.

But perhaps Paul Yang can confirm?

>>    As a completely different protocol they can use whatever codepoints they 
>> want to
>     use as they see fit - and there is no conflict with IETF specifications.
> If you are correct, then yes I agree.  But that makes any OpenSSL integration 
> that much harder, doesn't it?  Would the project take on the work of making 
> things like the apps and tests work?  In particular, a new global flag saying 
> "tnssl" (or such), and failing to interop with existing TLS, checking the 
> modified cipher suites (and disallowing them for real TLS), etc.
Yes, we would have to take care that the two really are separate.


Reply via email to