> > > > > 5.2. Cipher Suites > > > > Operators MAY choose to disable older/weaker cipher > > suites for TLS > > despite the tradeoff of interoperability, for example, if > > the cipher > > suite specified in the specification is found weak in the future. > > > > **suggest > > > > Operators MAY choose to disable cipher suites for TLS > > that are regarded as too weak for the environment in which > > this specification is being used, especially older cipher > > suites. This MAY lead to a reduction of interoperability. > > It is likely that, in time, the cipher suite specified here > > will become subject to attack and the use of it will too be > > deprecated. > > OK, thanks!
First sentence, just: "Implementations MUST allow operators to disable cipher suites." Why operators do this and how old the suites are are totally irrelevant. Second sentence: MAY -> may Just my $.02, Richard
_______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
